may make Coverity think that other negative values of cmd (used
as an index) are possible. Testing < 0 is a more common idiom
in any case.
Reported by: Coverity
CID: 1305629
NUL terminated. The source and destination buffers are the same
size and the source *should* be NUL terminated, but be paranoid.
Reported by: Coverity
CID: 1011274
MFC after: 1 week
terminated. Don't bother checking for truncation since the subsequent
quota_read() should detect that and fail.
Reported by: Coverity
CID: 1009980
MFC after: 1 week
ensure that the latter is NUL terminated since it is passed
as an argument to *printf().
Warn about NIS domains that are too long.
Reported by: Coverity
CID: 1009620, 1009621
MFH: 1 week
cm_send() closes 'fd' on error. In that case, bail out early without trying to
recv from or close 'fd' again.
Reported by: Coverity
CID: 1006078
Sponsored by: EMC / Isilon Storage Division
This whole block of code as committed fully formed in r224144. I'm not really
sure what the intent was, but it seems plausible that !persist ifis could need
other member cleanup. Don't free the object until after we've finished
cleaning its members.
Reported by: Coverity
CID: 1006079
Sponsored by: EMC / Isilon Storage Division
Check against the size of the struct, not the pointer. Previously, a message
with a cm_len between 9 and 23 (inclusive) could cause int msglen to underflow
and read(2) to be invoked with msglen size (implicitly cast to signed),
overrunning the caller-provided buffer.
All users of cm_recv() supply a stack buffer.
On the other hand, the rtadvd control socket appears to only be writable by the
owner, who is probably root.
While here, correct some types to be size_t or ssize_t.
Reported by: Coverity
CID: 1008477
Security: unix socket remotes may overflow stack in rtadvd
Sponsored by: EMC / Isilon Storage Division
In the case that the subsequent sysctl(3) call failed, 'buf' could be free(3)ed
repeatedly. It isn't clear to me that that case is possible, but be clear and
do the right thing in case it is.
Reported by: Coverity
CID: 272537
Sponsored by: EMC / Isilon Storage Division
Coverity really should have figured this out from the exit(3) call at the end
of the routine, but just make it explicit.
No functional change.
Reported by: Coverity
CID: 1304866 (false positive double-close of 'baz')
Sponsored by: EMC / Isilon Storage Division
after r298107
Summary of changes:
- Replace all instances of FILES/TESTS with ${PACKAGE}FILES. This ensures that
namespacing is kept with FILES appropriately, and that this shouldn't need
to be repeated if the namespace changes -- only the definition of PACKAGE
needs to be changed
- Allow PACKAGE to be overridden by callers instead of forcing it to always be
`tests`. In the event we get to the point where things can be split up
enough in the base system, it would make more sense to group the tests
with the blocks they're a part of, e.g. byacc with byacc-tests, etc
- Remove PACKAGE definitions where possible, i.e. where FILES wasn't used
previously.
- Remove unnecessary TESTSPACKAGE definitions; this has been elided into
bsd.tests.mk
- Remove unnecessary BINDIRs used previously with ${PACKAGE}FILES;
${PACKAGE}FILESDIR is now automatically defined in bsd.test.mk.
- Fix installation of files under data/ subdirectories in lib/libc/tests/hash
and lib/libc/tests/net/getaddrinfo
- Remove unnecessary .include <bsd.own.mk>s (some opportunistic cleanup)
Document the proposed changes in share/examples/tests/tests/... via examples
so it's clear that ${PACKAGES}FILES is the suggested way forward in terms of
replacing FILES. share/mk/bsd.README didn't seem like the appropriate method
of communicating that info.
MFC after: never probably
X-MFC with: r298107
PR: 209114
Relnotes: yes
Tested with: buildworld, installworld, checkworld; buildworld, packageworld
Sponsored by: EMC / Isilon Storage Division
Two new functions are provided, bit_ffs_at() and bit_ffc_at(), which allow
for efficient searching of set or cleared bits starting from any bit offset
within the bit string.
Performance is improved by operating on longs instead of bytes and using
ffsl() for searches within a long. ffsl() is a compiler builtin in both
clang and gcc for most architectures, converting what was a brute force
while loop search into a couple of instructions.
All of the bitstring(3) API continues to be contained in the header file.
Some of the functions are large enough that perhaps they should be uninlined
and moved to a library, but that is beyond the scope of this commit.
sys/sys/bitstring.h:
Convert the majority of the existing bit string implementation from
macros to inline functions.
Properly protect the implementation from inadvertant macro expansion
when included in a user's program by prefixing all private
macros/functions and local variables with '_'.
Add bit_ffs_at() and bit_ffc_at(). Implement bit_ffs() and
bit_ffc() in terms of their "at" counterparts.
Provide a kernel implementation of bit_alloc(), making the full API
usable in the kernel.
Improve code documenation.
share/man/man3/bitstring.3:
Add pre-exisiting API bit_ffc() to the synopsis.
Document new APIs.
Document the initialization state of the bit strings
allocated/declared by bit_alloc() and bit_decl().
Correct documentation for bitstr_size(). The original code comments
indicate the size is in bytes, not "elements of bitstr_t". The new
implementation follows this lead. Only hastd assumed "elements"
rather than bytes and it has been corrected.
etc/mtree/BSD.tests.dist:
tests/sys/Makefile:
tests/sys/sys/Makefile:
tests/sys/sys/bitstring.c:
Add tests for all existing and new functionality.
include/bitstring.h
Include all headers needed by sys/bitstring.h
lib/libbluetooth/bluetooth.h:
usr.sbin/bluetooth/hccontrol/le.c:
Include bitstring.h instead of sys/bitstring.h.
sbin/hastd/activemap.c:
Correct usage of bitstr_size().
sys/dev/xen/blkback/blkback.c
Use new bit_alloc.
sys/kern/subr_unit.c:
Remove hard-coded assumption that sizeof(bitstr_t) is 1. Get rid of
unrb.busy, which caches the number of bits set in unrb.map. When
INVARIANTS are disabled, nothing needs to know that information.
callapse_unr can be adapted to use bit_ffs and bit_ffc instead.
Eliminating unrb.busy saves memory, simplifies the code, and
provides a slight speedup when INVARIANTS are disabled.
sys/net/flowtable.c:
Use the new kernel implementation of bit-alloc, instead of hacking
the old libc-dependent macro.
sys/sys/param.h
Update __FreeBSD_version to indicate availability of new API
Submitted by: gibbs, asomers
Reviewed by: gibbs, ngie
MFC after: 4 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D6004
extattr/rmextattr.c
When printing hex output, treat all attribute values as unsigned
char arrays instead of sign extending them to 32 bit values.
extattr/tests/extattr_test.sh
Add a regression test
PR: 209039
MFC after: 4 weeks
Sponsored by: Spectra Logic Corp
Add the -i option to setextattr. This option allow extended attribute data
to be provided via stdin. Add a -qq option to getextattr, which omits the
trailing newline. Together these options can be used to work with extended
attributes whose values are large and/or binary.
usr.sbin/extattr/Makefile:
Link against libsbuf which is used for processing stdin data.
usr.sbin/extattr/rmextattr.8:
Document setextattr's -i option, getextattr's -qq option, and remove
the BUG about setextattr only being useful for strings.
usr.sbin/extattr/rmextattr.c:
For setextattr operations, buffer attribute data in an sbuf. If -i
is specified, pull the data from stdin, otherwise from the
appropriate argurment.
Update usage text and argument validation code for setextattr's -i
option.
usr.sbin/extattr/tests/extattr_test.sh
Add tests for -q and -i.
Reviewed by: wblock (manpage)
MFC after: 4 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D6090
Fix a related typo while here.
Note, this change results in the Kyuafile inclusion in the runtime
package, which needs to be fixed, however addresses the PR as far
as I can tell in my tests.
PR: 209114
Submitted by: ngie
Sponsored by: The FreeBSD Foundation
Instead of copy-pasting the string literal for "UTC" 3 times and using
strlen, use a static char[3] buffer and sizeof(..).
MFC after: 3 days
X-MFC with: r298507
Submitted by: kib
Sponsored by: EMC / Isilon Storage Division
usr.sbin/extattr/tests/Makefile
Add boiler plate required by 298107 but omitted by 298483. These
two changes passed through CR in parallel. I think this should get
the full test suite running in Jenkins again.
MFC after: 22 days
X-MFC-with: 298483
Sponsored by: Spectra Logic Corp
'devctl delete' can be used to delete a device that is no longer present.
As an anti-foot-shooting measure, 'delete' will not delete a device
unless it's parent bus says it is no longer present. This can be
overridden by passing the force ('-f') flag.
Note that this command should be used with care. If a device is deleted
that is actually present it can't be resurrected unless the parent bus
device's driver supports rescans.
Differential Revision: https://reviews.freebsd.org/D6019
The BUS_RESCAN() method rescans a single bus device checking for devices
that have been added or removed from the bus. A new 'rescan' command is
added to devctl(8) to trigger a rescan.
Differential Revision: https://reviews.freebsd.org/D6016