IP_SENDSRCADDR control with datagram message we reply with. This makes
bsnmpd reply from exactly same address that request was sent to, thus
successfully bypassing stateful firewalls or other kinds of strict checking.
PR: bin/171279
from the control message, actually never worked. This means check_priv()
didn't work for local dgram sockets.
The SCM_CREDS control messages is received only in two cases:
1) If we did setsockopt(LOCAL_CREDS) on our socket, and in this case
the message is struct sockcred.
2) If sender did supplied SCM_CREDS control message in his sendmsg()
syscall. In this case the message is struct cmsgcred.
We can't rely on 2), so we will use 1) for dgram sockets. For stream
sockets it is more reliable to obtain accept-time credentials, since
SCM_CREDS control message is attached only on first read. Thus:
o Do setsockopt(LOCAL_CREDS) on local dgram sockets.
o Split check_priv() into check_priv_stream() and check_priv_dgram(),
and call them from recv_stream() and recv_dgram() respectively.
o Don't provide space for SCM_CREDS control message in recv_stream().
o Provide space for SCM_CREDS control message in recv_dgram(), but there
is no need to initialize anything in it.
o In recv_dgram() do not blindly expect that first message is SCM_CREDS,
instead use correct search cycle through control messages.
encounters a DT_RUNPATH entry, the global dynamic_info[] array is
overrun, causing some other global variable to be overwritten.
In my testcase, this was the section_headers variable, leading to
segfaults or jemalloc assertions when it was freed later on.
Thanks to Koop Mast for providing samples of a few "bad" .so files.
MFC after: 1 week
Merge existing attributes before processing pragmas in friend template
declarations.
Fixes pr13662.
This should help when building Firefox with libc++.
Magic tests containing "search" or "regex" directives were incorrectly
compiled by "mkmagic" and were effectively ignored. This caused troff
files (for example) to be detected as simply "ASCII text" instead of
as "troff or preprocessor input, ASCII text".
PR: bin/170415
Approved by: consensus on developers@
MFC after: 3 days
r238211:
Support TARGET_ARCH=armv6 and TARGET_ARCH=armv6eb
This adds a new TARGET_ARCH for building on ARM
processors that support the ARMv6K multiprocessor
extensions. In particular, these processors have
better support for TLS and mutex operations.
This mostly touches a lot of Makefiles to extend
existing patterns for inferring CPUARCH from ARCH.
It also configures:
* GCC to default to arm1176jz-s
* GCC to predefine __FreeBSD_ARCH_armv6__
* gas to default to ARM_ARCH_V6K
* uname -p to return 'armv6'
* make so that MACHINE_ARCH defaults to 'armv6'
It also changes a number of headers to use
the compiler __ARM_ARCH_XXX__ macros to configure
processor-specific support routines.
Submitted by: Tim Kientzle <kientzle@freebsd.org>
folding to 64 bits, while SHA1 code is big endian. Therefore, a bswap32
is required before using the value.
Without this change, the implementation does not conform to test vector
found in RFC 2289.
PR: bin/170519
Submitted by: Arthur Mesh <arthurmesh gmail com> (with changes)
MFC after: 1 week
This is mostly a no-op other than for ARM where it adds missing
__aeabi_mem* and __aeabi_*divmod functions. Even on ARM these will remain
unused until the rest of the ARM EABI code is merged.
unused -g, -emit-llvm or -w arguments when doing linking. E.g. invoking
"clang -g foo.o -o foo" will now be silent.
Reported by: Jakub Lach <jakub_lach@mailplus.pl>
MFC after: 1 week
in BIND9
High numbers of queries with DNSSEC validation enabled can cause an
assertion failure in named, caused by using a "bad cache" data structure
before it has been initialized.
CVE: CVE-2012-3817
Posting date: 24 July, 2012
including the include directive.
Fix minor build issue corrected by converting yypush_buffer_state and
yypop_buffer_state to yy_set_buffer_state and a hard-coded 100-deep
stack. It was easier to fix it here than to import that support into
our flex.
The new tools and test hardness remain unsupported at the moment.
desired, one can turn off the generation of post-ELF standard dtags by
overriding it with --disable-new-dtags after the default switch.
Immediate effect of the change is that -rpath path is now stored both
in DT_RPATH and DT_RUNPATH tags, which is the right way to provide
rpath for dynamic linker supporting DT_RUNPATH per specification.
Reviewed by: kan
MFC after: 1 month
When marking virtual functions as used for a class' vtable, mark all functions
which will appear in the vtable as used, not just those ones which were
declared within the class itself. Fixes an issue reported as comment#3 in
PR12763 -- we sometimes assert in codegen if we try to emit a reference to a
function declaration which we've not marked as referenced. This also matches
gcc's observed behavior.
This should fix clang assertions when building certain components of the
LibreOffice port.
MFC after: 3 days
adding appropriate table entries, the assembler had to be adjusted as
these are the first non-SSE instructions to use a 3-byte opcode (and a
mandatory prefix to boot).
MFC after: 1 month
instructions. I reimplemented this from scratch based on the Intel
manuals and the existing support for handling the fxsave and fxrstor
instructions. This will let us use these instructions natively with GCC
rather than hardcoding the opcodes in hex.
Reviewed by: kib
MFC after: 1 month
usage on hosts using ZFS. The new line displays the total amount of RAM
used by the ARC along with the size of MFU, MRU, anonymous (in flight),
headers, and other (miscellaneous) sub-categories. The line is not
displayed on systems that are not using ZFS.
Reviewed by: avg, fs@
MFC after: 3 days
The GCC4.3 branch contains some optimization fixes
that were not considered regressions and therefore
were never backported. We are bringing a couple of
them that are under GPLv2 since they were made
before the license switch upstream.
While here, add the GCC revision numbers in the
log.
Discussed with: jkim
MFC after: 1 week
The patches are unexpectedly causing gcc to fail while
building ports/graphics/ImageMagick even when the cpu
flags are not used.
Reported by: Andreas Tobler
Initial support for the AMD barcelona chipsets has been available in the
gcc43 branch under GPLv2 but was not included when the Core 2 support
was brought to the system gcc.
AMD and some linux distributions (OpenSUSE) did a backport of the amdfam10
support and made them available. Unfortunately this is still experimental
and while it can improve performance, enabling the CPUTYPE may break some
C++ ports (like clang).
Special care was taken to make sure that the patches predate the GPLv3
switch upstream.
Tested by: Vladimir Kushnir
Reviewed by: mm
Approved by: jhb (mentor)
MFC after: 2 weeks