certain error conditions, it is possible for pages to be left allocated
in the object beyond it's end. It is generally bad practice to allocate
pages beyond the end of an object.
Turn OFF the "small servers" by default. FreeBSD systems should only
serve actively used programs. Jewels like chargen and echo are too
useful in attack scenarios.
possibility of security holes allowing root penetration.
Inspired by: Mark Handley <M.Handley@cs.ucl.ac.uk> and
Theo de Raadt <deraadt@theos.com> independently
Submitted by: Theo de Raadt <deraadt@theos.com>
since rt_readenv() already takes care of not setting unsafe variables.
This was part of the changes I submitted to Peter and John during the
review which must have gotten missed.
how I managed to get this out of sync, but I did. I guess that's what I
get for directly committing from different machines that I was testing on.
Pointed out by: Paul Traina <pst@freebsd.org>
known to printf(3) and then used printf() to format it... The only
problem what the #define printf out1fmt. The code was behaving differently
when run as a shell builtin since out1fmt() isn't printf(3).
Simple hack. Print to a buffer and fputs (also #defined for sh) the
result. This should fix the printf builtin problem in PR#1673, rather
than leaving the call commented out. (printf.o was being statically linked
in anyway, we might as well use it)
a (now) defunct routine that no longer exists (causing an empty .o file),
and were missing some others. Some of the ones we were missing are no-ops
on the i386, so there are now 4 empty .o files.
(It seems that libc/quad has got some defunct functions now)
configurable fallback search paths, as well as new crt interface version.
Also:
- even faster getenv(), get all environment variable settings in a single
pass.
- ldd printf-like format specifications
- minor code cleanups, one vsprintf -> vsnprintf (harmless)
The library search sequence is a little more complete now. Before,
it'd search $LD_LIBRARY_PATH (by opendir/readdir/closedir), then read
the hints file, then read /usr/lib (again by scanning thr directory). It
would then fail if there was no "found" library.
Now, it does LD_LIBRARY_PATH and the hints file the same, but then uses
a longer fallback path. The -R path is fetched from the executable if
specified at build time, the ldconfig path is appended, and /usr/lib is
appended to that. Duplicates are suppressed. This means that simply
placing a new library in /usr/local/lib will work (the same as it did in
/usr/lib) without needing ldconfig -m. It will find it quicker if the
ldconfig is run though.
Similar changes have been made to the NetBSD ld.so, but ours is rather
different now due to John Polstra's speedups and fixes from a while back.
The ldd printf-like format support came direct from NetBSD.
Reviewed by: nate, jdp
ldconfig path (from NetBSD). I added code to make sure there were no
duplicates in the path when multiple ldconfig -m's were used.
Reviewed by: nate, jdp
Obtained from: NetBSD (partly)