Commit Graph

16375 Commits

Author SHA1 Message Date
Don Lewis
fe579263e0 Another attempt at resolving CID 1305629. The test of cmd == -1
may make Coverity think that other negative values of cmd (used
as an index) are possible.  Testing < 0 is a more common idiom
in any case.

Reported by:	Coverity
CID:		1305629
2016-05-13 17:48:04 +00:00
Pedro F. Giffuni
48235fe344 i2c(8): uninitialized variable (UNINIT).
If i2c_opt.width is somehow zero, buf will be left uninitialized and may
cause trouble later on. This is a followup to r299586.

CID:	1331548
2016-05-13 15:57:55 +00:00
Pedro F. Giffuni
9f3dba686c bhyve: consider the bogus case of a negative bar idx.
This is a followup to r297472 to squelch Coverity.

CID:	1194319
2016-05-13 14:59:02 +00:00
Pedro F. Giffuni
40dbeed32b bhyve: replace uninitialized variable "offset".
Use io->io_req.br_offset instead.

Suggested by:	grehan
CID:		1288937
2016-05-13 14:38:04 +00:00
Don Lewis
7a7c07ef51 Properly compute the size argument to pass to malloc().
Reported by:	Coverity
CID:		1198856
MFC after:	1 week
2016-05-13 06:45:16 +00:00
Don Lewis
ae092f753a Move a call to cam_freeccb() to avoid a use after free error and
a later double free.

Reported by:	Coverity
CID:		1018507
MFC after:	1 week
2016-05-13 06:26:42 +00:00
Don Lewis
aa60f7a6de Revert r299584:
Mark usage() as __dead2 so that Coverity doesn't think that execution
  continues after the call and uses a negative array subscript.

Requested by:	bde
2016-05-13 05:39:29 +00:00
Pedro F. Giffuni
b1f46f712f i2c(8): uninitialized variable (UNINIT).
If i2c_opt.width is somehow zero, the bufsize will be left uninitialized
and make cause trouble later on.

CID:		1331549
2016-05-13 02:58:11 +00:00
Don Lewis
e402dde82d Mark usage() as __dead2 so that Coverity doesn't think that execution
continues after the call and uses a negative array subscript.

Reported by:	Coverity
CID:		1305629
2016-05-13 01:14:38 +00:00
Don Lewis
a5f637460b Avoid indexing an array with a negative value.
Reported by:	Coverity
CID:		971121
2016-05-13 00:58:05 +00:00
Don Lewis
5d29410d37 Use strlcpy() instead of strncpy() to ensure that ret->name is
NUL terminated.  The source and destination buffers are the same
size and the source *should* be NUL terminated, but be paranoid.

Reported by:	Coverity
CID:		1011274
MFC after:	1 week
2016-05-13 00:17:57 +00:00
Don Lewis
3b7e0c53d5 Use strlcpy() instead of strncpy() to ensure that qup->fsname is NUL
terminated.  Don't bother checking for truncation since the subsequent
quota_read() should detect that and fail.

Reported by:	Coverity
CID:		1009980
MFC after:	1 week
2016-05-13 00:02:03 +00:00
Don Lewis
90abdc2dd7 Use strlcpy() instead of strncpy() when copying to dom_domain to
ensure that the latter is NUL terminated since it is passed
as an argument to *printf().

Warn about NIS domains that are too long.

Reported by:	Coverity
CID:		1009620, 1009621
MFH:		1 week
2016-05-12 21:35:40 +00:00
Conrad Meyer
a09a9cbb40 rtadvd(8): Fix use-after-close in cm_handler_client
cm_send() closes 'fd' on error.  In that case, bail out early without trying to
recv from or close 'fd' again.

Reported by:	Coverity
CID:		1006078
Sponsored by:	EMC / Isilon Storage Division
2016-05-12 05:12:24 +00:00
Conrad Meyer
5c4eb89746 rtadvd(8): Don't use-after-free
This whole block of code as committed fully formed in r224144.  I'm not really
sure what the intent was, but it seems plausible that !persist ifis could need
other member cleanup.  Don't free the object until after we've finished
cleaning its members.

Reported by:	Coverity
CID:		1006079
Sponsored by:	EMC / Isilon Storage Division
2016-05-12 04:54:32 +00:00
Conrad Meyer
96aec9a5e9 rtadvd(8): Fix a typo in full msg receive logic
Check against the size of the struct, not the pointer.  Previously, a message
with a cm_len between 9 and 23 (inclusive) could cause int msglen to underflow
and read(2) to be invoked with msglen size (implicitly cast to signed),
overrunning the caller-provided buffer.

All users of cm_recv() supply a stack buffer.

On the other hand, the rtadvd control socket appears to only be writable by the
owner, who is probably root.

While here, correct some types to be size_t or ssize_t.

Reported by:	Coverity
CID:		1008477
Security:	unix socket remotes may overflow stack in rtadvd
Sponsored by:	EMC / Isilon Storage Division
2016-05-12 03:37:17 +00:00
Pedro F. Giffuni
ac97203f5b traceroute6(8): use NULL instead of zero for initializing a pointer. 2016-05-12 02:05:50 +00:00
Conrad Meyer
134fd583cb route6d(8): Fix potential double-free
In the case that the subsequent sysctl(3) call failed, 'buf' could be free(3)ed
repeatedly.  It isn't clear to me that that case is possible, but be clear and
do the right thing in case it is.

Reported by:	Coverity
CID:		272537
Sponsored by:	EMC / Isilon Storage Division
2016-05-11 22:33:20 +00:00
Conrad Meyer
02dc4f1751 mixer(8): Style: Tag no-return usage() as __dead2
Coverity really should have figured this out from the exit(3) call at the end
of the routine, but just make it explicit.

No functional change.

Reported by:	Coverity
CID:		1304866 (false positive double-close of 'baz')
Sponsored by:	EMC / Isilon Storage Division
2016-05-11 17:27:27 +00:00
Conrad Meyer
16f6b6f174 ffs_bswap: Copy one UFS dinode member at a time
No functional change.

Reported by:	Coverity
CIDs:		974635, 974636, 977396, 977397, 977398, 977399
Sponsored by:	EMC / Isilon Storage Division
2016-05-11 16:42:13 +00:00
Allan Jude
06445fc0fa bsdinstall/zfsboot: Do not mirror swap when swapsize is 0
PR:		209415
Submitted by:	Ganael LAPLANCHE <ganael.laplanche@corp.ovh.com>
MFC after:	2 weeks
2016-05-10 14:38:43 +00:00
Baptiste Daroussin
79477f3ca1 Directly set the NONBLOCK flags when creating the socket
No functional changes
2016-05-10 11:18:53 +00:00
Baptiste Daroussin
a9c48188b8 Rename getline with get_line to avoid collision with getline(3)
When getline(3) in 2009 was added a _WITH_GETLINE guard has also been added.
This rename is made in preparation for the removal of this guard
2016-05-10 11:17:19 +00:00
Baptiste Daroussin
f03ef8405b Rename getline with get_line to avoid collision with getline(3)
When getline(3) in 2009 was added a _WITH_GETLINE guard has also been added.
This rename is made in preparation for the removal of this guard
2016-05-10 11:12:31 +00:00
Baptiste Daroussin
8c98e6b1a7 Replace fparseln(3) with getline(3) to remove dependency on libutil 2016-05-09 20:04:22 +00:00
Enji Cooper
430f7286a5 Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed
after r298107

Summary of changes:

- Replace all instances of FILES/TESTS with ${PACKAGE}FILES. This ensures that
  namespacing is kept with FILES appropriately, and that this shouldn't need
  to be repeated if the namespace changes -- only the definition of PACKAGE
  needs to be changed
- Allow PACKAGE to be overridden by callers instead of forcing it to always be
  `tests`. In the event we get to the point where things can be split up
  enough in the base system, it would make more sense to group the tests
  with the blocks they're a part of, e.g. byacc with byacc-tests, etc
- Remove PACKAGE definitions where possible, i.e. where FILES wasn't used
  previously.
- Remove unnecessary TESTSPACKAGE definitions; this has been elided into
  bsd.tests.mk
- Remove unnecessary BINDIRs used previously with ${PACKAGE}FILES;
  ${PACKAGE}FILESDIR is now automatically defined in bsd.test.mk.
- Fix installation of files under data/ subdirectories in lib/libc/tests/hash
  and lib/libc/tests/net/getaddrinfo
- Remove unnecessary .include <bsd.own.mk>s (some opportunistic cleanup)

Document the proposed changes in share/examples/tests/tests/... via examples
so it's clear that ${PACKAGES}FILES is the suggested way forward in terms of
replacing FILES. share/mk/bsd.README didn't seem like the appropriate method
of communicating that info.

MFC after: never probably
X-MFC with: r298107
PR: 209114
Relnotes: yes
Tested with: buildworld, installworld, checkworld; buildworld, packageworld
Sponsored by: EMC / Isilon Storage Division
2016-05-04 23:20:53 +00:00
Alan Somers
8907f744ff Improve performance and functionality of the bitstring(3) api
Two new functions are provided, bit_ffs_at() and bit_ffc_at(), which allow
for efficient searching of set or cleared bits starting from any bit offset
within the bit string.

Performance is improved by operating on longs instead of bytes and using
ffsl() for searches within a long. ffsl() is a compiler builtin in both
clang and gcc for most architectures, converting what was a brute force
while loop search into a couple of instructions.

All of the bitstring(3) API continues to be contained in the header file.
Some of the functions are large enough that perhaps they should be uninlined
and moved to a library, but that is beyond the scope of this commit.

sys/sys/bitstring.h:
        Convert the majority of the existing bit string implementation from
        macros to inline functions.

        Properly protect the implementation from inadvertant macro expansion
        when included in a user's program by prefixing all private
        macros/functions and local variables with '_'.

        Add bit_ffs_at() and bit_ffc_at(). Implement bit_ffs() and
        bit_ffc() in terms of their "at" counterparts.

        Provide a kernel implementation of bit_alloc(), making the full API
        usable in the kernel.

        Improve code documenation.

share/man/man3/bitstring.3:
        Add pre-exisiting API bit_ffc() to the synopsis.

        Document new APIs.

        Document the initialization state of the bit strings
        allocated/declared by bit_alloc() and bit_decl().

        Correct documentation for bitstr_size(). The original code comments
        indicate the size is in bytes, not "elements of bitstr_t". The new
        implementation follows this lead. Only hastd assumed "elements"
        rather than bytes and it has been corrected.

etc/mtree/BSD.tests.dist:
tests/sys/Makefile:
tests/sys/sys/Makefile:
tests/sys/sys/bitstring.c:
        Add tests for all existing and new functionality.

include/bitstring.h
	Include all headers needed by sys/bitstring.h

lib/libbluetooth/bluetooth.h:
usr.sbin/bluetooth/hccontrol/le.c:
        Include bitstring.h instead of sys/bitstring.h.

sbin/hastd/activemap.c:
        Correct usage of bitstr_size().

sys/dev/xen/blkback/blkback.c
        Use new bit_alloc.

sys/kern/subr_unit.c:
        Remove hard-coded assumption that sizeof(bitstr_t) is 1.  Get rid of
        unrb.busy, which caches the number of bits set in unrb.map.  When
        INVARIANTS are disabled, nothing needs to know that information.
        callapse_unr can be adapted to use bit_ffs and bit_ffc instead.
        Eliminating unrb.busy saves memory, simplifies the code, and
        provides a slight speedup when INVARIANTS are disabled.

sys/net/flowtable.c:
        Use the new kernel implementation of bit-alloc, instead of hacking
        the old libc-dependent macro.

sys/sys/param.h
        Update __FreeBSD_version to indicate availability of new API

Submitted by:   gibbs, asomers
Reviewed by:    gibbs, ngie
MFC after:      4 weeks
Sponsored by:   Spectra Logic Corp
Differential Revision:  https://reviews.freebsd.org/D6004
2016-05-04 22:34:11 +00:00
Alan Somers
79e29f957a Fix "getextattr -x" with non-ascii attribute values
extattr/rmextattr.c
	When printing hex output, treat all attribute values as unsigned
	char arrays instead of sign extending them to 32 bit values.

extattr/tests/extattr_test.sh
	Add a regression test

PR:		209039
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
2016-05-04 21:07:30 +00:00
Alan Somers
c29930cfd6 Allow setextattr(8) to take attribute values from stdin
Add the -i option to setextattr. This option allow extended attribute data
to be provided via stdin. Add a -qq option to getextattr, which omits the
trailing newline. Together these options can be used to work with extended
attributes whose values are large and/or binary.

usr.sbin/extattr/Makefile:
	Link against libsbuf which is used for processing stdin data.

usr.sbin/extattr/rmextattr.8:
	Document setextattr's -i option, getextattr's -qq option, and remove
	the BUG about setextattr only being useful for strings.

usr.sbin/extattr/rmextattr.c:
	For setextattr operations, buffer attribute data in an sbuf. If -i
	is specified, pull the data from stdin, otherwise from the
	appropriate argurment.

	Update usage text and argument validation code for setextattr's -i
	option.

usr.sbin/extattr/tests/extattr_test.sh
	Add tests for -q and -i.

Reviewed by:	wblock (manpage)
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D6090
2016-05-04 20:20:55 +00:00
Pedro F. Giffuni
989531dc9f pmcstudy.8: minor "efficiency" fix.
No functional change.
2016-05-03 22:20:55 +00:00
Andriy Voskoboinyk
6d8e01b078 bsdinstall: fix static address assignment for protected wireless networks.
Filter out IFCONFIG_PREFIX variable (which may contain WPA keyword)
from ifconfig parameters.

PR:		169199
2016-05-02 21:40:34 +00:00
Pedro F. Giffuni
e9fc928faa rpcbind: use our roundup() macro when available through <sys/param.h>.
No functional change.
2016-05-02 02:15:05 +00:00
Pedro F. Giffuni
6e560add61 quot: make use of our rounddown() macro when <sys/param.h> is available.
No functional change.
2016-05-02 02:13:22 +00:00
Marcelo Araujo
a175f065d9 Use MIN macro from sys/param.h.
MFC after:	2 weeks.
2016-05-02 01:49:42 +00:00
Marcelo Araujo
a8945bbf62 Use MIN/MAX macros from sys/param.h.
MFC after:	2 weeks.
2016-05-02 01:47:13 +00:00
Marcelo Araujo
eff97b5e63 Use MIN macro from sys/param.h.
MFC after:	2 weeks.
2016-05-02 01:45:52 +00:00
Marcelo Araujo
a1b422f4d6 Use MAX macro from sys/param.h.
MFC after:	2 weeks.
2016-05-02 01:43:22 +00:00
Jamie Gritton
a8702c8383 typo
Submitted by:	Jimmy Olgeni
2016-05-01 16:48:03 +00:00
Pedro F. Giffuni
b5635ba0a2 usr.sbin: minor spelling fixes on comments.
No functional change.
2016-05-01 16:41:25 +00:00
Pedro F. Giffuni
d7b1cc0a3c pmcstat: minor spelling fixes.
Mostly comments bur also a user-visible string.

MFC after:	2 weeks
2016-05-01 16:40:56 +00:00
Pedro F. Giffuni
ec65e4f8d0 usr.sbin/bsdconfig: minor spelling fixes on comments.
No functional change.
2016-05-01 16:38:12 +00:00
Pedro F. Giffuni
beb45c4fd4 bluetooth: minor spelling fixes.
User-visible strings.

MFC after:	2 weeks
2016-05-01 16:36:14 +00:00
Jamie Gritton
ab9604e1bb Clarify when happens when there is a "depend" parameter in jail.conf,
and how this affects the "jail_list" option in rc.conf.
2016-04-30 21:27:41 +00:00
Glen Barber
49dae58b28 Fix including Kyuafile in packaged base system.
Fix a related typo while here.

Note, this change results in the Kyuafile inclusion in the runtime
package, which needs to be fixed, however addresses the PR as far
as I can tell in my tests.

PR:		209114
Submitted by:	ngie
Sponsored by:	The FreeBSD Foundation
2016-04-29 05:28:40 +00:00
Enji Cooper
a08b636a9d Use a better idiom for finding UTC prefixed timezones
Instead of copy-pasting the string literal for "UTC" 3 times and using
strlen, use a static char[3] buffer and sizeof(..).

MFC after: 3 days
X-MFC with: r298507
Submitted by: kib
Sponsored by: EMC / Isilon Storage Division
2016-04-28 17:57:17 +00:00
Alan Somers
654399bfd4 Add PACKAGE fields to usr.sbin/extattr/tests/Makefile
usr.sbin/extattr/tests/Makefile
	Add boiler plate required by 298107 but omitted by 298483.  These
	two changes passed through CR in parallel.  I think this should get
	the full test suite running in Jenkins again.

MFC after:	22 days
X-MFC-with:	298483
Sponsored by:	Spectra Logic Corp
2016-04-28 15:13:50 +00:00
Jung-uk Kim
f8146b882b Merge ACPICA 20160422. 2016-04-27 19:09:21 +00:00
John Baldwin
88eb5c506d Add 'devctl delete' that calls device_delete_child().
'devctl delete' can be used to delete a device that is no longer present.
As an anti-foot-shooting measure, 'delete' will not delete a device
unless it's parent bus says it is no longer present.  This can be
overridden by passing the force ('-f') flag.

Note that this command should be used with care.  If a device is deleted
that is actually present it can't be resurrected unless the parent bus
device's driver supports rescans.

Differential Revision:	https://reviews.freebsd.org/D6019
2016-04-27 16:33:17 +00:00
John Baldwin
a907c6914c Add a new rescan method to the bus interface.
The BUS_RESCAN() method rescans a single bus device checking for devices
that have been added or removed from the bus.  A new 'rescan' command is
added to devctl(8) to trigger a rescan.

Differential Revision:	https://reviews.freebsd.org/D6016
2016-04-27 16:29:03 +00:00
Xin LI
4990d495fc MFV r298691:
ntp 4.2.8p7.

Security:	CVE-2016-1547, CVE-2016-1548, CVE-2016-1549, CVE-2016-1550
Security:	CVE-2016-1551, CVE-2016-2516, CVE-2016-2517, CVE-2016-2518
Security:	CVE-2016-2519
Security:	FreeBSD-SA-16:16.ntp
With hat:	so
2016-04-27 07:46:38 +00:00