Some of the changes are in the libexec/tftpd directory, but to functions that
are only used by tftp(1) (they share some code).
* strcpy => strlcpy (1006793, 1006794, 1006796, 1006741)
* Unchecked return value and TOCTTOU (1009314)
* NULL pointer dereference (1018035, 1018036)
Reported by: Coverity
CID: 1006793, 1006794, 1006796, 1006741, 1009314, 1018035
CID: 1018036
MFC after: 2 weeks
Remove procedural code that did the scanning, which was faulty and didn't
support complex constants such as 0x1p-61. Replace it with a finite state
machine expressed as a transition table. The table was rewritten by hand
from lx's output, given parts of grammar expressed as regular expressions.
lx is Katherine Flavel's lexer generator, currently available at
https://github.com/katef/libfsm and the parts of grammar were taken from
http://quut.com/c/ANSI-C-grammar-l-2011.html and extended to support binary
integer constants which are a popular GCC extension.
Reported by: bde
Remove numactl(1), edit numa(4) to bring it some closer to reality,
provide libc ABI shims for old NUMA syscalls.
Noted and reviewed by: brooks (previous version)
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D16142
Encoding-specific processing introduced in r335836 is not recommended.
And doing getenv("LANG") and assuming an encoding based on it is a
very bad practice to internationalize software.
Submitted by: hrs
Differential Revision: https://reviews.freebsd.org/D16203
Apparently some tools are not able to determine if all the cases of a
switch are covered. Make use of the attribute for cases like this.
Hinted by: DragonFlyBSD GGC8 (but fixed differently)
CID: 976552
Unportable left shift reported with MKSANITIZER=yes
USE_SANITIZER=undefined:
# progress -zf ./games.tgz tar -xp -C "./" -f -
/public/src.git/usr.bin/gzip/gzip.c:2126:33: runtime error: left shift of
251 by 24 places cannot be represented in type 'int'
100%
|****************************************************************************************************************|
44500 KiB 119.69 MiB/s 00:00 ETA
Refactor the following code into something that is more clear
and fix signed integer shift, by casting all buf[] elements to
(unsigned int):
unsigned char buf[8];
uint32_t usize;
[...]
else {
usize = buf[4] | buf[5] << 8 |
buf[6] << 16 | buf[7] << 24;
[...]
New version:
usize = buf[4];
usize |= (unsigned int)buf[5] << 8;
usize |= (unsigned int)buf[6] << 16;
usize |= (unsigned int)buf[7] << 24;
Only the "<< 24" part needs explicit cast, but for consistency make the
integer promotion explicit and clear to a code reader.
Sponsored by <The NetBSD Foundation>
Obtained from: NetBSD (CVS rev. 1.113)
MFC after: 1 week
2nd argument of vsnprintf() to get the strlen of next_msg so that the
appropriate size is used.
Found with gcc.
/usr.bin/top/display.c: In function 'new_message':
/usr.bin/top/display.c:963:31: error:
argument to 'sizeof' in 'vsnprintf' call is the same expression as the
destination; did you mean to provide an explicit length?
[-Werror=sizeof-pointer-memaccess]
vsnprintf(next_msg, sizeof(next_msg), msgfmt, args);
Reviewed by: daichi
quatactl(2) mechanism. (Read-only at this point, however.)
In particular, this is to allow rpc.rquotad query quotas
for NFS mounts, allowing users to see their quotas on the
hosts using the datasets.
The changes specifically:
* Add new RPC entry points for querying quotas.
* Changes the library routines to allow non-UFS quotas.
* Changes rquotad to check for quotas on mounted filesystems,
rather than being limited to entries in /etc/fstab
* Lastly, adds a VFS entry-point for ZFS to query quotas.
Note that this makes one unavoidable behavioural change: if quotas
are enabled, then they can be queried, as opposed to the current
method of checking for quotas being specified in fstab. (With
ZFS, if there are user or group quotas, they're used, always.)
Reviewed by: delphij, mav
Approved by: mav
Sponsored by: iXsystems Inc
Differential Revision: https://reviews.freebsd.org/D15886
Replace size_t members with ksize_t (uint64_t) and pointer members
(never used as pointers in userspace, but instead as unique
idenitifiers) with kvaddr_t (uint64_t). This makes the structs
identical between 32-bit and 64-bit ABIs.
On 64-bit bit systems, the ABI is maintained. On 32-bit systems,
this is an ABI breaking change. The ABI of most of these structs
was previously broken in r315662. This also imposes a small API
change on userspace consumers who must handle kernel pointers
becoming virtual addresses.
PR: 228301 (exp-run by antoine)
Reviewed by: jtl, kib, rwatson (various versions)
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D15386
args is empty.
Instead, use kvm_getargv() unconditionally to obtain the process
arguments. It means that one additional sysctl(2) is performed there.
Submitted by: Thomas Munro
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D16111
sockstat(1), ugidfw(8)
These are the last of the jail-aware userland utilities that didn't work
with names.
PR: 229266
MFC after: 3 days
Differential Revision: D16047
Fix possible strict aliasing issue (if time_t is the same size as int but
not int but for example long) which also resulted in a false positive
warning on systems with 64-bit time_t. Pointer casts are bad; we can just
copy the time_t.
Elsewhere, avoid casting char * to int * by using memcpy().
Reviewed by: eadler
Differential Revision: https://reviews.freebsd.org/D16075
mode to 'io' mode, an artifact remains because the buffer is not
"finished" with a NULL terminator using sbuf_finish().
An example of this is, when the "m" command is entered, the title line
will contain COMMANDND instead of COMMAND. This commit fixes this.
There isn't any need to limit the size of the screen. Utilities like
'less -S' don't have a (meaningful) limit anyways. This also makes the
way to dynamically changing the column widths based on the screen width.
This code isn't designed to be particularly portable outside of FreeBSD.
To be more specific it doesn't make much sense to support compiling
find(1) on VMS.
This also fixes -mio with 'T' set (thread-id instead of process-id).
This can go further by removing the existing sprintf, and using sbuf
directly. This will be done in a followup commit.
There is no documented reason for this not to be shown on the first run.
I can't find any good reason, and it breaks batch mode.
PR: 218889
Submitted by: "Jeremy C. Reed" <reed@reedmedia.net>
When the load is "high" (an arbitrary value) top(1) previously moved the
cursor to the top-left of the screen as an acknowledgment. In practice,
on modern machines, even relatively slow ones, it looked more like a
glitch. Remove the logic.
The current header formatting is a giant format string that changes
global state during the format process.
Make the following changes:
- use sbuf to build up the header rather than use the above
pseudo-dynamic one
- Change name length to 10
- Reduce size of RES and SIZE by making humanize more aggressive
- Restore a version number line to the copyright. This may be required
by the copyright (and may not be; its unclear)
This is also a pre-req to implementing TOPCOLOR from newer versions of
top(1)
Discussed with: allanjude, rpolka, danfe, rgrimes
Differential Revision: https://reviews.freebsd.org/D15801
We always install ELF Tool Chain's elfcopy as objcopy, so to avoid
confusion rename the src directory containing our reach-over Makefile
to match.
Requested by: jhb
Sponsored by: The FreeBSD Foundation
Many licenses on ar files contained small variations from the standard
FreeBSD license text. To avoid license proliferation switch to the usual
2-clause FreeBSD license after obtaining permission from all copyright
holders.
Approved by: jkoshy, kaiw, kientzle
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D14561
LLD_BOOTSTRAP (build) is independent of LLD_IS_LD (installed) so they
should not be based on each other.
This is related to upcoming WITH_SYSTEM_LINKER work.
Reviewed by: emaste
Sponsored by: Dell EMC
Differential Revision: https://reviews.freebsd.org/D15836
Observe:
printf "a\nb\nc\n" > /tmp/foo
# Next command results in no output
cat /tmp/foo | sort -m
# Next command results in proper output
cat /tmp/foo | sort -m -
# Also works:
sort -m /tmp/foo
Some const'ification was done to simplify the actual solution of adding "-"
explicitly to the file list if we didn't have any file arguments left over.
PR: 190099
MFC after: 1 week
Many licenses on ar files contained small variations from the standard
FreeBSD license text. To avoid license proliferation switch to the usual
standard 2-clause FreeBSD license for those files where I have obtained
permission from all of the listed copyright holders.
Approved by: jkoshy, kaiw
Differential Revision: https://reviews.freebsd.org/D14561
Fix an oversight from r334869 which made the same change, but only for
SMP systems. This avoids a segfault while D15801 is being reviewed.
Reviewed by: kevans
Aligns the build with the FreeBSD traditional approach to not build in
contrib/, and to track inter-dependencies between libraries.
With help from: bdrewery
Reviewed by: bdrewery, hselasky
Sponsored by: Mellanox Technologies
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D15648
We have an obsolete GNU objdump 2.17.50 in the base system, which will
be removed in the future. Suggest readelf(1) for examining ELF files
instead; for most use cases it is the preferred tool anyhow.
PR: 229046
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Broken in r334514
sysctlbyname("vfs.zfs.compressed_arc_enabled", ...) would return ENOMEM
while trying to read the sysctl (a boolean_t) into a bool, which is too small.
Reviewed by: jhb (on irc)
Sponsored by: Klara Systems
- remove __pure annotations I added earlier for some functions. One
writes to the the arguments as "out" pointers. The
other reads from an array, which while const within the function might
be mutated externally.
- total_change is modified to be at 1, if previously 0, so no if check
is needed.
Continue my parade on introspection tools by fixing:
- failed to check for null after reallocf
- avoid the comma operator
- mark usage as dead
- correct size of len
- initialize all maybe uninitialized vars with bogus values. This shuts
up the compiler, and causes crashes if it changes later.
- mark noreturn as noreturn
- removed unused macro
- handle x_procstate as runtime rather than pre-processor
- avoid using void functions in condtionals
Tested with clang, gcc 7, gcc 9
This eliminates the difficult to follow mapping of a string list. It
moves numbers from "#define" into (more) debuggable enums. More
generally, it follows the trend of moving more data into a more central
mechanism.
The help output is a little worse: " " is not rendered well, and there
are duplicate entries, but that will be fixed in a followup.
It's clearer now when a variable represents a toggable command line option.
Many options were stored in the parser's state structure, so fix also that.
- remove WARNS?=6. It is default
- we no longer have cast-qual problems
- remove unused macros
- remove unneeded casts
- add include guard for loadavg.h
This removes the getuid check for delay==0. It didn't prevent users from
writing similar programs in the general case. In theory, if top(1) is
among one of the few restricted programs you're allowed to run, it may
have helped a little, but there are better ways of handling that case.
I had changed this from a for loop to a memset during an earlier
cleanup. This change was incorrect so revert it.
While here, clean up
Reported by: flo
original commit log by miller@OpenBSD r1.46:
Fix exit value when diffing directories with missing files and the -N
or -P options are not used. From Ibrahim Khalifa
Again motivated by upcoming work to rewrite a bunch of this- single-letter
variable names and slightly misleading variable names ("lastmatches" to
indicate that the last matched) are not helpful.
- By popular demand, implement a different switch ("T") for toggling
between thread id and process id.
- Add an assert that the size of command chars is as expected.
- Also clean up some messiness I found when implementing this.
- Further document the new flag.
Requested by: flo, ronald-lists@klop.ws, bapt
PR: 139389 (for the record)
X-MFC-With: r334474
(or peel off the band-aid, whatever floats your boat)
This addresses two separate issues:
1.) Nothing within bsdgrep actually knew whether it cared about line numbers
or not.
2.) The file layer knew nothing about the context in which it was being
called.
#1 is only important when we're *not* processing line-by-line. #2 is
debatably a good idea; the parsing context is only handy because that's
where we store current offset information and, as of this commit, whether or
not it needs to be line-aware.
Admittedly, this is a clang-scan complaint... but it wasn't wrong. fts_flags
is initialized by all cases in the switch(), which should be fairly obvious.
Annotate this anyways.
Neither procfile nor grep_tree return anything meaningful to their callers.
None of the callers actually care about how many lines were matched in all
of the files they processed; it's all about "did anything match?"
This is generally just a light refactoring to remind me of what actually
matters as I'm rewriting these bits to care less about 'stuff'.
GNU grep as in actually in base does not have any translations support
compiled in, so no functionnality loss.
We do support 193 locales in base, we will never catch up on that number of
translation with bsd grep.
Removing NLS support make bsd grep consistent with the other binaries in base
which are not translated, and also reduce a little bit the code.
Reviewed by: kevans
Approved by: kevans
Discussed with: kevans @BSDCan
Differential Revision: https://reviews.freebsd.org/D15682
There exist multi-platform programs that check indent's version in order to
know what they can expect from it. GNU indent provides that via --version,
so implement the same option here.
- Change headers to more closely match what we use
- use more standard functions instead of bzero, bcmp, bcopy
- Add myself to authors.
Tested with: base clang (amd64), gcc 9 (amd64), base clang (i386), base
gcc (mips)
- avoid the need to call a function to get size of known array. I'll
likely re-arrange some of the indirect in a later to avoid the magic
constants.
- use correct type
- add const
- replace caddr_t with void*. This corrects an alignment warning.
- remove duplicated include from immediately prior commit
Under base clang we're now down to:
- 3 warning in top.c, 1 warning in mahcine.c, 4 warning in display.c,
- 1 warning in utils.c
Tested with base clang, gcc7, gcc9, base gcc (mips)
- Add const where helpful
- add missing 'static' for file-local functions
- use nitems where possible
- convert manual abort() to assert
- use strndup instead of homegrown version
Tested with clang, gcc7, and gcc9
With -lpl, code surrounded by parentheses in continuation lines is lined up
even if it would extend past the right margin.
With -nlpl (the default), such a line that would extend past the right
margin is moved left to keep it within the margin, if that does not require
placing it to the left of the prevailing indentation level.
These switches have no effect if -nlp is selected.
Submitted by: Tom Lane
With -lp, if a line has an opening paren which is not closed on that line,
then continuation lines will be lined up to start at the character position
just after the opening paren.
Submitted by: Tom Lane
Rewrite the macros so that they take a parameter. Consumers use it to signal
how much room in the buffer they need; this lets them do that once when
required space is known instead of doing the check once every loop step.
Also take the parameter value into consideration when resizing the buffer;
the requested space may be larger than the constant 400 bytes that the
previous version used - now it's the sum of those two values.
On the consumer side, don't copy strings byte by byte - use memcpy().
Deduplicate code that copied base 2, base 8 and base 16 literals.
Don't advance the e_token pointer once the token has been copied into
s_token. This allows easy calculation of the token's length.
The troff output in indent was invented at Sun and the online documentation
for some post-SunOS operating system includes this:
The usual way to get a troffed listing is with the command
indent -troff program.c | troff -mindent
The indent manual page in FreeBSD 1.0 already lacks that information and
troff -mindent complains about not being able to find the macro file.
It seems that the file did exist on SunOS and was supposed to be imported
into 4.3BSD together with the feature, but that has never happened.
Removal of troff output support simplifies a lot of indent's code.
vgrind(1) seems to be a promising replacement.
It was a shorthand for checking if ps.procname is a non-empty string; the
same can be done with ps.procname[0] which avoids the need for updating
is_procname after every call to lexi().
The trick is to copy everything from the start of the line into the buffer
that stores newlines and comments until indent finds a brace or an else.
pr_comment() will use that information to calculate the original indentation
of the boxed comment.
This requires storing two pieces of information: the real start of the
buffer (sc_buf) and the start of the comment (save_com).
lexi() reads the input stream and categorizes the next token. indent will
sometimes buffer up a sequence of tokens in order rearrange them. That is
needed for properly cuddling else or placing braces correctly according to
the chosen style (KNF vs Allman) when comments are around. The loop that
buffers tokens up uses lexi() to decide if it's time to stop buffering. Then
the temporary buffer is used to feed lexi() the same tokens again, this time
for normal processing.
The problem is that lexi() apart from recognizing the token, can change
a lot of information about the current state, for example ps.last_nl,
ps.keyword, buf_ptr. It also abandons leading whitespace, which is needed
mainly for comment-related considerations. So the call to lexi() while
tokens are buffered up and categorized can change the state before they're
read again for normal processing which may easily result in changing
interpretation of the current state and lead to incorrect output.
To work around the problems:
1) copy the whitespace into the save_com buffer so that it will be read
again when processed
2) trick lexi() into modifying a temporary copy of the parser state instead
of the original.
"while (...)" and "else" or "{"
* Don't flush newlines - there can be multiple of them and they can happen
before a token that isn't else or {. Instead, always store them in save_com.
* Don't dump the buffer's contents on newline assuming that there is only
one comment before else or {.
* Avoid producing surplus newlines, especially before else when -ce is on.
* When -bl is on, don't treat { as a comment (was implemented by falling
through "case lbrace:" to "case comment:").
This commit fixes the above, but exposes another bug and thus breaks several
other tests. Another commit will make them pass again.
In fixing issues with uid > INT_MAX, I broke the uid without username
case. The latter is more important so return the old state.
Discussed with: allanjude
One of the downsides of using numeric WARNS is that if we only have a
single type of issue we get no protection from other changes. For
example, we got no warning for missing variable declaration, due to
the issues with "const".
For this utility, explicitly list out the warnings which are failing.
They should still be fixed, so only reduce them to warning instead of
error.
Tested with: clang base (amd64, i386), gcc6, gcc7, gcc9, gcc base (mips)
- use bool instead of int [0]
- use calloc correctly [0]
(this also caught an incorrect sizeof argument) [1]
- use size_t over int [2]
- correct style
Reported by: pfg [0], scan-build [1], gcc [2]
- Prefer calloc over malloc. This is more predicable and we're not in a
performance sensitive context. [1]
- Remove bogus comment (obsolete from prior commit). [2]
- Remove void casts and type casts of NULL
- Remove redundant declaration of 'quit'
- Add additional const
Reported by: kib [1], vangyzen [2]
Summary: Included VSX registers in powerpc core dumps (both kernel and gcore)
Submitted by: Luis Pires
Differential Revision: https://reviews.freebsd.org/D15512
Allow to show only a single process specified by PID. This could
be done either by running top like 'top -p PID' or using the 'p' command
inside top.
Reviewed by: eadler
Approved by: eadler
Obtained from: OpenBSD
Differential Revision: https://reviews.freebsd.org/D15501
- Prefer using ansi prototypes rather than C prototypes
- Keep type on separate line from name of function
- Try to keep things const where possible. This will help get to WARNS=6
- switch to "bool" where it makes sense
My previous indent(1) commit accidentally broke the -pcs option (which adds
space between function name and opening parenthesis in function calls) by
copying all but one of a few conditions in an if clause. Reinstate the
condition.
Add a regression test to lower the chances of breaking it again.
Correct a comment with description of what the option does.
If the current token is an opening parenthesis, it's either a function call
(or sizeof or offsetof) or a declaration. The former doesn't need a space
before the parenthesis.
Some users prefer seeing the TID when viewing individual threads. This
makes sense as the PID will be the same for multiple entries. An attempt
was made to include both, but there is insufficient room. As such, using
the TID.
While here, rename the header variables to be more understandable.
Discussed with: mmacy
Reported on: 2009-10-07
r232832 changed the ABI tag note name from .note.ABI-tag to .note.tag.
Follow suit in elfdump.
Elfdump's note parsing is very basic and should be significantly
reworked, but for now just restore the broken functionality.
PR: 228290
Submitted by: martin at lispworks.com
MFC after: 1 week
This one call to getaddrinfo() did not adhere to the common idiom
of storing the result into a second res0 variable, which is later freed.
Reported by: Coverity
CID: 1368069 1368071
Sponsored by: Dell EMC
It is possible to trigger an out of boundary write in cut if an invalid
range with autostart has been supplied.
PR: 227330
Submitted by: tobias@stoeckmann.org