Commit Graph

17871 Commits

Author SHA1 Message Date
Enji Cooper
532c3cde6a MFhead @ r304232 2016-08-16 18:32:01 +00:00
Brooks Davis
3bb0c17d3e Don't conflate enum nss_status return values values with int (NS_SUCCESS,
NS_RETURN) values.

Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D6046
2016-08-16 11:38:45 +00:00
Konstantin Belousov
1c1cc89580 The fdatasync(2) call must be cancellation point.
Sponsored by:	The FreeBSD Foundation
MFC after:	13 days
2016-08-16 08:27:03 +00:00
Konstantin Belousov
295af703a0 Add an implementation of fdatasync(2).
The syscall is a trivial wrapper around new VOP_FDATASYNC(), sharing
code with fsync(2).  For all filesystems, this commit provides the
implementation which delegates the work of VOP_FDATASYNC() to
VOP_FSYNC().  This is functionally correct but not efficient.

This is not yet POSIX-compliant implementation, because it does not
ensure that queued AIO requests are completed before returning.

Reviewed by:	mckusick
Discussed with:	avg (ZFS), jhb (AIO part)
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D7471
2016-08-15 19:08:51 +00:00
Xin LI
854023f054 Add timingsafe_bcmp and timingsafe_memcmp.
Obtained from:	OpenBSD
Reviewed by:	trasz
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D7280
2016-08-14 23:38:50 +00:00
Enji Cooper
6e4f4927ef MFhead @ r304091 2016-08-14 19:54:40 +00:00
Adrian Chadd
cb916ce754 [mips] convert over =v to =r for the inline assembly.
Later gcc and clang have deprecated =v (which maps to a specific temp
register) and instead we should just use =r to have the assembler
(hopefully!) save/restore things appropriately after choosing
a register.

Tested:

* AR9344 SoC, with userreg support
* AR9331 SoC, with no userreg support

Sponsored by:	Sponsored by: DARPA, AFRL (MIPS TLS user register work)
2016-08-14 19:04:37 +00:00
Martin Matuska
cfa49a9b0b MFV r304060:
Sync libarchive with vendor including three security fixes

Vendor issues fixed:

Issue #744: Very long pathnames evade symlink checks
Issue #748: libarchive can compress, but cannot decompress zip some files
PR #750: ustar: fix out of bounds read on empty string ("") filename
PR #755: fix use of acl_get_flagset_np() on FreeBSD

MFC after:	3 days
2016-08-14 09:26:10 +00:00
Enji Cooper
569e901835 MFhead @ r304038 2016-08-13 06:16:38 +00:00
Enji Cooper
8b8a0b8883 Initialize ai to NULL and test for ai with type-appropriate values
Depending on the address family and ai_flags containing AI_V4MAPPED,
it might not do a proper DNS lookup on the provided DNS address

Convert some `ai` boolean true/false checks to NULL/non-NULL while here.

MFC after:	1 week
PR:		211790
Reported by:	Herbie.Robinson@stratus.com
Sponsored by:	EMC / Isilon Storage Division
2016-08-13 02:05:06 +00:00
Enji Cooper
04ee829f13 Increase timeout from 10 minutes to 20 minutes for all tests
On particular slow networks, it can (on average) take longer to
resolve hosts to IP* addresses. 20 minutes seemed reasonable for
my work network

This will be solved in a more meaningful way (if possible) using
concurrency in the near future

MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division
2016-08-13 01:49:11 +00:00
Enji Cooper
09797f9dce Adjust CFLAGS for fmod_test so it can find isqemu.h
Sponsored by: EMC / Isilon Storage Division
2016-08-13 01:40:08 +00:00
Konstantin Belousov
f214036e99 Move defines common between rtld and libsysdecode into the header,
instead of copying inline into sources.

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2016-08-12 19:31:41 +00:00
Enji Cooper
640235e2c2 Checkpoint initial integration work
- Some of the lib/libc and lib/thr tests fail
- lib/msun/exp_test:exp2_values now passes with clang 3.8.0

The Makefiles in contrib/netbsd-tests were pruned as they have no value

Sponsored by: EMC / Isilon Storage Division
2016-08-12 08:50:05 +00:00
Konstantin Belousov
68e9b1e8e1 Decode 32bit utrace records on the 64bit host.
Suppose that ktrace is performed on 32bit binary running on 64bit
host.  In this case, the kernel records are 64bit, while utrace
records from rtld and malloc are 32bit.  Make kdump useful to see
decoded utrace data in that case.

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2016-08-12 07:54:59 +00:00
Ed Schouten
e2f6816100 Reimplement dirname(3) to be thread-safe.
Now that we've updated the prototypes of the basename(3) and dirname(3)
functions to conform to POSIX, let's go ahead and reimplement dirname(3)
in such a way that it's thread-safe, but also guaranteed to succeed. C
libraries like glibc, musl and the one that's part of Solaris already
follow such an approach.

Move the existing implementation to another source file,
freebsd11_dirname.c to keep existing users of the API that pass in a
constant string happy, using symbol versioning.

Put a new version of the function in dirname.c, obtained from CloudABI's
C library. This version scans through the pathname string from left to
right, normalizing it, while discarding the last pathname component.

Reviewed by:	emaste, jilles
Differential Revision:	https://reviews.freebsd.org/D7355
2016-08-12 07:03:58 +00:00
Enji Cooper
5a629b7e69 Remove CVS directories accidentally added in r303980 2016-08-12 06:16:14 +00:00
Enji Cooper
014db25b98 Update ^/vendor/NetBSD/tests/dist to a more recent snapshot
Pulled on "Thu Aug 11 18:01:19 PDT 2016"
2016-08-12 01:05:07 +00:00
Ed Schouten
5f521d7ba7 Make libcrypt thread-safe. Add crypt_r(3).
glibc has a pretty nice function called crypt_r(3), which is nothing
more than crypt(3), but thread-safe. It accomplishes this by introducing
a 'struct crypt_data' structure that contains a buffer that is large
enough to hold the resulting string.

Let's go ahead and also add this function. It would be a shame if a
useful function like this wouldn't be usable in multithreaded apps.
Refactor crypt.c and all of the backends to no longer declare static
arrays, but write their output in a provided buffer.

There is no need to do any buffer length computation here, as we'll just
need to ensure that 'struct crypt_data' is large enough, which it is.
_PASSWORD_LEN is defined to 128 bytes, but in this case I'm picking 256,
as this is going to be part of the actual ABI.

Differential Revision:	https://reviews.freebsd.org/D7306
2016-08-10 15:16:28 +00:00
John Baldwin
2a7f2aec96 Remove obsolete manpage that is not currently installed. 2016-08-09 22:10:40 +00:00
Pedro F. Giffuni
e49b19c64b libpcap: replace comma with semicolon when pertinent.
Uses of commas instead of a semicolons can easily go undetected. The comma
can serve as a statement separator but this shouldn't be abused when
statements are meant to be standalone.

Detected with devel/coccinelle following a hint from DragonFlyBSD.

MFC after:	1 month
2016-08-09 19:44:33 +00:00
Pedro F. Giffuni
8e60fa95cb libc/rpc: replace comma with semicolon when pertinent.
Uses of commas instead of a semicolons can easily go undetected. The comma
can serve as a statement separator but this shouldn't be abused when
statements are meant to be standalone.

Detected with devel/coccinelle following a hint from DragonFlyBSD.

MFC after:	1 month
2016-08-09 19:20:53 +00:00
Bryan Drewery
2af16ec8f2 Revert r298434 which should be fixed by r301287, r301394, and r301403.
PR:	208703, 208963
2016-08-08 17:59:59 +00:00
Adrian Chadd
b812fe4d6b [mips] add support for using the MIPS user register for TLS data.
This work, originally from Stacey Son, uses the MIPS UserReg for
reading the TLS data, and will fall back to the normal syscall path
when it isn't supported.

This code dynamically patches cpu_switch() to bypass the UserReg
instruction so to avoid generating a machine exception.

Thanks to sson for the original work, and to Dan Nelson for
bringing it to date and testing it on MIPS32 with me.

Tested:

* mips64 (sson)
* mips74k (dnelson_1901@yahoo.com) - AR9344 SoC, UserReg support
* mips24k (adrian) - AR9331 SoC, no UserReg support

Obtained from:	sson, dnelson_1901@yahoo.com
2016-08-07 01:29:55 +00:00
Konstantin Belousov
b585cd3e2c Add __cxa_thread_atexit(3) API implementation.
This is the backing feature to implement C++11 thread storage duration
specified by the thread_local keyword.  A destructor for given
thread-local object is registered to be executed at the thread
termination time using __cxa_thread_atexit().  Libc calls the
__cxa_thread_calls_dtors() during exit(3), before finalizers and
atexit functions, and libthr calls the function at the thread
termination time, after the stack unwinding and thread-specific key
destruction.

There are several uncertainties in the API which lacks a formal
specification.  Among them:
- is it allowed to register destructors during destructing;
	we allow, but limiting the nesting level.  If too many iterations
	detected, a diagnostic is issued to stderr and thread forcibly
	terminates for now.
- how to handle destructors which belong to an unloading dso;
	for now, we ignore destructor calls for such entries, and
	issue a diagnostic.  Linux does prevent dso unload until all
	threads with destructors from the dso terminated.
It is supposed that the diagnostics allow to detect real-world
applications relying on the above details and possibly adjust
our implementation.  Right now the choices were to provide the slim
API (but that rarely stands the practice test).

Tests are added to check generic functionality and to specify some of
the above implementation choices.

Submitted by:	Mahdi Mokhtari <mokhi64_gmail.com>
Reviewed by:	theraven
Discussed with:	dim (detection of -std=c++11 supoort for tests)
Sponsored by:	The FreeBSD Foundation (my involvement)
MFC after:	2 weeks
Differential revisions:	https://reviews.freebsd.org/D7224,
    https://reviews.freebsd.org/D7427
2016-08-06 13:32:40 +00:00
Konstantin Belousov
c3bbb3be4e Create namespace for the symbols added during 12-CURRENT cycle.
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2016-08-06 13:28:58 +00:00
Sergey Kandaurov
18ac59f431 Grammar fixes. 2016-08-04 11:38:53 +00:00
Sergey Kandaurov
eb6a434243 mdoc: The .Fn function. 2016-08-04 11:22:51 +00:00
Andrey A. Chernov
20e37fa8ca Although the code amount is not big, move POSIX error processing into
two sepatate functions to make glob(3) code less obscure and more simple.
There is no needs to make them inline since it is error path which supposed
to not happes often.
2016-08-03 09:09:34 +00:00
Ed Schouten
a813fdc6c3 mprotect(): Change prototype to comply to POSIX.
Our mprotect() function seems to take a "const void *" address to the
pages whose permissions need to be adjusted. POSIX uses "void *". Simply
stick to the POSIX one to prevent us from writing unportable code.

PR:		211423 (exp-run)
Tested by:	antoine@ (Thanks!)
2016-08-03 06:33:04 +00:00
Bryan Drewery
a8d890b4fb Add link for getnetgrent_r(3).
MFC after:	3 days
Sponsored by:	EMC / Isilon Storage Division
2016-08-02 23:46:32 +00:00
Conrad Meyer
ce601a2676 proc_init: Fix a few memory leaks of 'phdl'
In the normal case and correct failure cases, the 'phdl' pointer is passed to
callers to use or clean up as needed.  However, some failure cases returned
early, failing to export the phdl pointer.

This was introduced in the restructuring of r303533.

Reported by:	Coverity
CID:		1361070
Reviewed by:	markj
Sponsored by:	EMC / Isilon Storage Division
2016-08-02 18:13:50 +00:00
Ed Schouten
9c24291370 Fix up setgrent(3) to have a POSIX-compliant prototype.
Just like with freelocale(3), I haven't been able to find any piece of
code that actually makes use of this function's return value, both in
base and in ports. The reason for this is that FreeBSD seems to be the
only operating system to have such a prototype. This is why I'm deciding
to not use symbol versioning for this.

It does seem that the pw(8) utility depends on the function's typing and
already had a switch in place to toggle between the FreeBSD and POSIX
variant of this function. Clean this up by always expecting the POSIX
variant.

There is also a single port that has a couple of local declarations of
setgrent(3) that need to be patched up. This is in the process of being
fixed.

PR:		211394 (exp-run)
2016-07-31 08:05:15 +00:00
Andrey A. Chernov
000b8f832a In addition to prev. commit. Since potentially glob2() can return error
without setting errno, restore errno before its call.
2016-07-31 02:28:50 +00:00
Andrey A. Chernov
869eb80c16 Both C99 and POSIX directly prohibits any standard function to set errno
to 0. Breaking this rule in 2001 NetBSD hack was imported which attempts
to workaround very limited glob() return codes amount. Use POSIX-compatible
workaround now with E2BIG which can't comes from other functions used
instead of prohibited 0.
2016-07-31 01:14:06 +00:00
Andrey A. Chernov
15cb786674 Rework r303074 case 4. Don't immediatelly skip directory entries which
cause MAXPATHLEN exceeded. Process them first through gl_errfunc() and
GLOB_ERR.
2016-07-30 03:11:54 +00:00
Mark Johnston
4808a67805 libproc: Add proc_getmodel().
This is used by libdtrace to determine the data model of target processes.
This allows for the creation of pid provider probes in 32-bit processes on
amd64.

MFC after:	1 month
2016-07-30 03:09:23 +00:00
Mark Johnston
700244a246 Add descriptions for fields in struct proc_handle.
Remove the unused kq field and some unnecessary includes.

MFC after:	1 month
2016-07-30 03:07:14 +00:00
Mark Johnston
a7e13d50fe librtld_db: Use the auxv to figure out where to look up loader symbols.
Previously, librtld_db just hardcoded /libexec/ld-elf.so, which isn't
correct for processes that aren't using the native ABI. With this change,
librtld_db can be used to inspect non-native processes; in particular,
dtrace -c now works for 32-bit executables on amd64.

MFC after:	1 month
2016-07-30 03:05:23 +00:00
Andrey A. Chernov
e04d8562b6 Reset errno for readdirfunc() before contunue. 2016-07-30 02:09:11 +00:00
Baptiste Daroussin
999c1fd64b Remove usage of _WITH_DPRINTF 2016-07-30 01:16:06 +00:00
Baptiste Daroussin
04f36dc654 Remove last traces of _WITH_GETLINE 2016-07-30 01:13:54 +00:00
Baptiste Daroussin
dd47921eac Remove _WITH_GETLINE and _WITH_DPRINTF guards
When adding getline(3) and dprintf(3) into libc, those guards were added
to prevent breaking too many ports.

7 years later the ports tree have been fixed, it is time to remove this
FreeBSDism

While here remove the extra parenthesis surrounding dprintf(3)
2016-07-30 01:00:16 +00:00
Ed Schouten
718fe473dd Change the return type of freelocale(3) to void.
Our version of this function currently returns an integer indicating
failure or success, whereas POSIX specifies that this function has no
return value. It returns void. Patch up the header, sources and man page
to use the right type. While there, use the opportunity to simplify the
body of this function.

Theoretically speaking, this change breaks the ABI of this function.
That said, I have yet to find any code that makes use of freelocale()'s
return value. I couldn't find any of it in the base system, nor did an
exp-run reveal any breakage caused by this change.

PR:		211394 (exp-run)
2016-07-29 17:18:47 +00:00
Ed Schouten
329ecc7f94 Mention that basename(3) and dirname(3) will change in the future.
Update the existing manual pages for basename(3) and dirname(3) to
mention that in future versions of FreeBSD, these functions will no
longer use internal buffers for storing the results.

MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D7356
2016-07-29 16:25:09 +00:00
John Baldwin
57fe078650 Note that not all optional ptrace events use SIGTRAP.
New child processes attached due to PTRACE_FORK use SIGSTOP instead of
SIGTRAP.  All other ptrace events use SIGTRAP.
2016-07-28 20:51:29 +00:00
Ed Schouten
938809f941 Fix up prototypes of basename(3) and dirname(3) to comply to POSIX.
POSIX allows these functions to be implemented in a way that the
resulting string is stored in the input buffer. Though some may find
this annoying, this has the advantage that it makes it possible to
implement this function in a thread-safe way. It also means that they
can be implemented in a way that they work for paths of arbitrary
length, as the output string of these functions is never longer than
max(1, len(input)).

Portable code already needs to be written with this in mind, so in my
opinion it makes very little sense to allow the existing behaviour.
Prevent the base system from falling back to this by switching over to
POSIX prototypes.

I'm not going to bump the __FreeBSD_version for this. The reason is that
it's possible to account for this change in a portable way, without
depending on a specific version of FreeBSD. An exp-run was done some
time ago. As far as I know, all regressions as a result of this have
already been fixed.

I'll give this change some time to settle. In the long run I want to
replace our copies by ones that are thread-safe and don't depend on
PATH_MAX/MAXPATHLEN.
2016-07-28 16:20:27 +00:00
Ed Schouten
d9c4cd2fbc Change the return type of msgrcv() to ssize_t as required by POSIX.
It looks like the msgrcv() system call is already written in such a way
that the size is internally computed as a size_t and written into all of
td_retval[0]. This means that it is effectively already returning
ssize_t. It's just that the userspace prototype doesn't match up.
2016-07-28 12:22:01 +00:00
Ed Schouten
b4a395a41b Add NI_NUMERICSCOPE.
POSIX also declares NI_NUMERICSCOPE, which makes getnameinfo() return a
numerical scope identifier. The interesting thing is that support for
this is already present in code, but #ifdef disabled. Expose this
functionality by placing a definition for it in <netdb.h>.

While there, remove references to NI_WITHSCOPEID, as that got removed 11
years ago.
2016-07-28 10:05:41 +00:00
Konstantin Belousov
bf890e4877 Remove empty initializer for the once facility. It was not needed
since r179417.

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2016-07-27 15:14:11 +00:00
Ed Schouten
8de6c26711 Fix typing of srandom() and initstate().
POSIX requires that these functions have an unsigned int for their first
argument; not an unsigned long.

My reasoning is that we can safely change these functions without
breaking the ABI. As far as I know, our supported architectures either
use registers for passing function arguments that are at least as big as
long (e.g., amd64), or int and long are of the same size (e.g., i386).

Reviewed by:	ache
Differential Revision:	https://reviews.freebsd.org/D6644
2016-07-26 20:11:29 +00:00
Andrey A. Chernov
a5ab035dd7 1) POSIX defines well when GLOB_NOMATCH or original pattern
(instead) should be returned, so we can't return GLOB_NOMATCH blindly
just because we dislike something in the pattern.

2) Remove extra condition.
2016-07-23 03:49:02 +00:00
Andrey A. Chernov
09264d7448 1) We need the original pattern (in the next round of changes) not only in
case it fully constructed, but for half-constructed too, so have no
other choice to pass original pattern from glob() down to globextend()
instead of attempt to reconstruct I implement previously.

2) Instead of copy&paste the same big enough code, make function for it:
globfinal().
2016-07-23 01:21:58 +00:00
John Baldwin
9c20dc9963 Add more documentation regarding unsafe AIO requests.
The asynchronous I/O changes made previously result in different
behavior out of the box. Previously all AIO requests failed with
ENOSYS / SIGSYS unless aio.ko was explicitly loaded. Now, some AIO
requests complete and others ("unsafe" requests) fail with EOPNOTSUPP.

Reword the introductory paragraph in aio(4) to add a general
description of AIO before describing the vfs.aio.enable_unsafe sysctl.

Remove the ENOSYS error description from aio_fsync(2), aio_read(2),
and aio_write(2) and replace it with a description of EOPNOTSUPP.

Remove the ENOSYS error description from aio_mlock(2).

Log a message to the system log the first time a process requests an
"unsafe" AIO request that fails with EOPNOTSUPP. This is modeled on
the log message used for processes using the legacy pty devices.

Reviewed by:	kib (earlier version)
MFC after:	1 week
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D7151
2016-07-21 22:49:47 +00:00
Ed Maste
60a4cd8411 libmd: strip local absolute symbols (to link with lld)
Old versions of gas produce an invalid section index. That is ignored by
old versions of ld, but prevents a link with lld.

Submitted by:	Rafael Ávila de Espíndola (earlier version)
Reviewed by:	allanjude
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D6789
2016-07-21 18:47:51 +00:00
Andrey A. Chernov
bd7a98506c 1) GLOB_BRACE was somewhat broken. First it repeatedly calls glob0() in
globexp1() recursive calls, but glob0() was not supposed to be called
repeatedly in the original code. It finalize results by possible adding
original pattern for no match case, may return GLOB_NOMATCH error and
by sorting all things. Original pattern adding or GLOB_NOMATCH error
can happens each time glob0() called repeatedly, and sorting happens
for one item only, all things are never sorted. Second, f.e. "a{a"
pattern does not match "a{a" file but match "a" file instead
(just one example, there are many). Third, some errors (f.e. for limits
or overflow) can be ignored by GLOB_BRACE code because it forces return (0).
Add non-finalizing flag to glob0() and make globexp0() wrapper around
recursively called globexp1() to finalize things like glob0() does.
Reorganize braces code to work correctly.

2) Don't allow MB_CUR_MAX * strlen overallocation hits GLOB_LIMIT_STRING
(ARG_MAX) limit, use final string length, not malloced space for it.

3) Revive DEBUG-ifdefed section.
2016-07-21 12:53:36 +00:00
Niclas Zeising
2dc6ff9b9d Change wording to use function rather than system call in the description
as well.

Reviewed by:	brooks
MFC after:	5 days
2016-07-20 18:16:58 +00:00
Brooks Davis
a0a2a8b563 Update to reflect the fact that pipe() is a wrapper around the pipe2()
system call.

Reviewed by:	jhb, wblock
MFC after:	5 days
Sponsored by:	DAPRA, AFRL
Differential Revision:	https://reviews.freebsd.org/D6948
2016-07-20 18:02:07 +00:00
Andrey A. Chernov
7455a07a9f In addition to r303074 case 1, search for protected L'/' too in globtilde() 2016-07-20 12:46:21 +00:00
Andrey A. Chernov
aed721ec51 1) Per POSIX (and glibc) GLOB_NOCHECK should return original pattern,
unmodified, if no matches found. But our original code strips all '\'
returning it. Rewrite the code to allow to reconstruct exact the
original pattern with backslashes for this case.

2) Prevent to use truncated pattern if MAXPATHLEN exceeded, return
GLOB_NOMATCH instead.

3) Fix few end loop conditions filling Char arrays with mbrtowc(),
MB_CUR_MAX is unneeded in two places and condition is less by one
in other place.

4) Prevent to use truncated filenames match if MAXPATHLEN exceeded,
skip such directory entries.

5) Don't end *pathend with L'/' in glob3() if limit is reached, this
change will be not visible since error is returned.

6) If error happens in (*readdirfunc)(), do the same GLOB_ABORTED
processing as for g_opendir() as POSIX requires.
2016-07-20 07:30:44 +00:00
Pedro F. Giffuni
5c4d28f5dc libc: tag the Rune initialization function prototypes visibility as hidden.
It is good practice to export as few symbols as possible from your shared
libraries, so use the GCC visibility attribute in this case, matching what
Apple's libc does.

Reference:
https://developer.apple.com/library/mac/documentation/DeveloperTools/Conceptual/CppRuntimeEnv/Articles/SymbolVisibility.html

Hinted by:	Apple's libc 1082.20.4
MFC after:	1 week
2016-07-19 20:22:13 +00:00
Andrey A. Chernov
eef722c337 1) Don't protect \/ and \. even if user say so. They are not special chars
in any case and needed for further processing. For ~ expansion too.

2) Don't terminate *pathend with / when GLOB_LIMIT_STAT is reached, it will
be not visible outside in any case since error is returned.

3) Cosmetic: change if expression to better reflect its semantic.
2016-07-19 00:25:27 +00:00
Andrey A. Chernov
e9c0137235 g_Ctoc() conversion buffers are smaller than needed up to MB_CUR_MAX - 1
since whole conversion needs a room for (len >= MB_CUR_MAX). It is no
difference when MB_CUR_MAX == 1, but for multi-byte locales last few chars
('\0' and before) may need just one byte, and the rest of MB_CUR_MAX - 1
space becomes unavailable in the MAXPATHLEN-sized buffer, which cause
conversion error on near MAXPATHLEN long pathes.

Increase g_Ctoc() conversion buffers to MB_LEN_MAX - 1.
2016-07-18 20:24:13 +00:00
Andrey A. Chernov
d67355c507 Change patch from r303004 case 3. According to POSIX gl_errfunc should be
called first, then GLOB_ERR should be considered.
2016-07-18 19:20:49 +00:00
Andrey A. Chernov
196d61a92b 1) Add all characters from ~ expansion as protected to be not interpreted
as pattern meta chars.

2) GLOB_ERR and gl_errfunc are supposed to work only for real directories
per POSIX, so don't act on missing or plain files, for ENOENT or ENOTDIR
(as TODO in the code suggested).

3) Remove the hack in the manpage describing how to skip ENOENT and ENOTDIR
in gl_errfunc, it is unneeded now.

4) Set errno to ENAMETOOLONG if g_Ctoc() expansion fails in g_opendir(),
as in other places in the code which are wrappers around system functions.
2016-07-18 18:24:31 +00:00
Andrey A. Chernov
f4d4982ea6 1) POSIX defines well when GLOB_ABORTED can be returned (only for directory
open/read errors and with GLOB_ERR and gl_errfunc processing), so we can't
blindly return it on any MAXPATHLEN overflow. Even our manpage disagrees
with such GLOB_ABORTED usage. Use GLOB_NOSPACE for that now with errno is
set to 0 as for limits.

2) Return GLOB_NOSPACE when valid ~ expansion can't happens due to
MAXPATHLEN overflow too.

3) POSIX (and our manpage) says, if GLOB_ERR is set, GLOB_ABORTED should
be returned immediatelly, without using gl_errfunc. Implement it now.
2016-07-18 16:06:21 +00:00
John Baldwin
fc4f075a1a Add PTRACE_VFORK to trace vfork events.
First, PL_FLAG_FORKED events now also set a PL_FLAG_VFORKED flag when
the new child was created via vfork() rather than fork().  Second, a
new PL_FLAG_VFORK_DONE event can now be enabled via the PTRACE_VFORK
event mask.  This new stop is reported after the vfork parent resumes
due to the child calling exit or exec.  Debuggers can use this stop to
reinsert breakpoints in the vfork parent process before it resumes.

Reviewed by:	kib
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D7045
2016-07-18 14:53:55 +00:00
Will Andrews
ffdeef3234 libkvm: Improve physical address lookup scaling.
Instead of using a hash table to convert physical page addresses to offsets
in the sparse page array, cache the number of bits set for each 4MB chunk of
physical pages.  Upon lookup, find the nearest cached population count, then
add/subtract the number of bits from that point to the page's PTE bit.
Then multiply by page size and add to the sparse page map's base offset.

This replaces O(n) worst-case lookup with O(1) (plus a small number of bits
to scan in the bitmap).  Also, for a 128GB system, a typical kernel core of
about 8GB will now only require ~4.5MB of RAM for this approach instead of
~48MB as with the hash table.

More concretely, /usr/sbin/crashinfo against the same core improves from a
max RSS of 188MB and wall time of 43.72s (33.25 user 2.94 sys) to 135MB and
9.43s (2.58 user 1.47 sys).  Running "thread apply all bt" in kgdb has a
similar RSS improvement, and wall time drops from 4.44s to 1.93s.

Reviewed by:	jhb
Sponsored by:	Backtrace I/O
2016-07-18 01:55:25 +00:00
Will Andrews
8fb15a24ce libkvm: Bounds check (more) PTE indices. 2016-07-18 01:03:39 +00:00
Will Andrews
197eca22ed libkvm: Put private kvm routines in kvm_private.c. 2016-07-18 01:02:52 +00:00
Andrey A. Chernov
1cecacfe73 Reflect pathnames sorting in collation order. 2016-07-17 13:10:57 +00:00
Andrey A. Chernov
7e9488dda3 In g_Ctoc() apply CHAR() macro to *str to strip all flags. It gains nothing
right now, but some architectures theoretically may 64-bit wchar_t and the
code looks more correct.
2016-07-17 11:25:24 +00:00
Andrey A. Chernov
aa3d69a636 1) This file full of direct char <-> wchar_t assignment, not converted, cut
them down. This hack still remains:
 * 2. Illegal byte sequences in filenames are handled by treating them as
 *    single-byte characters with a values of such bytes of the sequence
 *    cast to wchar_t.

2) Reword the comment in the hack above to reflect implementation.

3) Protect signed wchar_t from sign extension when a signed char is assigned
to it in the hack above.

3) Corresponding backward hack in g_Ctoc() was not implemented, so all
pathes with illegal byte sequences are skipped as result, implement it now.

4) globtilde() forget to convert expanded user home dir from multibyte to
wchar.

5) Protect globtilde() from long expansion truncation.

6) Results was not sorted according to collate as POSIX requires.
2016-07-17 09:39:59 +00:00
Baptiste Daroussin
73a33477ca Add a regression test to make sure the Russian collation is actually working
when importing collation support from Dragonfly/Illumos amdmi3@ tested the
collation branch and reported an issue with Russian collation. John Marino fixed
the issue in Dragonfly and I merged it back to FreeBSD.

Now that Illumos is working on merging our fixes they (Lauri Tirkkonen) found
issues with the commit that fixes the russian collation in UTF-8 that resulted
in a crash with strxfrm(3) and the ISO-8859-5 locale (fixed in FreeBSD r302916).
This small test was written to ensure we do not bring back the old issue with
russian collation while fixing the other issue.
2016-07-15 23:43:23 +00:00
Baptiste Daroussin
01f8ac1bec Add a regression test about the crash with strxfrm and ISO8859-5 locales 2016-07-15 23:24:00 +00:00
Baptiste Daroussin
dee0bbbdca Revert 302324 and properly fix the crash with ISO-8859-5 locales
PR:		211135
Reported by:	jkim
Tested by:	jkim
MFC after:	2 days
2016-07-15 23:03:20 +00:00
John Baldwin
8d570f64aa Add a mask of optional ptrace() events.
ptrace() now stores a mask of optional events in p_ptevents.  Currently
this mask is a single integer, but it can be expanded into an array of
integers in the future.

Two new ptrace requests can be used to manipulate the event mask:
PT_GET_EVENT_MASK fetches the current event mask and PT_SET_EVENT_MASK
sets the current event mask.

The current set of events include:
- PTRACE_EXEC: trace calls to execve().
- PTRACE_SCE: trace system call entries.
- PTRACE_SCX: trace syscam call exits.
- PTRACE_FORK: trace forks and auto-attach to new child processes.
- PTRACE_LWP: trace LWP events.

The S_PT_SCX and S_PT_SCE events in the procfs p_stops flags have
been replaced by PTRACE_SCE and PTRACE_SCX.  PTRACE_FORK replaces
P_FOLLOW_FORK and PTRACE_LWP replaces P2_LWP_EVENTS.

The PT_FOLLOW_FORK and PT_LWP_EVENTS ptrace requests remain for
compatibility but now simply toggle corresponding flags in the
event mask.

While here, document that PT_SYSCALL, PT_TO_SCE, and PT_TO_SCX both
modify the event mask and continue the traced process.

Reviewed by:	kib
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D7044
2016-07-15 15:32:09 +00:00
John Baldwin
463970da7b Add documentation for the sigevent structure.
- Add a sigevent(3) manpage to give a general overview of the sigevent
  structure and the available notification mechanisms.
- Document that AIO requests contain a nested sigevent structure that can
  be used to request completion notification.
- Expand the sigevent details in other manuals to note details such as
  the extra values stored in a queued signal's information or in a posted
  kevent.

Reviewed by:	kib
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D7122
2016-07-15 15:12:56 +00:00
John Baldwin
76793d4d51 Fix aio system call wrappers in librt.
- Update aio_return/waitcomplete wrappers for the ssize_t return type.
- Fix the aio_return() wrapper to fail with EINVAL on a pending job.
  This matches the semantics of the in-kernel system call.  Also,
  aio_return() returns errors via errno, not via the return value.

Reviewed by:	kib (earlier version)
MFC after:	1 week
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D7120
2016-07-14 23:28:53 +00:00
Andrey A. Chernov
12eae8c8f3 1) Eliminate possibility to call __*collate_range_cmp() with inclomplete
locale (which cause core dump) by removing whole 'table' argument
by which it passed.

2) Restore __collate_range_cmp() in __sccl().

3) Collating [a-z] range in regcomp() only for single bytes locales
(we can't do it now for other ones). In previous state only first 256
wchars are considered and all others are just silently dropped from the
range.
2016-07-14 09:07:25 +00:00
Andrey A. Chernov
1daad8f5ad Back out non-collating [a-z] ranges.
Instead of changing whole course to another POSIX-permitted way
for consistency and uniformity I decide to completely ignore missing
regex fucntionality and concentrace on fixing bugs in what we have now,
too many small obstacles instead, counting ports.
2016-07-14 08:18:12 +00:00
Edward Tomasz Napierala
336696be15 Add some .Xrs to getloginclass(2).
MFC after:	1 month
2016-07-12 06:00:57 +00:00
Andrey A. Chernov
5a5807dd4c Remove broken support for collation in [a-z] type ranges.
Only first 256 wide chars are considered currently, all other are just
dropped from the range. Proper implementation require reverse tables
database lookup, since objects are really big as max UTF-8 (1114112
code points), so just the same scanning as it was for 256 chars will
slow things down.

POSIX does not require collation for [a-z] type ranges and does not
prohibit it for non-POSIX locales. POSIX require collation for ranges
only for POSIX (or C) locale which is equal to ASCII and binary for
other chars, so we already have it.

No other *BSD implements collation for [a-z] type ranges.

Restore ABI compatibility with unused now __collate_range_cmp() which
is visible from outside (will be removed later).
2016-07-10 03:49:38 +00:00
Glen Barber
a33ae599bb Bump FREEBSD_CC_VERSION in lib/clang/freebsd_cc_version.h
Submitted by:	bdrewery
Approved by:	re (implicit)
Sponsored by:	The FreeBSD Foundation
2016-07-08 01:47:01 +00:00
Glen Barber
ae940db11f Reflect head is now 12.0-CURRENT.
Approved by:	re (implicit)
Sponsored by:	The FreeBSD Foundation
2016-07-08 00:12:29 +00:00
Jilles Tjoelker
2740b654c6 fcntl(2): Document interrupt/restart for file locks.
Since r302216, thread suspension causes advisory file locks to restart
(instead of continuing to wait) and for a long time SA_RESTART has
affected advisory file locks. These are both not compliant to POSIX.1.

To clarify that restarting means something, add a paragraph about fair
queuing. Note that the network lock manager does not implement fair
queuing.

Reviewed by:	kib (previous version)
Approved by:	re (gjb)
2016-07-07 21:44:59 +00:00
Baptiste Daroussin
a8bacd6f93 Fix a bad test resulting in a segfault with ISO-8859-5 locales
Reported by:	Lauri Tirkkonen from Illumos
Approved by:	re@ (gjb)
2016-07-03 15:00:12 +00:00
Ed Maste
b689d9268f libcxxrt: correct mangled "typeinfo name" symbols in Version.map
r260553 added missing C++ typinfos to libcxxrt's version script.
It appears that a number of duplicate mangled symbols were added due to
a cut and paste error. Switch the second instances to _ZTS*,
typeinfo name for *.

Found by lld, which produces an error or warning for duplicate symbols.

Reviewed by:	dim
Approved by:	re (gjb)
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D7011
2016-06-29 11:48:42 +00:00
Bryan Drewery
77c7a21036 Use on crypto.x and rpc.x from the source tree.
This fixes the build when DESTDIR may be blank or not yet populated.
It also fixes reproducibility.

Submitted by:	brooks
Approved by:	re (gjb)
Differential Revision:	https://reviews.freebsd.org/D6455
2016-06-28 19:53:16 +00:00
Cy Schubert
3e04b0a043 This commit addresses regression introduceded in r302177
(WITH_SYSTEM_COMPILER: Enable by default) and it's prerequisite: r300354,
caused i386 builds to fail when cross-built on an amd64 host.

Reviewed by:	bdrewery, delphij, gjb
Approved by:	re (gjb)
2016-06-28 07:47:42 +00:00
Xin LI
424340f2c7 Fix build: explicitly reference the generated magic.h as dependency
of mkmagic and point its location.

Reported by:	jenkins
Pointy hat to:	delphij
MFC after:	2 weeks
X-MFC-With:	302221
Approved by:	re (kib)
2016-06-27 06:41:11 +00:00
Xin LI
282e23f07b MFV r302218: file 5.28.
Relnotes:	yes
MFC after:	2 weeks
Approved by:	re (gjb)
2016-06-27 01:29:17 +00:00
Konstantin Belousov
4edfc1e3bf Revert r302194, there are issues with some applications after changing
the return value, in particular console-kit-daemon.

Reported by:	Ivan Klymenko <fidaj@ukr.net>
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Approved by:	re (gjb)
2016-06-25 20:20:24 +00:00
Konstantin Belousov
a068480247 For pthread_mutex_trylock() call on owned error-check or non-portable
adaptive mutex, return EDEADLK as required by POSIX.  The
pthread_mutex_lock() is already compliant.

Tested by:	Guy Yur <guyyur@gmail.com>
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Approved by:	re (gjb)
2016-06-25 11:30:40 +00:00
Hans Petter Selasky
56c926d077 Resolve issue with libusb C++ header file inclusion.
Approved by:	re (marius)
PR:		210509
MFC after:	1 week
2016-06-24 10:55:14 +00:00
Hans Petter Selasky
a0c93fa361 Add support for USB streams to the LibUSB v1.0 API and update the
libusb(3) manual page.

Approved by:	re (gjb)
Requested by:	swills
MFC after:	1 week
2016-06-23 07:12:22 +00:00
Brooks Davis
b60998c633 Replace use of the pipe(2) system call with pipe2(2) with a zero flags
value.

This eliminates the need for machine dependant assembly wrappers for
pipe(2).

It also make passing an invalid address to pipe(2) return EFAULT rather
than triggering a segfault.  Document this behavior (which was already
true for pipe2(2), but undocumented).

Reviewed by:	andrew
Approved by:	re (gjb)
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D6815
2016-06-22 21:11:27 +00:00
Hans Petter Selasky
7bdc064b0b Implement libusb_hotplug_register_callback() and
libusb_hotplug_deregister_callback() for the LibUSB v1.0 API and
update the libusb(3) manual page.

Approved by:	re (kib)
Requested by:	swills
MFC after:	1 week
2016-06-22 10:38:41 +00:00
Martin Matuska
f061a2215f MFV r302003,r302037,r302038,r302056:
Update libarchive to 3.2.1 (bugfix and security fix release)

List of vendor fixes:
- fix exploitable heap overflow vulnerability in Rar decompression
  (vendor issue 719, CVE-2016-4302, TALOS-2016-0154)
- fix exploitable stack based buffer overflow vulnebarility in mtree
  parse_device functionality (vendor PR 715, CVE-2016-4301, TALOS-2016-0153)
- fix exploitable heap overflow vulnerability in 7-zip read_SubStreamsInfo
  (vendor issue 718, CVE-2016-4300, TALOS-2016-152)
- fix integer overflow when computing location of volume descriptor
  (vendor issue 717)
- fix buffer overflow when reading a crafred rar archive (vendor issue 521)
- fix possible buffer overflow when reading ISO9660 archives on machines
  where sizeof(int) < sizeof(size_t) (vendor issue 711)
- tar and cpio should fail if an input file named on the command line is
  missing (vendor issue 708)
- fix incorrect writing of gnutar filenames that are exactly 512 bytes
  long (vendor issue 682)
- allow tests to be run from paths that are equal or longer than 128
  characters (vendor issue 657)
- add memory allocation errors in archive_entry_xattr.c (vendor PR 603)
- remove dead code in archive_entry_xattr_add_entry() (vendor PR 716)
- fix broken decryption of ZIP files (vendor issue 553)
- manpage style, typo and description fixes

Post-3.2.1 vendor fixes:
- fix typo in cpio version reporting (Vendor PR 725, 726)
- fix argument range of ctype functions in libarchive_fe/passphrase.c
- fix ctype use and avoid empty loop bodies in WARC reader

MFC after:	1 week
Security:	CVE-2016-4300, CVE-2016-4301, CVE-2016-4302
Approved by:	re (kib)
2016-06-22 07:49:59 +00:00
Bryan Drewery
bc2abcfdef Add clang-format under WITH_CLANG_EXTRAS.
Reviewed by:	dim
Approved by:	re (gjb)
Sponsored by:	EMC / Isilon Storage Division
Differential Revision:	https://reviews.freebsd.org/D6856
2016-06-17 16:46:58 +00:00
Hans Petter Selasky
a3d81a8a8a Add missing return statement.
Approved by:	re (gjb)
MFC after:	1 week
2016-06-16 16:26:16 +00:00
Hans Petter Selasky
37d0636aac Add multiple missing descriptor parsing functions to the LibUSB v1.0 API.
Approved by:	re (kib)
Requested by:	swills
MFC after:	1 week
2016-06-16 16:17:29 +00:00
Hans Petter Selasky
5b40d9601c Add support for libusb_set_auto_detach_kernel_driver() to the LibUSB v1.0 API.
Approved by:	re (kostikbel)
Requested by:	swills
MFC after:	1 week
2016-06-16 14:26:04 +00:00
Hans Petter Selasky
0f2c706643 Add support for libusb_get_port_number() to the LibUSB v1.0 API.
Approved by:	re (kostikbel)
Requested by:	swills
MFC after:	1 week
2016-06-16 12:14:19 +00:00
Hans Petter Selasky
fa6ef1c45f Define LIBUSB_API_VERSION.
Approved by:	re (kostikbel)
Requested by:	swills
MFC after:	1 week
2016-06-16 11:51:20 +00:00
Hans Petter Selasky
14b896ce80 Implement libusb_get_version() and update libusb manual page.
Approved by:	re (glebius)
Requested by:	swills
MFC after:	1 week
2016-06-16 07:48:21 +00:00
Bryan Drewery
8779595527 DIRDEPS_BUILD: Update dependencies
Approved by:	re (gjb)
Sponsored by:	EMC / Isilon Storage Division
2016-06-14 16:55:05 +00:00
Hans Petter Selasky
f357b4f65d Fix compile warning.
Approved by:	re (delphij)
MFC after:	1 week
2016-06-13 01:33:02 +00:00
Mariusz Zaborski
59cf368df4 Don't close fd if it's lower then stderr, otherwise we can close
one of the descriptor which we just set.

Pointed out by:		jilles
Approved by:		re (hrs)
2016-06-13 00:03:55 +00:00
Hans Petter Selasky
90988efdc5 Implement code to stop all USB endpoints before executing a USB device
reset command, alternate setting command or set configuration
command. Else LibUSB v1.0 will not re-open the endpoints which the
kernel closes and the USB application might wait infinitely for
transfers to complete.

Approved by:	re (hrs)
MFC after:	3 days
2016-06-12 23:26:38 +00:00
Pedro F. Giffuni
b2f8f05c89 Fix regression from r301461.
The fix to the __collate_range_cmp() ABI breakage missed some replacements
in libc's vfscanf().  Replace them with __wcollate_range_cmp() which
does what is expected.

This was breaking applications like xterm and pidgin when using wide
characters.

Reported by:	Vitalij Satanivskij
Approved by:	re
2016-06-10 05:21:52 +00:00
Pedro F. Giffuni
478eb9e9ca libc/rpc: Make use of some xdr_* macros. (part 2)
xdr_rpcproc, xdr_rpcprog and xdr_rpcvers were broken in older
versions of FreeBSD but fixed in r296394.  Give them some use
hoping they help make the code somewhat more readable.
2016-06-09 22:18:25 +00:00
Jilles Tjoelker
f4aa4c78c7 utimes(2),utime(3): Add deprecation in favour of utimensat(2) and futimens(2).
Setting time by seconds or microseconds may cause unexpected effects
especially if sysctl vfs.timestamp_precision=3 (not default).

Calling the obsolete functions with NULL timestamps is acceptable.
2016-06-09 22:14:58 +00:00
Edward Tomasz Napierala
b8f41779a2 Fix frexpl() declaration to not include the field name.
MFC after:	1 month
2016-06-09 20:49:26 +00:00
Pedro F. Giffuni
ea21823d9f libc/rpc: Make use of some xdr_* macros.
xdr_rpcprog and xdr_rpcvers were broken in older versions of FreeBSD
but were fixed in r296394. Give them some use hoping they help make
the code somewhat more readable.
2016-06-09 19:44:47 +00:00
Kevin Lo
88609a6a7a Fix the rpcb_getaddr() definition to match its declaration.
Submitted by:	Sebastian Huber <sebastian dot huber at embedded-brains dot de>
2016-06-09 14:33:00 +00:00
Mark Johnston
714ac00292 Implement an NSS backend for netgroups and add getnetgrent_r(3).
This support appears to have been documented in nsswitch.conf(5) for some
time. The implementation adds two NSS netgroup providers to libc. The
default, compat, provides the behaviour documented in netgroup(5), so this
change does not make any user-visible behaviour changes. A files provider
is also implemented.

innetgr(3) is implemented as an optional NSS method so that providers such
as NIS which are able to implement efficient reverse lookup can do so.
A fallback implementation is used otherwise. getnetgrent_r(3) is added for
convenience and to provide compatibility with glibc and Solaris.

With a small patch to net/nss_ldap, it's possible to specify an ldap
netgroup provider, allowing one to query nisNetgroupTriple entries.

Sponsored by:	EMC / Isilon Storage Division
2016-06-09 01:28:44 +00:00
Mark Johnston
03ad7e450a Fix an infinite loop in setnetgrent(3) with NIS netgroups.
Handle an empty result from yp_match() by returning NULL, which is
consistent with the handling of an empty netgroup in /etc/netgroup.
setnetgrent(3) has no return value, so there is no particular need to
distinguish this case from an error.

PR:		26486
MFC after:	2 weeks
2016-06-09 01:11:48 +00:00
Mark Johnston
7f750d5034 Use a more common spelling for "(char *)0" in the getnetgrent man page.
MFC after:	3 days
2016-06-09 01:05:23 +00:00
Enji Cooper
b7e992da8e Revert r301707
getnetent_p doesn't return NULL like getnetent does. coccinelle got confused and
I didn't verify that it worked before committing the change

MFC after: 1 week
X-MFC with: r301707
Pointyhat to: ngie
2016-06-08 23:30:13 +00:00
Enji Cooper
140f884e31 Use NULL instead of 0 in _ht_getnetbyname(..)
- getnetent returns NULL on completion/error.
- .h_aliases is NULL terminated.

MFC after: 1 week
Sponsored by: EMC / Isilon Storage Division
2016-06-08 23:23:19 +00:00
Enji Cooper
3304ba9d70 Test for strchr(3) returning NULL, not 0
MFC after: 3 days
Reported by: coccinelle
Sponsored by: EMC / Isilon Storage Division
2016-06-08 23:17:30 +00:00
Brooks Davis
8dfeba04eb Update to a June 8th snapshot of (un)vis form NetBSD.
This adds stravis() and some new encoding flags VIS_SHELL, VIS_META,
and VIS_NOLOCALE.

Assorted cleanups and fixes includeing a manpage typo[0].

PR:		210013 [0]
Submitted by:	pi [0]
2016-06-08 18:21:27 +00:00
Dag-Erling Smørgrav
328e4174b6 Replace _pam_verbose_error() with a macro. This was the last difference
between our libpam and stock OpenPAM, meaning that it is now possible to
replace the base libpam with a hypothetical ports version of OpenPAM.
2016-06-08 11:47:19 +00:00
Don Lewis
2b34ca7d10 Don't leak olinep if malloc() fails.
If malloc() fails to allocate linep, then free olinep (if it exists)
before returning to avoid a memory leak.

Reported by:	Coverity
CID:		1016716
Reviewed by:	kib
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D6755
2016-06-08 10:25:16 +00:00
Don Lewis
d7f12eacbb Don't leak addrinfo if ai->ai_addrlen <= minsiz test fails.
If the ai->ai_addrlen <= minsiz test fails, then freeaddrinfo()
does not get called to free the memory just allocated by getaddrinfo().
Fix by moving ai->ai_addrlen <= minsiz to a separate nested if
block, and keep freeaddrinfo() in the outer block so that freeaddrinfo()
will be called whenever getaddrinfo() succeeds.

Reported by:	Coverity
CID:		1273652
Reviewed by:	ume
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D6756
2016-06-08 09:40:06 +00:00
Mariusz Zaborski
b3a734483e Introduce the PD_CLOEXEC for pdfork(2).
Reviewed by:	mjg
2016-06-08 02:09:14 +00:00
Mariusz Zaborski
920be817aa Add flags to the Casper services.
CASPER_SERVICE_STDIO - Casper will not close the first three descriptors (stdin,
		       stdout and stderr) this can be helpful for debugging.
CASPER_SERVICE_FD - Capser will not close all other descriptors, this can
		    be useful for a filesystem service.
2016-06-08 02:03:53 +00:00
Kurt Lidl
c0759dac0d Separate BLACKLIST vs BLACKLIST_SUPPORT properly
Sponsored by:	The FreeBSD Foundation
2016-06-07 16:31:03 +00:00
Bryan Drewery
94bb24b387 Use the in-tree sys/elf_common.h to build libelftc.
This fixes build failures on older releases that lack various
definitions such as EM_AARCH64 (which was unfixed before this).

Revert all of the recent compatibility changes that worked around this
problem.

This uses the same method of using the in-tree header as lib/libelf,
lib/libdwarf and usr.bin/readelf.

Reviewed by:	emaste
Sponsored by:	EMC / Isilon Storage Division
Differential Revision:	https://reviews.freebsd.org/D6734
2016-06-05 23:05:14 +00:00
Pedro F. Giffuni
3c2c0c0443 libc/locale: Fix type breakage in __collate_range_cmp().
When collation support was brought in, the second and third
arguments in __collate_range_cmp() were changed from int to
wchar_t, breaking the ABI. Change them to a "char" type which
makes more sense and keeps the ABI compatible.

Also introduce __wcollate_range_cmp() which does work with wide
characters. This function is used only internally in libc so
we don't export it. Use the new function in glob(3), fnmatch(3),
and regexec(3).

PR:		179721
Suggested by:	ache. jilles
MFC after:	3 weeks (perhaps partial only)
2016-06-05 19:12:52 +00:00
Andrey A. Chernov
16bf528dc2 Reflect error indication according to POSIX and what those functions
currently do.
2016-06-05 15:46:14 +00:00
Konstantin Belousov
7d6906b804 Fix markup.
Sponsored by:	The FreeBSD Foundation
2016-06-04 20:20:14 +00:00
Baptiste Daroussin
6525738f63 Import libucl snapshot 20160604
It replaces xxhash with mumhash
It fixes issues with msgpack on non x86
2016-06-04 14:57:25 +00:00
Bryan Drewery
6e9a3c415e DIRDEPS_BUILD: Connect new directories and update dependencies.
Sponsored by:	EMC / Isilon Storage Division
2016-06-03 19:25:30 +00:00
Dimitry Andric
c371433e4a For clang, move the definition of FREEBSD_CC_VERSION into its own header
file, lib/clang/freebsd_cc_version.h, instead of reusing Version.inc.
The header is only included from one .cpp file in the clang tree.

This minimizes the number of .cpp files that need to be rebuilt if the
version is bumped.

Discussed with:	bdrewery
2016-06-03 16:17:36 +00:00
Eric van Gyzen
28e3357884 Improve errno documentation in pthread_create(3) and thr_new(2)
Add some missing errno values to thr_new(2) and pthread_create(3).
In particular, EDEADLK was not documented in the latter.
While I'm here, improve some English and cross-references.

Reviewed by:	kib
Sponsored by:	Dell Inc.
Differential Revision:	https://reviews.freebsd.org/D6663
2016-06-03 14:30:32 +00:00
Bryan Drewery
d82362bbce Remove libstdc++ again.
This was mis-merged in r298107 which missed r289389.
2016-06-02 20:31:02 +00:00
Dimitry Andric
b5e99283f4 Pull in r271548 from upstream llvm trunk (by me):
Only attempt to detect AVG if SSE2 is available

  Summary:
  In PR29973 Sanjay Patel reported an assertion failure when a certain
  loop was optimized, for a target without SSE2 support.  It turned out
  this was because of the AVG pattern detection introduced in rL253952.

  Prevent the assertion failure by bailing out early in
  `detectAVGPattern()`, if the target does not support SSE2.

  Also add a minimized test case.

  Reviewers: congh, eli.friedman, spatel

  Subscribers: emaste, llvm-commits

  Differential Revision: http://reviews.llvm.org/D20905

This should fix assertion failures ("Requires at least SSE2!") when
building the games/0ad port with CPUTYPE=pentium3.

Reported by:	madpilot
2016-06-02 19:54:38 +00:00
Kurt Lidl
95856e1457 Add basic blacklist build support
Reviewed by:	rpaulo
Approved by:	rpaulo
Relnotes:	YES
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D5913
2016-06-02 19:06:04 +00:00
Pedro F. Giffuni
546781a748 citrus: Remove redundant code in _citrus_esdb_get_list().
It appears "sorted" may have not been implemented. Sorted or not,
we always follow the same action so simplify the code.
Leave a note for future generations.

CID:	1347084
2016-06-02 17:28:39 +00:00
Jilles Tjoelker
9de9fa32c9 thr_*(2): Add xrefs to what libthr implements using each syscall.
Add text to thr_exit(2) and thr_new(2) discouraging their use in
applications since calling these in a process with libthr loaded will
confuse libthr and is likely to cause hangs or crashes.

The thr_kill2(2) call is not used by libthr and may be useful in special
applications.

The other calls can be used in applications but it should not be necessary.
2016-06-01 21:58:13 +00:00
Allan Jude
cd9f4c599d Skein was not meant to be connected to libcrypto
It is not a password hashing algorithm

Reported by:	cem
2016-06-01 20:55:25 +00:00
Ed Schouten
2ca9ffa9bb Don't call setgrent() in an unportable way.
For FreeBSD 12, I'm considering updating setgrent() to have a function
prototype that conforms to POSIX. FreeBSD seems to be the only operating
system that lets setgrent() return an integer. It's also inconsistent
with setpwent().

It looks like our libcasper depends on setgrent() returning an integer.
Get rid of that.

Reviewed by:	oshogbo
Differential Revision:	https://reviews.freebsd.org/D6659
2016-06-01 20:45:21 +00:00
Mariusz Zaborski
eaf7c645b3 Document behavior of wait introduced in the r286698.
Suggested by:		glebius
Reviewed by:		wblock, bjk
Differential Revision:	https://reviews.freebsd.org/D6080
2016-06-01 19:49:38 +00:00
Conrad Meyer
c72ef5eab3 libthr: Use formatted PANIC()
No functional change, although _thread_printf() may be slightly less functional
or render some values differently from libc snprintf(3).  No ABI change.

Reviewed by:	kib
Sponsored by:	EMC / Isilon Storage Division
Differential Revision:	https://reviews.freebsd.org/D6672
2016-06-01 16:12:26 +00:00
Conrad Meyer
a3c0056121 libthr: _thread_vprintf: Enhance support for %p, %#x
No functional change.  No ABI change.

Reviewed by:	kib
Sponsored by:	EMC / Isilon Storage Division
Differential Revision:	https://reviews.freebsd.org/D6672
2016-06-01 16:11:09 +00:00
Conrad Meyer
3a7d122f96 libthr: Add vprintf variant of _thread_printf, formatted PANIC()
No ABI change.

Reviewed by:	kib
Sponsored by:	EMC / Isilon Storage Division
Differential Revision:	https://reviews.freebsd.org/D6672
2016-06-01 16:09:56 +00:00
Andrey A. Chernov
69c526f46e Don't use fixup for C99 and up, the compiler result is already correct.
Suggested by: bde

MFC after:      1 week
2016-06-01 10:14:25 +00:00
Alan Somers
92c6a88b76 Coverity fixes for r300906
lib/libdevdctl/consumer.cc
	In Consumer::DisconnectFromDevd, don't close the socket if it's
	already closed.

cddl/usr.sbin/zfsd/case_file.cc
lib/libdevdctl/consumer.h
	Delete dead code leftover from before devd(8) gained SOCK_SEQPACKET
	support

Reported by:	Coverity
CID:		1356155, 1356169
Sponsored by:	Spectra Logic Corp
2016-05-31 23:26:45 +00:00
Andrey A. Chernov
2f423a266a For EILSEQ case in mbsnrtowcs() and wcsnrtombs() update src to point to
the character after the one this conversion stopped at.

PR:     209907
Submitted by: Roel Standaert <roel@abittechnical.com> (partially)
MFC after:      3 days
2016-05-31 18:44:33 +00:00
Ed Schouten
de1d269583 Fix prototype of dbm_open().
The last argument of dbm_open() should be a mode_t according to POSIX;
not an int.

Reviewed by:	pfg, kib
Differential Revision:	https://reviews.freebsd.org/D6650
2016-05-31 18:32:57 +00:00
Dag-Erling Smørgrav
a5fc9a29bb r169386 (PR 112515) was incomplete: it treated 307 as an error except
in verbose mode, and did not handle 308 at all.

r241840 (PR 172451) added support for 308, but with the same bug.

Correctly handle both by recognizing them as redirects in all places
where we check the HTTP result code.

PR:		112515 173451 209546
Submitted by:	novel@
MFC after:	1 week
2016-05-31 08:27:39 +00:00
Pedro F. Giffuni
c2b4f3c940 libdevdctl: minor spelling fixes. 2016-05-30 19:25:00 +00:00
Ed Schouten
2fed5061db Let dbm's datum::dptr use the right type.
According to POSIX, it should use void *, not char *. Unfortunately, the
dsize field also has the wrong type. It should be size_t. I'm not going
to change that, as that will break the ABI.

Reviewed by:	pfg
Differential Revision:	https://reviews.freebsd.org/D6647
2016-05-30 16:52:23 +00:00
Ed Schouten
0977bd1e88 Fix the signature of the psignal() function.
POSIX 2008 added the psignal() function which has already been part of
the BSDs for a long time. The only difference is, the POSIX version uses
an 'int' for the signal number, unlike our version which uses an
'unsigned int'. Fix up the function to use an 'int'. This should not
affect the ABI.
2016-05-30 13:51:27 +00:00
Dimitry Andric
22dfc4860f Bump __FreeBSD_cc_version after r300974. 2016-05-30 06:44:10 +00:00
Jamie Gritton
ee8d6bd352 Mark jail(2), and the sysctls that it (and only it) uses as deprecated.
jail(8) has long used jail_set(2), and those sysctl only cause confusion.
2016-05-30 05:21:24 +00:00
Konstantin Belousov
6180f50bbb Stop inlining the struct ucond definition into struct pthread_cond.
This avoids unneccessary casts and make the calls to _thr_ucond_*()
functions less questionable.

The c_spare field was not included into struct pthread_cond, so the
change modifies libthr ABI for shared condvars.  But since an off-page
does not legitimately contains any other data past the struct
pthread_cond, the change keeps shared condvars from pre- and post-
changed libthr compatible.  Also note that the whole struct ucond was
never copied in or out by kernel.

For private condvars, the privately allocated memory was never exposed
outside libthr.

Sponsored by:	The FreeBSD Foundation
2016-05-29 19:35:55 +00:00
Jilles Tjoelker
60404ec965 Remove non-history libkse references and fix PTHREAD_PROCESSES_PRIVATE typo. 2016-05-29 18:25:11 +00:00
Andrey A. Chernov
b8ac3f201d Micro optimize: C standard guarantees that right shift for unsigned value
fills left bits with zero, and we have exact 32bit unsigned value
(uint32_t), so there is no reason to add "& 0x7fffffff" here.

MFC after:      1 week
2016-05-29 16:39:28 +00:00
Jilles Tjoelker
764be64b12 _umtx_op(2): Note deprecation of UMTX_OP_MUTEX_WAKE. 2016-05-29 15:02:55 +00:00
Jilles Tjoelker
8e44e0ab19 _umtx_op(2),thr_*(2): Various spelling, grammar and mdoc fixes. 2016-05-29 14:16:23 +00:00
Andrey A. Chernov
44f8773834 1) Unifdef USE_WEAK_SEEDING since it is too obsolete to support and makes
reading hard.

2) Instead of doing range transformation in each and every function here,
do it single time directly in do_rand(). One "mod" operation overhead is not
a big deal, but the code looks nicer and possible future functions additions
or PRNG change do not miss range transformations neither have unneeded ones.

3) Use POSIX argument types for visible functions (cosmetic).

MFC after:      1 week
2016-05-29 13:57:06 +00:00
Andrey A. Chernov
e44ffdb207 1) Unifdef USE_WEAK_SEEDING it is too obsolete to support and makes reading
harder.

2) ACM paper require seed to be in [1, 2^31-2] range, so use the same range
shifting as already done for rand(3). Also protect srandomdev() + TYPE_0 case
(non default) from negative seeds.

3) Don't check for valid "type" range in setstate(), it is always valid as
calculated. Instead add a check that rear pointer not exceeed end pointer.

MFC after:      1 week
2016-05-29 11:54:09 +00:00
Bryan Drewery
f661dbee81 GCC External: Revert r300886, r300904, r300917, r300918
The fix in r300873 is mostly enough.  A fix for lib32 will be
committed.separately.
2016-05-29 06:20:15 +00:00
Phil Shafer
ee5cf11617 Submitted by: phil
Reviewed by:	sjg (mentor)
Approved by:	sjg
2016-05-29 01:43:28 +00:00
Allan Jude
b468a9ff1d Import the skein hashing algorithm, based on the threefish block cipher
Connect it to userland (libmd, libcrypt, sbin/md5) and kernel (crypto.ko)

Support for skein as a ZFS checksum algorithm was introduced in r289422
but is disconnected because FreeBSD lacked a Skein implementation.

A further commit will enable it in ZFS.

Reviewed by:	cem
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D6166
2016-05-29 01:15:36 +00:00
Bryan Drewery
1176e2a818 Avoid literal-suffix error due to missing space. 2016-05-28 22:27:54 +00:00
Alan Somers
7a0c41d5d7 zfsd(8), the ZFS fault management daemon
Add zfsd, which deals with hard drive faults in ZFS pools. It manages
hotspares and replements in drive slots that publish physical paths.

cddl/usr.sbin/zfsd
	Add zfsd(8) and its unit tests

cddl/usr.sbin/Makefile
	Add zfsd to the build

lib/libdevdctl
	A C++ library that helps devd clients process events

lib/Makefile
share/mk/bsd.libnames.mk
share/mk/src.libnames.mk
	Add libdevdctl to the build. It's a private library, unusable by
	out-of-tree software.

etc/defaults/rc.conf
	By default, set zfsd_enable to NO

etc/mtree/BSD.include.dist
	Add a directory for libdevdctl's include files

etc/mtree/BSD.tests.dist
	Add a directory for zfsd's unit tests

etc/mtree/BSD.var.dist
	Add /var/db/zfsd/cases, where zfsd stores case files while it's shut
	down.

etc/rc.d/Makefile
etc/rc.d/zfsd
	Add zfsd's rc script

sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev.c
	Fix the resource.fs.zfs.statechange message. It had a number of
	problems:

	It was only being emitted on a transition to the HEALTHY state.
	That made it impossible for zfsd to take actions based on drives
	getting sicker.

	It compared the new state to vdev_prevstate, which is the state that
	the vdev had the last time it was opened.  That doesn't make sense,
	because a vdev can change state multiple times without being
	reopened.

	vdev_set_state contains logic that will change the device's new
	state based on various conditions.  However, the statechange event
	was being posted _before_ that logic took effect.  Now it's being
	posted after.

Submitted by:	gibbs, asomers, mav, allanjude
Reviewed by:	mav, delphij
Relnotes:	yes
Sponsored by:	Spectra Logic Corp, iX Systems
Differential Revision:	https://reviews.freebsd.org/D6564
2016-05-28 17:43:40 +00:00
Bryan Drewery
1766eeafce Use a relative symlink for proper --sysroot support.
Sponsored by:	EMC / Isilon Storage Division
2016-05-28 16:38:09 +00:00
Allan Jude
1780e40715 Implement SHA-512 truncated (224 and 256 bits)
This implements SHA-512/256, which generates a 256 bit hash by
calculating the SHA-512 then truncating the result. A different initial
value is used, making the result different from the first 256 bits of
the SHA-512 of the same input. SHA-512 is ~50% faster than SHA-256 on
64bit platforms, so the result is a faster 256 bit hash.

The main goal of this implementation is to enable support for this
faster hashing algorithm in ZFS. The feature was introduced into ZFS
in r289422, but is disconnected because SHA-512/256 support was missing.
A further commit will enable it in ZFS.

This is the follow on to r292782

Reviewed by:	cem
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D6061
2016-05-28 16:06:07 +00:00
Bryan Drewery
ce00342bb2 Move external GCC compiler hacks to bsd.sys.mk.
This allows respecting -nostdinc, -nostdinc++ and -nostdlib before
making the decision to add in -isystem, etc.  The -isystem flags
are problematic for building lib/libc++ and lib/libcxxrt which wants
to only use its own headers.

More information the need of these flags can be found at
https://gcc.gnu.org/ml/gcc/2016-03/msg00219.html

This also reverts r300873.

Sponsored by:	EMC / Isilon Storage Division
2016-05-27 23:03:44 +00:00
Dimitry Andric
09210a281c After r300770, for libc++ and libcxxrt, use -isystem instead of -I.
This should fix builds with external gcc toolchains from ports, which
also use -isystem to work around problems with gcc's --sysroot
implementation.  Thanks to Bryan Drewery for this workaround.
2016-05-27 20:45:32 +00:00
Conrad Meyer
c6b03be14b libmd: Work around C++'s inability to understand C
Reported by:	antoine@ (x265)
2016-05-27 05:31:14 +00:00
Ed Schouten
3005a8755a Let l64a() properly null terminate its result.
Though the buffer used by l64a() is initialized with null bytes,
repetetive calls may end up having trailing garbage of previous
invocations because we don't end up terminating the string.

Instead of importing NetBSD's fix, use this opportunity to simplify this
function dramatically, for example by just storing the Base64 character
set in a string. There is also no need to do the bitmasking, as we can
just use the proper integer type from <stdint.h>.

MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D6511
2016-05-26 20:55:15 +00:00
Dimitry Andric
9729cf0934 Update libc++ to 3.8.0. Excerpted list of fixes (with upstream revision
numbers):

r242679 Implement the plugin-based version of std::search. There are no
        searchers yet; those are coming soon.
r242682 Implement the default searcher for std::experimental::search.
r243728 Add <experimental/any> v2.
r245330 implement more of N4258 - Cleaning up noexcept in the standard
        library. Specifically add new noexcept stuff to vector and
	string's move-assignment operations
r245334 Fix PR22606 - Leak pthread_key with static storage duration to
        ensure all of thread-local destructors are called.
r245335 Fix PR23589: std::function doesn't recognize null pointer to
        varargs function.
r247036 Implementation of Boyer-Moore and Boyer-Moore-Horspool
        searchers for the LFTS.
r249325 Implement LWG#2063, and update the issues links to point to the
        github generated pages
r249738 Split <ctype.h> out of <cctype>.
r249739 Split <errno.h> out of <cerrno>.
r249740 Split <float.h> out of <cfloat>.
r249741 Split <inttypes.h> out of <cinttypes>.
r249742 Split <math.h> out of <cmath>.
r249743 Split <setjmp.h> out of <csetjmp>.
r249761 Split <stddef.h> out of <cstddef>.
r249798 Split <stdio.h> out of <cstdio>.
r249800 Split <stdlib.h> out of <cstdlib>.
r249889 Split <wchar.h> out of <cwchar>.
r249890 Split <wctype.h> out of <cwctype>.
r249929 Split <string.h> out of <cstring>.
r250254 ABI versioning macros for libc++.
r251246 Fix LWG#2244: basic_istream::seekg
r251247 Fix LWG#2127: Move-construction with raw_storage_iterator.
r251253 Fix LWG#2476: scoped_allocator_adaptor is not assignable
r251257 Fix LWG#2489: mem_fn() should be noexcept
r251618 Implement P0004R1 'Remove Deprecated iostreams aliases'
r251766 Implement the first part of P0006R0: Adopt Type Traits Variable
        Templates for C++17.
r252195 Implement P0092R1 for C++1z
r252350 Allow deque to handle incomplete types.
r252406 More of P0006R0: type traits variable aliases for C++17.
r252407 Implement LWG#2353: std::next is over-constrained
r252905 Implement P0074: Making owner_less more flexible
r253215 Implement P0013R1: Logical Operator Type Traits.
r253274 Implement P0007: Constant View: A proposal for a std::as_const
        helper function template.
r254119 Add static_assert to set/multiset/map/multimap/forward_list/deque
        that the allocator's value_type match the container's value_type.
r254283 Implement more of P0006; Type Traits Variable Templates.
r255941 LWG2485: get() should be overloaded for const tuple&&.
r256325 Fix LWG Issue #2367 - Fixing std::tuple and std::pair's default
        constructors.
r256652 Fix for ALL undefined behavior in <list>.
r256859 First half of LWG#2354: 'Unnecessary copying when inserting
        into maps with braced-init syntax'

Exp-run:	antoine
Relnotes:	yes
2016-05-26 18:52:49 +00:00
Ed Maste
d38447b51d Update to ELF Tool Chain r3477
This fixes a EFI/PE header issue that prevented elfcopy-produced .efi
files from working with Secure Boot:

  Make sure section raw size is always padded to multiple of
  FileAlignment from the optional header, as requested by the PE
  specification. This change should reduce the diff between PE image
  generated by Binutils objcopy and elftoolchain elfcopy.

Submitted by:	kaiw
Reported by:	ambrisko
2016-05-25 20:56:30 +00:00
Ruslan Bukin
7813f8309c Do not generate code for sbrk syscall -- sbrk support was removed.
Pointed out by:	andrew
2016-05-25 16:38:10 +00:00
Pedro F. Giffuni
93ea9f9fa1 libc: regexec(3) adjustment.
Change the behavior of when REG_STARTEND is combined with REG_NOTBOL.

From the original posting[1]:

"Enable the assumption that pmatch[0].rm_so is a continuation offset
to  a string and allows us to do a proper assessment of the character
in  regards to it's word position ('^' or '\<'), without risking going
into unallocated memory."

This change makes us similar to how glibc handles REG_STARTEND |
REG_NOTBOL, and is closely related to a soon-to-land fix to sed.

Special thanks to Martijn van Duren and Ingo Schwarze for working
out some consistent behaviour.

Differential Revision:	https://reviews.freebsd.org/D6257
Taken from:	openbsd-tech 2016-05-24 [1]  (Martijn van Duren)
Relnotes:	yes
MFC after:	1 month
2016-05-25 15:35:23 +00:00
Ruslan Bukin
b7b46892f9 Remove legacy brk and sbrk from RISC-V.
Discussed with:	andrew
Sponsored by:	DARPA, AFRL
Sponsored by:	HEIF5
2016-05-25 14:08:21 +00:00
Don Lewis
65380b5f2f Call closedir() before returning from fetchListFile() to avoid a leak.
Reported by:	Coverity
CID:		1016697
MFC after:	1 week
2016-05-25 07:43:32 +00:00
Don Lewis
429bf952ae Don't leak addrinfo in fetch_bind()
Reported by:	Coverity
CID:		1225038
MFC after:	1 week
2016-05-25 07:39:48 +00:00
Don Lewis
d7807d5167 Fix Coverity CID 978183 Resource leak in rexec().
Close the socket if connect() fails to avoid leaking it.

Reported by:	Coverity
CID:		978183
MFC after:	1 week
2016-05-25 07:26:22 +00:00
Don Lewis
9b842193f9 Fix Coverity CID 1016714 Resource leak in process_file_actions_entry()
Don't leak a file descriptor of _dup2() fails (shouldn't happen).

Reported by:	Coverity
CID:		1016714
MFC after:	1 week
2016-05-25 07:13:53 +00:00
Don Lewis
015f4df218 Fix 1016718 Resource leak.
Don't leak a file descriptor if fchdir() fails.

Reported by:	Coverity
CID:		1016718
MFC after:	1 week
2016-05-25 06:55:53 +00:00
Enji Cooper
8f5cc69027 Fix up r300385
I accidentally glossed over the fact that tmp is manipulated via strchr, so
if we tried to free `tmp` after r300385, it would have crashed.

Create a separate pointer (tmp2) to track the original allocation of `tmp`,
and free `tmp2` if `p->nc_lookups` can't be malloced

MFC after: 4 days
X-MFC with: r300385
Reported by: Coverity
CID: 1356026
Sponsored by: EMC / Isilon Storage Division
2016-05-24 19:52:05 +00:00
Enji Cooper
3c048026b5 Remove redundant NULLing of outbuf_pmap
If reallocf ever failed, outbuf_pmap would already be NULL

MFC after: 1 week
X-MFC with: r300620
Reported by: cem
Sponsored by: EMC / Isilon Storage Division
2016-05-24 18:53:06 +00:00
Enji Cooper
75cd48a1c1 Use reallocf instead of malloc to fix leak with outbuf_pmap
The previous code overwrote outbuf_pmap's memory with malloc once per
loop iteration, which leaked its memory; use reallocf instead to ensure
that memory is properly free'd each loop iteration.

Add a outbuf_pmap = NULL in the failure case to avoid a double-free
at the bottom of the function.

Differential Revision: https://reviews.freebsd.org/D6495
MFC after: 1 week
Reported by: Coverity
CID: 1038776
Reviewed by: markj, pfgj
Sponsored by: EMC / Isilon Storage Division
2016-05-24 18:44:50 +00:00
Dag-Erling Smørgrav
6e8d69ad38 The NAS-Identifier attribute is a string, not an integer.
MFC after:	1 week
2016-05-24 11:44:43 +00:00
Don Lewis
95320acebc Fix multiple Coverity Out-of-bounds access false postive issues in CAM
The currently used idiom for clearing the part of a ccb after its
header generates one or two Coverity errors for each time it is
used.  All instances generate an Out-of-bounds access (ARRAY_VS_SINGLETON)
error because of the treatment of the header as a two element array,
with a pointer to the non-existent second element being passed as
the starting address to bzero().  Some instances also alsp generate
Out-of-bounds access (OVERRUN) errors, probably because the space
being cleared is larger than the sizeofstruct ccb_hdr).

In addition, this idiom is difficult for humans to understand and
it is error prone.  The user has to chose the proper struct ccb_*
type (which does not appear in the surrounding code) for the sizeof()
in the length calculation.  I found several instances where the
length was incorrect, which could cause either an actual out of
bounds write, or incompletely clear the ccb.

A better way is to write the code to clear the ccb itself starting
at sizeof(ccb_hdr) bytes from the start of the ccb, and calculate
the length based on the specific type of struct ccb_* being cleared
as specified by the union ccb member being used.  The latter can
normally be seen in the nearby code.  This is friendlier for Coverity
and other static analysis tools because they will see that the
intent is to clear the trailing part of the ccb.

Wrap all of the boilerplate code in a convenient macro that only
requires a pointer to the desired union ccb member (or a pointer
to the union ccb itself) as an argument.

Reported by:	Coverity
CID:		1007578, 1008684, 1009724, 1009773, 1011304, 1011306
CID:		1011307, 1011308, 1011309, 1011310, 1011311, 1011312
CID:		1011313, 1011314, 1011315, 1011316, 1011317, 1011318
CID:		1011319, 1011320, 1011321, 1011322, 1011324, 1011325
CID:		1011326, 1011327, 1011328, 1011329, 1011330, 1011374
CID:		1011390, 1011391, 1011392, 1011393, 1011394, 1011395
CID:		1011396, 1011397, 1011398, 1011399, 1011400, 1011401
CID:		1011402, 1011403, 1011404, 1011405, 1011406, 1011408
CID:		1011409, 1011410, 1011411, 1011412, 1011413, 1011414
CID:		1017461, 1018387, 1086860, 1086874, 1194257, 1229897
CID:		1229968, 1306229, 1306234, 1331282, 1331283, 1331294
CID:		1331295, 1331535, 1331536, 1331539, 1331540, 1341623
CID:		1341624, 1341637, 1341638, 1355264, 1355324
Reviewed by:	scottl, ken, delphij, imp
MFH:		1 month
Differential Revision:	https://reviews.freebsd.org/D6496
2016-05-24 00:57:11 +00:00
Jilles Tjoelker
050c87f9a1 vfork(2): Mention some risks of calling vfork() from application code.
MFC after:	1 week
2016-05-22 13:32:45 +00:00
Andrew Turner
46c1105fbb Stop dereferencing _end in crt1.c. This was only needed for brk/sbrk so is
no longer needed.

Sponsored by:	ABT Systems Ltd
2016-05-22 08:20:30 +00:00
Andrey A. Chernov
fbd6b95ef9 1) POSIX prohibits printing errors to stderr here and require
returning NULL:

"Upon successful completion, initstate() and setstate() shall return a
pointer to the previous state array; otherwise, a null pointer shall
be returned.

Although some implementations of random() have written messages to
standard error, such implementations do not conform to POSIX.1-2008."

2) Move error detections earlier to prevent state modifying.

MFC after:      1 week
2016-05-22 06:18:59 +00:00
Enji Cooper
f1209420eb nis_rpcent: don't leak resultbuf from yp_first(..)/yp_next(..)
If the buffer couldn't be adequately resized to accomodate an additional "\n",
it would leak resultbuf by breaking from the loop early

MFC after: 2 weeks
Reported by: Coverity
CID: 1016702
Sponsored by: EMC / Isilon Storage Division
2016-05-22 03:05:27 +00:00
Enji Cooper
b70cb0694b Call endnetconfig on nc_handle sooner to avoid leaking nc_handle if tmpnconf
was NULL

This would theoretically happen if the netconfig protocol family and protocol
semantics were never matched.

MFC after: 2 weeks
Reported by: Coverity
CID: 978179
Sponsored by: EMC / Isilon Storage Division
2016-05-22 02:53:11 +00:00
Enji Cooper
99d498608a getnetid(..): consistently fclose fd at the end of the function
This mutes a false positive with cppcheck, but also helps eliminate future
potential issues with this variable

MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division
2016-05-22 02:24:38 +00:00
Enji Cooper
3552a02626 Don't leak handle if svc_tp_create(..) succeeds and allocating a new
struct xlist object fails

MFC after: 1 week
Reported by: Coverity
CID: 978277
Sponsored by: EMC / Isilon Storage Division
2016-05-22 02:02:18 +00:00
Enji Cooper
9c11e6b093 Don't leak tmp if p->nc_lookups can't be malloced
MFC after: 1 week
Reported by: cppcheck
Sponsored by: EMC / Isilon Storage Division
2016-05-22 01:45:15 +00:00
Pedro F. Giffuni
e9fe9edde7 libc/regex: fix two buffer underruns.
Fix some rather complex regex issues found on OpenBSD as part of some
ongoing work to fix a sed(1) bug.

Curiously the OpenBSD tests don't trigger segfaults on FreeBSD but the
bugs were confirmed by running a port of FreeBSD's regex under OpenBSD's
malloc. Huge thanks to Ingo for confirming the behavior.

Taken from:	Ingo Schwarze (through openbsd-tech 2016-05-15)
MFC after:	1 week
2016-05-21 19:54:10 +00:00