Some of the changes are in the libexec/tftpd directory, but to functions that
are only used by tftp(1) (they share some code).
* strcpy => strlcpy (1006793, 1006794, 1006796, 1006741)
* Unchecked return value and TOCTTOU (1009314)
* NULL pointer dereference (1018035, 1018036)
Reported by: Coverity
CID: 1006793, 1006794, 1006796, 1006741, 1009314, 1018035
CID: 1018036
MFC after: 2 weeks
Remove procedural code that did the scanning, which was faulty and didn't
support complex constants such as 0x1p-61. Replace it with a finite state
machine expressed as a transition table. The table was rewritten by hand
from lx's output, given parts of grammar expressed as regular expressions.
lx is Katherine Flavel's lexer generator, currently available at
https://github.com/katef/libfsm and the parts of grammar were taken from
http://quut.com/c/ANSI-C-grammar-l-2011.html and extended to support binary
integer constants which are a popular GCC extension.
Reported by: bde
Remove numactl(1), edit numa(4) to bring it some closer to reality,
provide libc ABI shims for old NUMA syscalls.
Noted and reviewed by: brooks (previous version)
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D16142
Encoding-specific processing introduced in r335836 is not recommended.
And doing getenv("LANG") and assuming an encoding based on it is a
very bad practice to internationalize software.
Submitted by: hrs
Differential Revision: https://reviews.freebsd.org/D16203
Apparently some tools are not able to determine if all the cases of a
switch are covered. Make use of the attribute for cases like this.
Hinted by: DragonFlyBSD GGC8 (but fixed differently)
CID: 976552
Unportable left shift reported with MKSANITIZER=yes
USE_SANITIZER=undefined:
# progress -zf ./games.tgz tar -xp -C "./" -f -
/public/src.git/usr.bin/gzip/gzip.c:2126:33: runtime error: left shift of
251 by 24 places cannot be represented in type 'int'
100%
|****************************************************************************************************************|
44500 KiB 119.69 MiB/s 00:00 ETA
Refactor the following code into something that is more clear
and fix signed integer shift, by casting all buf[] elements to
(unsigned int):
unsigned char buf[8];
uint32_t usize;
[...]
else {
usize = buf[4] | buf[5] << 8 |
buf[6] << 16 | buf[7] << 24;
[...]
New version:
usize = buf[4];
usize |= (unsigned int)buf[5] << 8;
usize |= (unsigned int)buf[6] << 16;
usize |= (unsigned int)buf[7] << 24;
Only the "<< 24" part needs explicit cast, but for consistency make the
integer promotion explicit and clear to a code reader.
Sponsored by <The NetBSD Foundation>
Obtained from: NetBSD (CVS rev. 1.113)
MFC after: 1 week
2nd argument of vsnprintf() to get the strlen of next_msg so that the
appropriate size is used.
Found with gcc.
/usr.bin/top/display.c: In function 'new_message':
/usr.bin/top/display.c:963:31: error:
argument to 'sizeof' in 'vsnprintf' call is the same expression as the
destination; did you mean to provide an explicit length?
[-Werror=sizeof-pointer-memaccess]
vsnprintf(next_msg, sizeof(next_msg), msgfmt, args);
Reviewed by: daichi
quatactl(2) mechanism. (Read-only at this point, however.)
In particular, this is to allow rpc.rquotad query quotas
for NFS mounts, allowing users to see their quotas on the
hosts using the datasets.
The changes specifically:
* Add new RPC entry points for querying quotas.
* Changes the library routines to allow non-UFS quotas.
* Changes rquotad to check for quotas on mounted filesystems,
rather than being limited to entries in /etc/fstab
* Lastly, adds a VFS entry-point for ZFS to query quotas.
Note that this makes one unavoidable behavioural change: if quotas
are enabled, then they can be queried, as opposed to the current
method of checking for quotas being specified in fstab. (With
ZFS, if there are user or group quotas, they're used, always.)
Reviewed by: delphij, mav
Approved by: mav
Sponsored by: iXsystems Inc
Differential Revision: https://reviews.freebsd.org/D15886
Replace size_t members with ksize_t (uint64_t) and pointer members
(never used as pointers in userspace, but instead as unique
idenitifiers) with kvaddr_t (uint64_t). This makes the structs
identical between 32-bit and 64-bit ABIs.
On 64-bit bit systems, the ABI is maintained. On 32-bit systems,
this is an ABI breaking change. The ABI of most of these structs
was previously broken in r315662. This also imposes a small API
change on userspace consumers who must handle kernel pointers
becoming virtual addresses.
PR: 228301 (exp-run by antoine)
Reviewed by: jtl, kib, rwatson (various versions)
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D15386
args is empty.
Instead, use kvm_getargv() unconditionally to obtain the process
arguments. It means that one additional sysctl(2) is performed there.
Submitted by: Thomas Munro
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D16111
sockstat(1), ugidfw(8)
These are the last of the jail-aware userland utilities that didn't work
with names.
PR: 229266
MFC after: 3 days
Differential Revision: D16047
Fix possible strict aliasing issue (if time_t is the same size as int but
not int but for example long) which also resulted in a false positive
warning on systems with 64-bit time_t. Pointer casts are bad; we can just
copy the time_t.
Elsewhere, avoid casting char * to int * by using memcpy().
Reviewed by: eadler
Differential Revision: https://reviews.freebsd.org/D16075
mode to 'io' mode, an artifact remains because the buffer is not
"finished" with a NULL terminator using sbuf_finish().
An example of this is, when the "m" command is entered, the title line
will contain COMMANDND instead of COMMAND. This commit fixes this.
There isn't any need to limit the size of the screen. Utilities like
'less -S' don't have a (meaningful) limit anyways. This also makes the
way to dynamically changing the column widths based on the screen width.
This code isn't designed to be particularly portable outside of FreeBSD.
To be more specific it doesn't make much sense to support compiling
find(1) on VMS.
This also fixes -mio with 'T' set (thread-id instead of process-id).
This can go further by removing the existing sprintf, and using sbuf
directly. This will be done in a followup commit.
There is no documented reason for this not to be shown on the first run.
I can't find any good reason, and it breaks batch mode.
PR: 218889
Submitted by: "Jeremy C. Reed" <reed@reedmedia.net>
