Commit Graph

7335 Commits

Author SHA1 Message Date
avg
3dc57aad8c [fix to r253380] __setenv: be explicit about placing '=' after name
This should a regression introduced in r253380 if malloc'ed memory
happens to have '=' at the right place.

Reported by:	ache
Pointyhat to:	me (avg)
MFC after:	1 day
X-MFC with:	r253380
2013-07-17 08:45:27 +00:00
avg
1afb4f2886 libc: name passed into __setenv is not necessarily NUL-terminated
That's particularly true when __setenv is called from __merge_environ.

MFC after:	4 days
2013-07-16 07:26:46 +00:00
hrs
2336066e66 Fix mdoc syntax.
Pointed out by:	joeld
2013-07-13 08:17:55 +00:00
schweikh
1747a8a491 Typo corrected. 2013-07-12 17:37:05 +00:00
marius
98abe96b02 Prefix the alias macros for members of struct __mcontext with an underscore
in order to avoid a clash in the net80211 code.
2013-07-12 14:24:52 +00:00
hrs
ef82e58667 Add a leaf node CTL_NET.PF_ROUTE.0.AF.NET_RT_DUMP.0.FIB. This returns
routing table with the specified FIB number, not td->td_proc->p_fibnum.
2013-07-12 12:36:12 +00:00
tuexen
247743cbba Fix the handling of SCTP_CURRENT_ASSOC and SCTP_ALL_ASSOC in
sctp_opt_info().

MFC after: 3 days
2013-07-09 19:12:47 +00:00
tuexen
e20c3d7ebb Fix a bug where SCTP_ENABLE_STREAM_RESET is not handled by
sctp_opt_info().

MFC after: 3 days
2013-07-09 19:04:19 +00:00
hrs
feae44327c Update references. 2013-07-09 08:23:43 +00:00
jilles
0a786bb76e mktemp(3): Add standards section. Prefer standard header.
mktemp(), mkstemp() and mkdtemp() are available in standard <stdlib.h> and
also in <unistd.h>. Encourage use of the former by listing it in the
synopsis.
2013-07-05 20:24:50 +00:00
ache
be7c32fd30 Style fix noted by bde@ 2013-07-04 12:35:39 +00:00
ache
6c9946f64c After fixing ranges restore POSIX requirement: rand() call without
srand() must be the same as srand(1); rand();
(yet one increment)
2013-07-04 00:02:10 +00:00
ache
bb909148e9 In addition to prev. commit, for repeated rand_r(3) calls don't forget
to compensate back at the end incremented at the start internal
state.

MFC after:      2 weeks
2013-07-03 23:27:04 +00:00
ache
295fb8ce1a 1) POSIX requires rand(3) return values to be in the [0, RAND_MAX] range,
but ACM formula we use have internal state (and return value) in the
[1, 0x7ffffffe] range, so our RAND_MAX (0x7fffffff) is never reached
because it is off by one, zero is not reached too.

Correct both RAND_MAX and rand(3) return value, shifting last one
to the 0 by 1 subtracted, resulting POSIXed [0, 0x7ffffffd(=new RAND_MAX)]
range.

2) Add a checks for not overflowing on too big seeds. It may happens on
the machines, where sizeof(unsigned int) > 32 bits.

Reviewed by:    bde [1]
MFC after:      2 weeks
2013-07-03 21:21:54 +00:00
peter
300dfeb2c4 Make it clear that there are three separate internal locks. 2013-07-03 18:35:21 +00:00
peter
7adacbf288 As a followup to r252547, propate const down the call stack. 2013-07-03 18:27:45 +00:00
peter
a02844e93b Replace the #define for "iconv" so it is for the function name instead of
a macro with parameters.  Remove a __DECONST hack and add consts instead
for gnu libiconv API compatability.  This makes it work with things like
devel/boost-libs that expects to use "iconv" as though it were a pointer.
2013-07-03 07:03:19 +00:00
peter
4a24ccbeb9 If strdup failed, don't try and free the wrong thing. 2013-07-01 08:38:31 +00:00
peter
c77016ccda __weak_alias() doesn't exist on FreeBSD. Use __weak_reference();
Expose iconv functions as weak symbols as well as their internal
remapped #define names.  This is necessary for autoconf compatability -
on Linux it appears that #include <iconv.h> isn't a link time
prerequisite for their version that's built into glibc.

Initialize the pthread rwlock.  Note that upstream has three
separate locks.  The file-local static lock appears intentional.

I'm using this as a ports-compatible compile-time substitute for
converters/libiconv on one of my personal machines.
2013-07-01 08:06:26 +00:00
jilles
cf3175531d libc: Access _sigintr more efficiently.
The variable _sigintr is not exported via the version script; therefore,
tell the compiler that no indirection (to allow interposition) is needed.
2013-06-30 20:51:15 +00:00
emaste
a027d64fa7 Renumber clauses to reduce diffs to other versions
NetBSD, OpenBSD, and Android's Bionic number the clauses 1 through 3,
so follow suit to make comparison easier.
2013-06-13 00:19:30 +00:00
jlh
83a1b942fa Turn libc.so into an ld script rather than a symlink pointing to the
real shared object and libssp_nonshared.a.

This was the last showstopper that prevented from enabling SSP for ports
by default.  portmgr@ performed a buildworld which showed no significant
breakage with this patch.

Details:

On i386 for PIC objects, gcc uses the __stack_chk_fail_local hidden
symbol instead of calling __stack_chk_fail directly [1].  This happen
not only with our gcc-4.2.1 but also with the latest gcc-4.8.  If you
want the very nasty details, see [2].

OTOH the problem doesn't exist on other architectures.  It also doesn't
exist with Clang as the latter will somehow manage to create the
function in the object file at compile time (contrary to only
referencing it through a symbol that will be brought in at link time).

In a perfect world, when an object file is compiled with
-fstack-protector, it will be linked into a binary or a DSO with this
same flag as well, so GCC will add libssp_nonshared.a to the linker
command-line.  Unfortunately, we don't control softwares in ports and we
may have such broken DSO.  This is the whole point of this patch.

You can reproduce the problem on i386 by compiling a source file into an
object file with "-fstack-protector-all -fPIE" and linking it
into a binary without "-fstack-protector".

This ld script automatically proposes libssp_nonshared.a along with the
real libc DSO to the linker.  It is important to understand that the
object file contained in this library will be pulled in the resulting
binary _only if_ the linker notices one of its symbols is needed (i.e.
one of the SSP symbol is missing).

A theorical performance impact could be when compiling, but my testing
showed less than 0.1% of difference.

[1] For 32-bit code gcc saves the PIC register setup by using
    __stack_chk_fail_local hidden function instead of calling
    __stack_chk_fail directly.  See comment line 19460 in:
    src/contrib/gcc/config/i386/i386.c

[2] When compiling a source file to an object file, if you use something
    which is external to the compilation unit, GCC doesn't know yet if
    this symbol will be inside or outside the DSO.  So it expects the
    worst case and routes the symbol through the GOT, which means
    additional space and extra relocation for rtld(1).

    Declaring a symbol has hidden tells GCC to use the optimal route (no
    GOT), but on the other hand this means the symbol has to be provided
    in the same DSO (namely libssp_nonshared.a).

    On i386, GCC actually uses an hidden symbol for SSP in PIC objects
    to save PIC register setup, as said in [1].

PR:		ports/138228
PR:		ports/168010
Reviewed by:	kib, kan
2013-06-12 21:12:05 +00:00
jilles
6d7e4bda61 Make recv() and send() cancellation points, as required by POSIX.
Call the recvfrom() and sendto() functions overridden by libthr instead of
the _recvfrom() and _sendto() versions that are not cancellation points.
2013-06-09 14:31:59 +00:00
joel
e70187851b Minor mdoc fixes. 2013-06-09 07:15:43 +00:00
jilles
a1d0d12367 sigaction(2): Document various non-POSIX functions as async-signal safe. 2013-06-08 13:45:43 +00:00
glebius
9a02f3097d Add new system call - aio_mlock(). The name speaks for itself. It allows
to perform the mlock(2) operation, which can consume a lot of time, under
control of aio(4).

Reviewed by:	kib, jilles
Sponsored by:	Nginx, Inc.
2013-06-08 13:27:57 +00:00
andrew
f0368ab7ce Finish pulling in the NetBSD setjmp/longjmp updates on ARM.
Store/restore the VFP registers in setjmp/longjmp on ARM EABI if VFP is
enabled in the kernel. It checks the hw.floatingpoint sysctl to see if
floating-point is available and uses this to determine if it should store
them. If it does it uses a different magic value so longjmp is able to know
if it should load them.
2013-06-07 22:01:06 +00:00
andrew
5019f3505f Include machine/setjmp.h to get the definition of _JB_MAGIC__SETJMP. This
allows us to remove it from the ARM copy of machine/asm.h.
2013-06-07 21:13:28 +00:00
emaste
c454baff9f Switch to 2-clause license and standard text
Approved by:	bms@
2013-06-06 21:09:27 +00:00
andrew
ad8f128861 Remove part of the NetBSD longjmp code that was not ready to be merged. 2013-06-05 07:37:45 +00:00
andrew
26032149e7 Start to merge the updated ARM NetBSD setjump/longjmp functions. To begin
with merge the functions but leave out the code to save/load the VFP
registers as that requires other changes to ensure the VFP is enabled
first.

This removes storing the old fpa registers. These were never fully
supported, and the only user of this code I can find have moved to newer
CPUs which use a VFP.
2013-06-04 19:47:26 +00:00
joel
a6e9df7131 mdoc: convert .Fd to .In, which is much nicer. 2013-06-04 07:37:06 +00:00
ed
d6e16cad4c Add libiconv based versions of *c16*() and *c32*().
I initially thought wchar_t was locale independent, but this seems to be
only the case on Linux. This means that we cannot depend on the *wc*()
routines to implement *c16*() and *c32*(). Instead, use the Citrus
libiconv that is part of libc.

I'll see if there is anything I can do to make the existing functions
somewhat useful in case the system is built without libiconv in the
nearby future. If not, I'll simply remove the broken implementations.

Reviewed by:	jilles, gabor
2013-06-03 17:17:56 +00:00
emaste
4cb7f1fd6f Switch to 2-clause license
Approved by:	bms@
2013-06-03 12:43:09 +00:00
jilles
1bc49fde32 dup(2): Clarify return value, in particular of dup2(). 2013-05-31 22:09:31 +00:00
jilles
a9aa217d94 sigaction(2): *at system calls are async-signal safe. 2013-05-31 21:31:38 +00:00
jilles
1d33a1f2f5 sigaction(2): Extend description of async-signal safe functions:
* Improve description when unsafe functions are unsafe.
* Add various safe functions from POSIX.1-2008 and Austin Group issue #692.
2013-05-31 21:25:51 +00:00
jilles
c541a64022 fork(2): Add information about fork() in multi-threaded processes.
There is nothing about pthread_atfork(3) or extensions like calling
malloc(3) in the child process as this may be unreliable or broken.
2013-05-31 20:46:08 +00:00
jilles
4fce276969 fork(2): #include <sys/types.h> is not needed. 2013-05-31 14:48:37 +00:00
emaste
92a0da3686 Remove clause 3 and 4 from TNF licenses
Per the NetBSD Foundation statement
  Third parties are encouraged to change the license on any files which
  have a 4-clause license contributed to the NetBSD Foundation to a
  2-clause license.
2013-05-29 01:54:10 +00:00
emaste
15a12aabf8 Remove the advertising clause from the Regents of the University of
California's license, per the letter dated July 22, 1999.
2013-05-28 21:05:06 +00:00
emaste
324e4c082c Renumber clauses to reduce diffs to other versions
NetBSD, OpenBSD, and Android's Bionic number the clauses 1 through 3,
so follow suit to make comparison easier.
2013-05-28 20:57:40 +00:00
emaste
3f99d602fd Remove the advertising clause from the Regents of the University of
California's license, per the letter dated July 22, 1999.
2013-05-28 20:37:48 +00:00
kib
3b78cc7c0f The getcontext() from the __fillcontextx() call in the
check_deferred_signal() returns twice, since handle_signal() emulates
the return from the normal signal handler by sigreturn(2)ing the
passed context.  Second return is performed on the destroyed stack
frame, because __fillcontextx() has already returned.  This causes
undefined and bad behaviour, usually the victim thread gets SIGSEGV.

Avoid nested frame and the need to return from it by doing direct call
to getcontext() in the check_deferred_signal() and using a new private
libc helper __fillcontextx2() to complement the context with the
extended CPU state if the deferred signal is still present.

The __fillcontextx() is now unused, but is kept to allow older
libthr.so to be used with the new libc.

Mark __fillcontextx() as returning twice [1].

Reported by:	pgj
Pointy hat to:	kib
Discussed with:	dim
Tested by:	pgj, dim
Suggested by:	jilles [1]
MFC after:	1 week
2013-05-28 04:54:16 +00:00
jilles
fa9e5ab43d cap_rights_limit(2): CAP_ACCEPT also permits accept4(2). 2013-05-27 21:37:19 +00:00
marcel
ff42d21b8e Make the malloc(3) family of functions weak and make their non-weak
implementations visible for use by applications. The functions $F that
are now weak symbols are:
	allocm, calloc, dallocm, free, malloc, malloc_usable_size,
	nallocm, posix_memalign, rallocm, realloc, sallocm

The non-weak implementations of $F are exported as __$F.

Submitted by:	stevek@juniper.net
Reviewed by:	jasone@, kib@
Approved by:	jasone@ (jemalloc)
Obtained from:	juniper Networks, Inc
2013-05-25 18:59:11 +00:00
jilles
843b520e07 sigreturn(2): Remove ancient compatibility warning about 4.2BSD.
The HISTORY subsection still says that sigreturn() was added in 4.3BSD.
2013-05-25 13:59:40 +00:00
ed
dcb48cfa2b Make some tiny improvements to iconv_open().
- Remove an unneeded variable.
- Fix whitespace bugs.
- Fix typoes in comment.
- Improve string handling a bit. Don't handroll strstr() and don't
  terminate a strdup()'ed string. Instead, simply strndup() the part we
  need.
2013-05-25 12:13:54 +00:00
ed
3f589c4a65 Only call free() on something we allocated.
If we were already provided a struct _citrus_iconv (e.g. through
iconv_open_into()), we should not call free() in case io_init_context()
fails. Instead, call it on the pointer of the allocated object, which
will be NULL in case of iconv_open_into().
2013-05-25 12:11:20 +00:00
ed
6f8795b5ab Let iconv build on -HEAD properly.
- Add NO_WMISSING_VARIABLE_DECLARATIONS where we use Yacc/Lex.
- Add variable declarations where possible.
- Add missing static keyword.
2013-05-23 18:07:01 +00:00
ed
3e86f64f24 Update manpages for r250887.
Remove the lists of unneeded header files.

Requested by:	eadler
2013-05-21 21:39:18 +00:00
ed
05bd8275f3 Add <uchar.h>.
The <uchar.h> header, part of C11, adds a small number of utility
functions for 16/32-bit "universal" characters, which may or may not be
UTF-16/32. As our wchar_t is already ISO 10646, simply add light-weight
wrappers around wcrtomb() and mbrtowc().

While there, also add (non-yet-standard) _l functions, similar to the
ones we already have for the other locale-dependent functions.

Reviewed by:	theraven
2013-05-21 19:59:37 +00:00
julian
8eff18bd34 Update the setfib man page to reflect recent changes. 2013-05-20 20:47:40 +00:00
jilles
ea9572e1d0 popen(): Add 'e' mode character to set close-on-exec on the new fd.
If 'e' is used, the kernel must support the recently added pipe2() system
call.

The use of pipe2() with O_CLOEXEC also fixes race conditions between
concurrent popen() calls from different threads, even if the close-on-exec
flag on the fd of the returned FILE is later cleared (because popen() closes
all file descriptors from earlier popen() calls in the child process).
Therefore, this approach should be used in all cases when pipe2() can be
assumed present.

The old version of popen() rejects "re" and "we" but treats "r+e" like "r+".
2013-05-20 17:31:18 +00:00
hiren
882d7c2be5 Fix a typo: It should be "strtoll" and not "stroll".
PR:	178642
Reported by:	Michael Galassi (michaelgalassi@gmail.com)
Approved by:	sbruno (mentor)
MFC after:	1 week
2013-05-14 20:25:07 +00:00
eadler
6907881cb8 Fix several typos
PR:		kern/176054
Submitted by:	Christoph Mallon <christoph.mallon@gmx.de>
MFC after:	3 days
2013-05-12 16:43:26 +00:00
pluknet
43885dc4e0 Typo. 2013-05-12 05:54:58 +00:00
jilles
dcf8371952 posix_spawn_file_actions_adddup2(3): Document difference with dup2().
The ability to clear a file descriptor's close-on-exec flag via
posix_spawn_file_actions_adddup2() is in fact proposed in Austin Group issue
#411.

MFC after:	1 week
2013-05-09 21:29:13 +00:00
jilles
bbb5917525 posix_spawn_file_actions_addopen(3): Correct error for bad file descriptor.
As per POSIX.1-2008, posix_spawn_file_actions_add* return [EBADF] if a file
descriptor is negative, not [EINVAL]. The bug was only in the manual page;
the code is correct.

MFC after:	1 week
2013-05-09 16:42:01 +00:00
jilles
a222062d02 wordexp(): Simplify code by deferring work to sh. 2013-05-09 11:43:45 +00:00
pluknet
bf7b6b6227 POSIX 1003.1-2008: add ENOTRECOVERABLE, EOWNERDEAD errnos. 2013-05-04 19:07:22 +00:00
pluknet
0c8dbadb69 Document that the return type is different from 1003.1-2008.
MFC after:	1 week
2013-05-04 17:21:44 +00:00
pluknet
3b34730a0b mdoc: missing comma in .Dd macro. 2013-05-04 17:06:47 +00:00
pluknet
17f70d0a20 Add entry for errno ECAPMODE.
MFC after:	3 days
2013-05-04 12:57:21 +00:00
jkim
eb004e0f13 Improve compatibility with recent flex from flex.sourceforge.net. 2013-05-03 23:51:32 +00:00
pluknet
fd497a19e9 Also, add a missing period. 2013-05-03 13:27:13 +00:00
pluknet
c9503ea86d Remove an extra comma. 2013-05-03 12:45:45 +00:00
pluknet
fb11a49792 Remove the STANDARDS section.
querylocale is not part of IEEE Std 1003.1-2008.

MFC after:	3 days
2013-05-03 12:42:43 +00:00
jilles
c09afe5aa8 accept(2), pipe(2): Fix .Dd. 2013-05-01 22:47:47 +00:00
jilles
16772c421d Add pipe2() system call.
The pipe2() function is similar to pipe() but allows setting FD_CLOEXEC and
O_NONBLOCK (on both sides) as part of the function.

If p points to two writable ints, pipe2(p, 0) is equivalent to pipe(p).

If the pointer is not valid, behaviour differs: pipe2() writes into the
array from the kernel like socketpair() does, while pipe() writes into the
array from an architecture-specific assembler wrapper.

Reviewed by:	kan, kib
2013-05-01 22:42:42 +00:00
jilles
299afd25fd Add accept4() system call.
The accept4() function, compared to accept(), allows setting the new file
descriptor atomically close-on-exec and explicitly controlling the
non-blocking status on the new socket. (Note that the latter point means
that accept() is not equivalent to any form of accept4().)

The linuxulator's accept4 implementation leaves a race window where the new
file descriptor is not close-on-exec because it calls sys_accept(). This
implementation leaves no such race window (by using falloc() flags). The
linuxulator could be fixed and simplified by using the new code.

Like accept(), accept4() is async-signal-safe, a cancellation point and
permitted in capability mode.
2013-05-01 20:10:21 +00:00
jilles
535eef9123 intro(2): Fix some errors in ENFILE and EMFILE descriptions.
MFC after:	1 week
2013-04-27 11:55:23 +00:00
jilles
5e3fcad320 sysconf(3): Correct the description of _SC_OPEN_MAX.
Reported by:	bde
MFC after:	1 week
2013-04-26 21:43:42 +00:00
jilles
41b0ffe4ca getdtablesize(2): Describe what this function actually does.
getdtablesize() returns the limit on new file descriptors; this says nothing
about existing descriptors.

MFC after:	1 week
2013-04-24 21:24:35 +00:00
emaste
ed68431e9e Convert libc/stdio from K&R to ANSI C
And add '__restrict' where it appeared in the header prototypes
2013-04-23 14:36:44 +00:00
emaste
afbef1895e Renumber clauses to reduce diffs to other versions
NetBSD, OpenBSD, and Android's Bionic all number the clauses 1 through 3,
so follow suit to make comparison easier.

Acked-by: imp@
2013-04-23 13:33:13 +00:00
eadler
4af79ccd60 - sl_find does not modify 'name'
- make the prototype of sl_find match NetBSD

Reviewed by:	jilles
Approved by:	cperciva (mentor)
MFC After:	3 days
2013-04-23 13:03:03 +00:00
eadler
743330219f Switch from K&R prototypes to modern C
Reviewed by:	jilles
Approved by:	cperciva (mentor)
MFC After:	3 days
2013-04-23 13:03:01 +00:00
pluknet
eda2444ae0 Keep up with negative addrlen check removal in r249649. 2013-04-22 09:18:50 +00:00
jilles
670f533a57 dup(2): Remove incorrect sentence about getdtablesize().
There are no getdtablesize() bounds on the file descriptor to be duplicated;
it only has to be open. If the RLIMIT_NOFILE rlimit was decreased after
opening the file descriptor, it may be greater than or equal to
getdtablesize() but still valid.

MFC after:	1 week
2013-04-21 19:42:04 +00:00
joel
f0ba1598b2 Add example.
PR:		177025
Submitted by:	Fernando <fernando.apesteguia@gmail.com>
Reviewed by:	theraven
2013-04-21 10:30:19 +00:00
joel
3cd1c80381 Remove cross-references to nonexistent CPU_SET(3) manpage.
Also fix cpu_getaffinity(2) document title.

PR:		176317
Submitted by:	brucec
2013-04-21 06:46:41 +00:00
jilles
f83f35001e pututxline: Don't set errno=0 in subfunctions.
The functions utx_active_add(), utx_active_remove(), utx_lastlogin_add() and
utx_log_add() set errno to 0 if they are successful. This not only violates
POSIX if pututxline() is successful, but may also overwrite a valid error
with 0 if, for example, utx_lastlogin_add() fails while utx_log_add()
succeeds.

Reviewed by:	ed
2013-04-17 21:08:15 +00:00
gabor
d3ee8e3ff6 - Correct mispellings of the word occurrence
Submitted by:	Christoph Mallon <christoph.mallon@gmx.de> (via private mail)
2013-04-17 11:40:10 +00:00
joel
1061eb0aae mdoc: remove superfluous paragraph macro. 2013-04-16 20:31:15 +00:00
jhb
0ed1bc2e92 - Document that sem_wait() can fail with EINTR if it is interrupted by a
signal.
- Fix the old ksem implementation for POSIX semaphores to not restart
  sem_wait() or sem_timedwait() if interrupted by a signal.

MFC after:	1 week
2013-04-16 20:26:31 +00:00
jilles
f98571cfa0 libc: Fix typo in French translation.
PR:		kern/177704
Submitted by:	martymac
MFC after:	1 week
2013-04-14 11:44:47 +00:00
emaste
5f41a5dc88 Spelling correction 2013-04-11 20:15:37 +00:00
emaste
21fcda067e Remove unused atomic header 2013-04-11 12:49:42 +00:00
tuexen
dc49969f25 Remove the number of addresses restriction from sctp_connectx().
Remove unused code.
While there, do some cleanup of the code.

MFC after: 1 week
2013-04-10 11:26:30 +00:00
gnn
8bbd0c98b7 Correct the returned message lengths for timeval and bintime control
messages (SO_BINTIME, SO_TIMEVAL).

Obtained from:	phk
2013-04-05 18:09:43 +00:00
delphij
08ef412169 Replace access to /dev/random with the kernel pseudo-random number
source sysctl(KERN_ARND) and remove the fallback code.

Obtained from:	OpenBSD
Reviewed by:	secteam
MFC after:	1 month
2013-04-02 23:41:20 +00:00
mdf
da578c6492 Fix return type of extattr_set_* and fix rmextattr(8) utility.
extattr_set_{fd,file,link} is logically a write(2)-like operation and
should return ssize_t, just like extattr_get_*.  Also, the user-space
utility was using an int for the return value of extattr_get_* and
extattr_list_*, both of which return an ssize_t.

MFC after:	1 week
2013-04-02 05:30:41 +00:00
jilles
8435d3c02c wordexp(): Remove wrong IFS usage.
Words in shell script are separated by spaces or tabs independent of the
value of IFS. The value of IFS is only relevant for the result of
substitutions. Therefore, there should be a space between 'wordexp' and the
words to be expanded, not an IFS character.

Paranoia might dictate that the shell ignore IFS from the environment (even
though our sh currently uses it), so do not depend on it in the new test
case.
2013-04-01 20:50:07 +00:00
jilles
6d5ca83e83 btowc(3), isblank(3): Correct prototypes for _l variants.
MFC after:	1 week
2013-03-27 21:31:40 +00:00
jilles
e69d25bd00 accept(2): Mention inheritance of O_ASYNC and signal destination.
While almost nobody uses O_ASYNC, and rightly so, the inheritance of the
related properties across accept() is a portability issue like the
inheritance of O_NONBLOCK.
2013-03-26 22:46:56 +00:00
dim
e6c84f6819 Compile contrib/tzcode/stdtime/localtime.c with -fwrapv, since it relies
on signed integer overflow wrapping.  Otherwise mktime(3) and timegm(3)
can hang, in case the timestamp passed in struct tm is not representable
in a time_t.  Specifically, any timestamp after 2038-01-19 03:14:07, in
combination with a 32-bit time_t.

Note that it would be better to change the code to not rely on undefined
behaviour, but it is contributed code, and it is not entirely trivial to
fix the issue properly.

MFC after:	3 days
2013-03-24 01:35:37 +00:00
pjd
01401cc9bc Document chflagsat(2).
Obtained from:	jilles
2013-03-21 23:05:44 +00:00
pjd
635dbe90f2 Implement chflagsat(2) system call, similar to fchmodat(2), but operates on
file flags.

Reviewed by:	kib, jilles
Sponsored by:	The FreeBSD Foundation
2013-03-21 22:59:01 +00:00
pjd
2a3cf7f364 - Make 'flags' argument to chflags(2), fchflags(2) and lchflags(2) of type
u_long. Before this change it was of type int for syscalls, but prototypes
  in sys/stat.h and documentation for chflags(2) and fchflags(2) (but not
  for lchflags(2)) stated that it was u_long. Now some related functions
  use u_long type for flags (strtofflags(3), fflagstostr(3)).
- Make path argument of type 'const char *' for consistency.

Discussed on:	arch
Sponsored by:	The FreeBSD Foundation
2013-03-21 22:44:33 +00:00
jilles
bd09044d61 Allow O_CLOEXEC in posix_openpt() flags.
PR:		kern/162374
Reviewed by:	ed
2013-03-21 21:39:15 +00:00
jilles
c9066bd014 Implement SOCK_CLOEXEC, SOCK_NONBLOCK and MSG_CMSG_CLOEXEC.
This change allows creating file descriptors with close-on-exec set in some
situations. SOCK_CLOEXEC and SOCK_NONBLOCK can be OR'ed in socket() and
socketpair()'s type parameter, and MSG_CMSG_CLOEXEC to recvmsg() makes file
descriptors (SCM_RIGHTS) atomically close-on-exec.

The numerical values for SOCK_CLOEXEC and SOCK_NONBLOCK are as in NetBSD.
MSG_CMSG_CLOEXEC is the first free bit for MSG_*.

The SOCK_* flags are not passed to MAC because this may cause incorrect
failures and can be done later via fcntl() anyway. On the other hand, audit
is expected to cope with the new flags.

For MSG_CMSG_CLOEXEC, unp_externalize() is extended to take a flags
argument.

Reviewed by:	kib
2013-03-19 20:58:17 +00:00
glebius
03b86a1452 There are actually two different cases when mlock(2) returns
ENOMEM. Clarify this, taking text from SUS.

Reviewed by:	kib
2013-03-19 05:44:25 +00:00
kevlo
296df9cb79 Add restrict keyword to realpath manpage. 2013-03-18 01:22:28 +00:00
pjd
a31543af15 Add a note to the HISTORY section about lchflags(2) being introduced in
FreeBSD 5.0.
2013-03-16 22:44:14 +00:00
brooks
9af7ef3515 Update to the latest (un)vis(3) sources from NetBSD. This adds
multibyte support[0] and the new functions strenvisx and strsenvisx.

Add MLINKS for vis(3) functions add by this and the initial import from
NetBSD[1].

PR:		bin/166364, bin/175418
Submitted by:	"J.R. Oldroyd" <fbsd@opal.com>[0]
		stefanf[1]
Obtained from:	NetBSD
MFC after:	2 weeks
2013-03-14 23:51:47 +00:00
jilles
32c02d0b89 libc: Avoid SIGPIPE when nscd closes the connection unexpectedly.
It is almost always a bug if nscd closes the connection unexpectedly but
programs should not be killed with SIGPIPE for it.

Reviewed by:	bushman
Tested by:	Jan Beich
MFC after:	1 week
2013-03-13 18:38:18 +00:00
pluknet
fa21691aad Link getcontextx(3) to getcontext(3).
Reviewed by:	kib
MFC after:	1 week
2013-03-13 18:19:33 +00:00
pluknet
eb38eb8313 Add the getcontextx prototype to SYNOPSIS.
Reviewed by:	kib
MFC after:	1 week
2013-03-13 18:18:16 +00:00
zeising
128087cd6d Create a symlink from strchrnul.3 to strchr.3.
This was forgotten in the initial commit of strchrnul()

Approved by:	theraven
2013-03-06 19:59:42 +00:00
pjd
702516e70b - Implement two new system calls:
int bindat(int fd, int s, const struct sockaddr *addr, socklen_t addrlen);
	int connectat(int fd, int s, const struct sockaddr *name, socklen_t namelen);

  which allow to bind and connect respectively to a UNIX domain socket with a
  path relative to the directory associated with the given file descriptor 'fd'.

- Add manual pages for the new syscalls.

- Make the new syscalls available for processes in capability mode sandbox.

- Add capability rights CAP_BINDAT and CAP_CONNECTAT that has to be present on
  the directory descriptor for the syscalls to work.

- Update audit(4) to support those two new syscalls and to handle path
  in sockaddr_un structure relative to the given directory descriptor.

- Update procstat(1) to recognize the new capability rights.

- Document the new capability rights in cap_rights_limit(2).

Sponsored by:	The FreeBSD Foundation
Discussed with:	rwatson, jilles, kib, des
2013-03-02 21:11:30 +00:00
joel
4c5c303d09 mdoc: remove superfluous paragraph macro. 2013-03-02 06:55:55 +00:00
pjd
f07ebb8888 Merge Capsicum overhaul:
- Capability is no longer separate descriptor type. Now every descriptor
  has set of its own capability rights.

- The cap_new(2) system call is left, but it is no longer documented and
  should not be used in new code.

- The new syscall cap_rights_limit(2) should be used instead of
  cap_new(2), which limits capability rights of the given descriptor
  without creating a new one.

- The cap_getrights(2) syscall is renamed to cap_rights_get(2).

- If CAP_IOCTL capability right is present we can further reduce allowed
  ioctls list with the new cap_ioctls_limit(2) syscall. List of allowed
  ioctls can be retrived with cap_ioctls_get(2) syscall.

- If CAP_FCNTL capability right is present we can further reduce fcntls
  that can be used with the new cap_fcntls_limit(2) syscall and retrive
  them with cap_fcntls_get(2).

- To support ioctl and fcntl white-listing the filedesc structure was
  heavly modified.

- The audit subsystem, kdump and procstat tools were updated to
  recognize new syscalls.

- Capability rights were revised and eventhough I tried hard to provide
  backward API and ABI compatibility there are some incompatible changes
  that are described in detail below:

	CAP_CREATE old behaviour:
	- Allow for openat(2)+O_CREAT.
	- Allow for linkat(2).
	- Allow for symlinkat(2).
	CAP_CREATE new behaviour:
	- Allow for openat(2)+O_CREAT.

	Added CAP_LINKAT:
	- Allow for linkat(2). ABI: Reuses CAP_RMDIR bit.
	- Allow to be target for renameat(2).

	Added CAP_SYMLINKAT:
	- Allow for symlinkat(2).

	Removed CAP_DELETE. Old behaviour:
	- Allow for unlinkat(2) when removing non-directory object.
	- Allow to be source for renameat(2).

	Removed CAP_RMDIR. Old behaviour:
	- Allow for unlinkat(2) when removing directory.

	Added CAP_RENAMEAT:
	- Required for source directory for the renameat(2) syscall.

	Added CAP_UNLINKAT (effectively it replaces CAP_DELETE and CAP_RMDIR):
	- Allow for unlinkat(2) on any object.
	- Required if target of renameat(2) exists and will be removed by this
	  call.

	Removed CAP_MAPEXEC.

	CAP_MMAP old behaviour:
	- Allow for mmap(2) with any combination of PROT_NONE, PROT_READ and
	  PROT_WRITE.
	CAP_MMAP new behaviour:
	- Allow for mmap(2)+PROT_NONE.

	Added CAP_MMAP_R:
	- Allow for mmap(PROT_READ).
	Added CAP_MMAP_W:
	- Allow for mmap(PROT_WRITE).
	Added CAP_MMAP_X:
	- Allow for mmap(PROT_EXEC).
	Added CAP_MMAP_RW:
	- Allow for mmap(PROT_READ | PROT_WRITE).
	Added CAP_MMAP_RX:
	- Allow for mmap(PROT_READ | PROT_EXEC).
	Added CAP_MMAP_WX:
	- Allow for mmap(PROT_WRITE | PROT_EXEC).
	Added CAP_MMAP_RWX:
	- Allow for mmap(PROT_READ | PROT_WRITE | PROT_EXEC).

	Renamed CAP_MKDIR to CAP_MKDIRAT.
	Renamed CAP_MKFIFO to CAP_MKFIFOAT.
	Renamed CAP_MKNODE to CAP_MKNODEAT.

	CAP_READ old behaviour:
	- Allow pread(2).
	- Disallow read(2), readv(2) (if there is no CAP_SEEK).
	CAP_READ new behaviour:
	- Allow read(2), readv(2).
	- Disallow pread(2) (CAP_SEEK was also required).

	CAP_WRITE old behaviour:
	- Allow pwrite(2).
	- Disallow write(2), writev(2) (if there is no CAP_SEEK).
	CAP_WRITE new behaviour:
	- Allow write(2), writev(2).
	- Disallow pwrite(2) (CAP_SEEK was also required).

	Added convinient defines:

	#define	CAP_PREAD		(CAP_SEEK | CAP_READ)
	#define	CAP_PWRITE		(CAP_SEEK | CAP_WRITE)
	#define	CAP_MMAP_R		(CAP_MMAP | CAP_SEEK | CAP_READ)
	#define	CAP_MMAP_W		(CAP_MMAP | CAP_SEEK | CAP_WRITE)
	#define	CAP_MMAP_X		(CAP_MMAP | CAP_SEEK | 0x0000000000000008ULL)
	#define	CAP_MMAP_RW		(CAP_MMAP_R | CAP_MMAP_W)
	#define	CAP_MMAP_RX		(CAP_MMAP_R | CAP_MMAP_X)
	#define	CAP_MMAP_WX		(CAP_MMAP_W | CAP_MMAP_X)
	#define	CAP_MMAP_RWX		(CAP_MMAP_R | CAP_MMAP_W | CAP_MMAP_X)
	#define	CAP_RECV		CAP_READ
	#define	CAP_SEND		CAP_WRITE

	#define	CAP_SOCK_CLIENT \
		(CAP_CONNECT | CAP_GETPEERNAME | CAP_GETSOCKNAME | CAP_GETSOCKOPT | \
		 CAP_PEELOFF | CAP_RECV | CAP_SEND | CAP_SETSOCKOPT | CAP_SHUTDOWN)
	#define	CAP_SOCK_SERVER \
		(CAP_ACCEPT | CAP_BIND | CAP_GETPEERNAME | CAP_GETSOCKNAME | \
		 CAP_GETSOCKOPT | CAP_LISTEN | CAP_PEELOFF | CAP_RECV | CAP_SEND | \
		 CAP_SETSOCKOPT | CAP_SHUTDOWN)

	Added defines for backward API compatibility:

	#define	CAP_MAPEXEC		CAP_MMAP_X
	#define	CAP_DELETE		CAP_UNLINKAT
	#define	CAP_MKDIR		CAP_MKDIRAT
	#define	CAP_RMDIR		CAP_UNLINKAT
	#define	CAP_MKFIFO		CAP_MKFIFOAT
	#define	CAP_MKNOD		CAP_MKNODAT
	#define	CAP_SOCK_ALL		(CAP_SOCK_CLIENT | CAP_SOCK_SERVER)

Sponsored by:	The FreeBSD Foundation
Reviewed by:	Christoph Mallon <christoph.mallon@gmx.de>
Many aspects discussed with:	rwatson, benl, jonathan
ABI compatibility discussed with:	kib
2013-03-02 00:53:12 +00:00
pjd
2485337005 Provide cap_sandboxed(3) function, which is a wrapper around cap_getmode(2)
system call, which has a nice property - it never fails, so it is a bit
easier to use. If there is no support for capability mode in the kernel
the function will return false (not in a sandbox). If the kernel is compiled
with the support for capability mode, the function will return true or false
depending if the calling process is in the capability mode sandbox or not
respectively.

Sponsored by:	The FreeBSD Foundation
2013-03-02 00:11:27 +00:00
delphij
3e4a1731aa Fix assignment of maximum bounadary.
Submitted by:	Sascha Wildner <saw online de>
Obtained from:	DragonFly rev fd39c81ba220f7ad6e4dc9b30d45e828cf58a1ad
MFC after:	2 weeks
2013-03-01 23:26:13 +00:00
kevlo
cf931ec7e1 Assign the len field of the netbuf structure to the current length of
a sockaddr.

Obtained from:	NetBSD
2013-03-01 15:45:57 +00:00
joel
bd82c21b51 mdoc: add missing El. 2013-02-27 20:09:25 +00:00
jhb
2b2e634182 Add an implementation of open_memstream() and open_wmemstream(). These
routines provide write-only stdio FILE objects that store their data in a
dynamically allocated buffer.  They are a string builder interface somewhat
akin to a completely dynamic sbuf.

Reviewed by:	bde, jilles (earlier versions)
MFC after:	1 month
2013-02-27 19:50:46 +00:00
jilles
b4ce52f66c libc/opendir: Improve behaviour of union uniquifier:
* Reopen the directory using openat(fd, ".", ...) instead of opening the
  pathname again. This fixes a race condition where the meaning of the
  pathname changes and allows a reopen with fdopendir().
* Always reopen the directory for union stacks, not only when DTF_REWIND
  is passed. Applications should be able to fchdir(dirfd(dir)) and
  *at(dirfd(dir), ...). DTF_REWIND now does nothing.
2013-02-24 20:53:32 +00:00
keramida
8ca73cd0cf Now that qsort(3) has a sample comparison function, point to that
example from bsearch(3) too, so that we don't have to duplicate
the example code in both places.

PR:		docs/176197
Reviewed by:	stefanf
Approved by:	remko (mentor), gjb (mentor)
MFC after:	1 week
2013-02-23 12:31:52 +00:00
joel
4778623d42 Sort sections. 2013-02-20 19:05:13 +00:00
keramida
1183d7a09c Various improvements to the qsort(3) usage example:
- Remove unused #include.
- Do not cast away const.
- Use the canonical idiom to compare two numbers.
- Use proper type for sizes, i.e. size_t instead of int.
- Correct indentation.
- Simplify printf("\n") to puts("").
- Use return instead of exit() in main().

Submitted by:	Christoph Mallon, christoph.mallon at gmx.de
Approved by:	gjb (mentor)
Reviewed by:	stefanf
MFC after:	1 week
2013-02-20 18:31:55 +00:00
keramida
5dce0c1384 Add a sample program that shows how a custom comparison function and
qsort(3) can work together to sort an array of integers.

PR:             docs/176197
Submitted by:   Fernando, fapesteguia at opensistemas.com
Approved by:    gjb (mentor)
MFC after:      1 week
2013-02-19 23:57:39 +00:00
jilles
a04bf837da setbuf(3): Restore a BUGS section about setbuf().
The brokenness of setbuf() is not specific to 4.2BSD and 4.3BSD but inherent
in the API definition.

Reported by:	bde
2013-02-18 22:47:59 +00:00
davidxu
67d28f7aa5 Make more code be protected by internal mutex, and now it is fork-safe, in
error case, the file exclusive lock is now released as soon as possible,
in previous code, child process can still hold the exclusive lock.
2013-02-17 02:52:42 +00:00
pjd
cc57b32cb6 Put one file per line so it is easier to read diffs against those files. 2013-02-16 22:21:46 +00:00
davidxu
2fd1909d3a Simplify code by using flag O_EXLOCK.
PR: kern/175674
2013-02-16 06:07:07 +00:00
jilles
da12251717 setbuf(3): Remove bugs section about ancient versions of BSD. 2013-02-15 10:44:07 +00:00
zeising
8e06979521 Change examples to be consistent with what style(9) says.
Approved by:	joel (mentor)
MFC After:	2 weeks
2013-02-14 21:29:55 +00:00
zeising
742b0cd5e4 Add strchrnul(), a GNU function similar to strchr(), except that it returns
a pointer to the end of the string, rather than NULL, if the character was
not found.

Approved by:	theraven
2013-02-13 15:46:33 +00:00
ian
cfdf5de939 Make the F_READAHEAD option to fcntl(2) work as documented: a value of zero
now disables read-ahead.  It used to effectively restore the system default
readahead hueristic if it had been changed; a negative value now restores
the default.

Reviewed by:	kib
2013-02-13 15:09:16 +00:00
andrew
3303d1f6a9 When clang builds libc it may insert calls to __aeabi_* functions. Normally
this is not a problem as they are resolved by libgcc. The exception is for
the __aeabi_mem* functions. These call back into libc to the appropriate
function. This causes issues for static binaries as we only link against
libc once so there is no way for it to call into libgcc and back.

The fix for this is to include these symbols in libc but keep them hidden
so binaries use the libgcc version.
2013-02-12 06:04:51 +00:00
jilles
05d82765f3 fts: Use O_DIRECTORY when opening name that might be changed by attacker.
There are uncommon cases where fts_safe_changedir() may be called with a
non-NULL name that is not "..". Do not block or worse if an attacker put (a
(symlink to) a fifo or device where a directory used to be.

MFC after:	1 week
2013-02-10 23:09:15 +00:00
tuexen
8c2d2a9040 Improve code style. No functional change.
MFC after: 3 days
2013-02-10 19:21:17 +00:00
jilles
4633ab5d81 sigqueue(2): Fix typo (EEPERM -> EPERM).
MFC after:	3 days
2013-02-10 13:20:23 +00:00
eadler
ba1233bc71 Fix logic inversion.
PR:		docs/174966
Submitted by:	Christian Ullrich <chris+freebsd@chrullrich.net>
Approved by:	bcr (mentor)
2013-02-09 17:13:51 +00:00
joel
538377b2ea mdoc: Remove EOL whitespace. 2013-02-09 07:01:05 +00:00
kib
2a34503ae7 Document the detail of interaction between vfork and PT_TRACEME.
MFC after:	2 weeks
2013-02-07 15:36:24 +00:00
kib
305acfc1e8 Document the ERESTART translation to EINTR for devfs nodes.
Based on the submission by:	jilles
MFC after:	2 weeks
2013-02-07 15:11:43 +00:00
gahr
a3f8831b82 - Fix more style(9)-related issues (copyright header, spaces after function
names, unnecessary casts)
- Change type of boolean variable from char to bool

Suggested by:	jhb, zont, jmallett
Reviewed by:	cognet
Approved by:	cognet
2013-02-01 13:04:06 +00:00
gahr
3706909a83 - Remove underscores from the internal structure name, as it doesn't collide
with the user's namespace.

- Correct size and position variables type from long to size_t.

- Do not set errno to ENOMEM on malloc failure, as malloc already does so.

- Implement the concept of "buffer data length", which mandates what SEEK_END
  refers to and the allowed extent for a read.

- Use NULL as read-callback if the buffer is opened in write-only mode.
  Conversely, use NULL as write-callback when opened in read-only mode.

- Implement the handling of the ``b'' character in the mode argument. A binary
  buffer differs from a text buffer (default mode if ``b'' is omitted) in that
  NULL bytes are never appended to writes and that the "buffer data length"
  equals to the size of the buffer.

- Remove shall from the man page. Use indicative instead. Also, specify that
  the ``b'' flag does not conform with POSIX but is supported by glibc.

- Update the regression test so that the ``b'' functionality and the "buffer
  data length" concepts are tested.

- Minor style(9) corrections.

Suggested by:	jilles
Reviewed by:	cognet
Approved by:	cognet
2013-01-31 16:39:50 +00:00
gahr
e7ca48d15b Add fmemopen(3), an interface to get a FILE * from a buffer in memory, along
with the respective regression test.
See http://pubs.opengroup.org/onlinepubs/9699919799/functions/fmemopen.html

Reviewed by:	cognet
Approved by:	cognet
2013-01-30 14:59:26 +00:00
kib
3913be8cf6 Rework the __vdso_* symbols attributes to only make the symbols weak,
but use normal references instead of weak.  This makes the statically
linked binaries to use fast gettimeofday(2) by forcing the linker to
resolve references and providing the neccessary functions.

Reported by:	bde
Tested by:	marius (sparc64)
MFC after:	2 weeks
2013-01-30 12:48:16 +00:00
glebius
107e0c39a8 posix_fadvise(2) first appeared in FreeBSD 9.1 2013-01-23 10:50:52 +00:00
pjd
5ab6899eb1 Note that SIGCHLD is special and if ignored, won't be recorded by the filter. 2013-01-21 22:07:34 +00:00
andrew
ee70ac6d85 Add the required __aeabi_* functions to libc.
The floating point functions are here rather than compiler-rt because the
libc softfloat code allows us to set the rounding mode.
2013-01-19 05:33:55 +00:00
andrew
3600c83b82 Use the compiler-rt version __{u,}divsi3 and __{u,}modsi3 on ARM EABI 2013-01-19 04:11:45 +00:00
andrew
109e426da1 Update the syscall calling convention for ARM EABI. We store the syscall
in r7 and use ip to store the old version of r7 as it is not guaranteed to
be kept when calling a subroutine. The kernel will preserve the register
across system calls.
2013-01-19 04:03:18 +00:00
andrew
c3e3cd888a For ARM EABI we only need a subset of the quad functions, the rest are
provided by libgcc.
2013-01-19 02:33:57 +00:00
zont
01fbf755f7 - Use standard RETURN VALUES section.
Approved by:	kib (mentor)
MFC after:	1 week
2013-01-15 14:09:08 +00:00
brooks
05884d1e6d Add contrib/libc-vis to the include path so we reliably pick up the right
version of vis.h.

Reported by:	dim
2013-01-11 17:51:03 +00:00
brooks
4059b9293f In r244401 I accidently moved strunvis and strunvisx from version 1.0 to
1.3 breaking the libc ABI. Revert that change (breaking the ABI again
for users who updated after December 18th).
2013-01-11 15:50:01 +00:00
ume
48d4ca6f43 Re-enable ip6addrctl support but only for IPv6 address.
Requested by:	Ben Morrow <ben__at__morrow.me.uk>
MFC after:	1 week
2013-01-10 14:08:19 +00:00
ume
3d32a931a1 Disable destination address selection support of
getipnodebyname(1).  RFC 2553 mentions IPv6 addresses
are returned 1st.

Spotted by:	uqs
MFC after:	1 week
2013-01-09 15:22:37 +00:00
andrew
79c215314d Silence a clang warning by telling it we are only interested in left
shifting the lower 32bits of the floating point value when we demangle it.
2013-01-06 00:49:06 +00:00
delphij
ab5f5cd77f Add derived versions for common Simplified Chinese encodings.
MFC after:	2 weeks
2012-12-28 01:23:12 +00:00
delphij
b179cbf13b Add zh_CN.UTF-8 catalog.
Reviewed by:	alphachi <alphachi mediaspirit.org>
MFC after:	2 weeks
2012-12-28 01:09:30 +00:00
zont
1c06919638 - Update manual pages accordingly to r244384 and r244385.
Approved by:	kib (mentor)
MFC after:	1 week
2012-12-25 13:43:01 +00:00
delphij
23ae20eae2 - Reduce buffer size from LINE_MAX to PATH_MAX, there is no point to store
path longer than this.
 - Fix an unreached case of check against sizeof buf, which in turn leads
   to an off-by-one nul byte write on the stack.  The original condition
   can never be satisfied because the passed boundary is the maximum value
   that can be returned, so code was harmless.

MFC after:	1 month
2012-12-21 22:20:59 +00:00
brooks
25561669c9 Replace our implementation of the vis(3) and unvis(3) APIs with
NetBSD's.  This output size limited versions of vis and unvis functions
as well as a set of vis variants that allow arbitrary characters to be
specified for encoding.

Finally, MIME Quoted-Printable encoding as described in RFC 2045 is
supported.
2012-12-18 16:37:24 +00:00
eadler
1c3512cb76 Fix warning from valgrind when a failed entry is tested.
PR:		kern/173008
Submitted by:	Zhihao Yuan <lichray@gmail.com>
Reviewed by:	gabor
Approved by:	cperciva (implicit)
MFC after:	1 week
2012-12-17 12:57:36 +00:00
jilles
3268de3a0d libc/iconv: Fix race condition with setting FD_CLOEXEC.
A fork/exec could happen between open and fcntl, leaking a file descriptor.
Using O_CLOEXEC fixes this and as a side effect simplifies the code.

NetBSD already had this (I checked this after making the change myself).

Reviewed by:	gabor
2012-12-17 10:38:51 +00:00
pjd
dddecfb2fb Eliminate redundant variable. 2012-12-12 15:27:33 +00:00
jilles
4e143eee29 libc: Make various internal file descriptors close-on-exec.
These are obtained via fopen().
2012-12-11 22:52:56 +00:00
jilles
c8062fa2a4 libc: Make various internal file descriptors close-on-exec.
These are obtained via fopen().
2012-12-10 17:56:51 +00:00
brooks
8f8a6363fa Improve style(9) compliance of function declarations. 2012-12-10 17:34:33 +00:00
kevlo
6170f80efb Document that socket(2) may fail with EAFNOSUPPORT if the family cannot
be found.

Reviewed by:	glebius
Obtained from:	NetBSD
2012-12-07 02:26:08 +00:00
jilles
74acd0aa7d libc: Use the new 'e' fopen() mode option to simplify fstab.c.
No functional change is intended.
2012-12-04 16:54:43 +00:00
kevlo
a8471d78be Document that bind(2) can fail with EAFNOSUPPORT.
Reviewed by:	glebius
2012-12-04 09:53:09 +00:00
marcel
aee35ecd72 Protect against DoS attacks, such as being described in CVE-2010-2632.
The changes were derived from what has been committed to NetBSD, with
modifications. These are:
1.  Preserve the existsing GLOB_LIMIT behaviour by including the number
    of matches to the set of parameters to limit.
2.  Change some of the limits to avoid impacting normal use cases:
    GLOB_LIMIT_STRING - change from 65536 to ARG_MAX so that glob(3)
	can still provide a full command line of expanded names.
    GLOB_LIMIT_STAT - change from 128 to 1024 for no other reason than
	that 128 feels too low (it's not a limit that impacts the
	behaviour of the test program listed in CVE-2010-2632).
    GLOB_LIMIT_PATH - change from 1024 to 65536 so that glob(3) can
	still provide a fill command line of expanded names.
3.  Protect against buffer overruns when we hit the GLOB_LIMIT_STAT or
    GLOB_LIMIT_READDIR limits. We append SEP and EOS to pathend in
    those cases. Return GLOB_ABORTED instead of GLOB_NOSPACE when we
    would otherwise overrun the buffer.

This change also modifies the existing behaviour of glob(3) in case
GLOB_LIMIT is specifies by limiting the *new* matches and not all
matches. This is an important distinction when GLOB_APPEND is set or
when the caller uses a non-zero gl_offs. Previously pre-existing
matches or the value of gl_offs would be counted in the number of
matches even though the man page states that glob(3) would return
GLOB_NOSPACE when gl_matchc or more matches were found.

The limits that cannot be circumvented are GLOB_LIMIT_STRING and
GLOB_LIMIT_PATH all others can be crossed by simply calling glob(3)
again and with GLOB_APPEND set.

The entire description above applies only when GLOB_LIMIT has been
specified of course. No limits apply when this flag isn't set!

Obtained from: Juniper Networks, Inc
2012-12-01 21:26:46 +00:00
marcel
e0cbca43aa In globextend(), take advantage of the fact that realloc(NULL, size) is
equivalent to malloc(size). This eliminates the conditional expression
used for calling either realloc() or malloc() when realloc() will do
all the time.
2012-12-01 17:50:39 +00:00
marcel
5192abbac6 In globextend() when the pathv vector cannot be (re-)allocated, don't
free and clear the gl_pathv pointer in the glob_t structure. Such
breaks the invariant of the glob_t structure, as stated in the comment
right in front of the globextend() function. If gl_pathv was non-NULL,
then gl_pathc was > 0. Making gl_pathv a NULL pointer without also
setting gl_pathc to 0 is wrong.

Since we otherwise don't free the memory associated with a glob_t in
error cases, it's unlikely that this change will cause a memory leak
that wasn't already there to begin with. Callers of glob(3) must
call globfree(3) irrespective of whether glob(3) returned an error
or not.
2012-12-01 17:44:06 +00:00
eadler
242dabb510 The getline function returns the number of characters read, not
written. Use clearer text for this.

PR:		docs/174023
Submitted by:	Paul Procacci <pprocacci@gmail.com>
Approved by:	bcr (mentor)
MFC after:	1 week
2012-12-01 15:25:41 +00:00
jilles
04619555a4 libc: Allow setting close-on-exec in fopen/freopen/fdopen.
This commit adds a new mode option 'e' that must follow any 'b', '+' and/or
'x' options. C11 is clear about the 'x' needing to follow 'b' and/or '+' and
that is what we implement; therefore, require a strict position for 'e' as
well.

For freopen() with a non-NULL path argument and fopen(), the close-on-exec
flag is set iff the 'e' mode option is specified. For freopen() with a NULL
path argument and fdopen(), the close-on-exec flag is turned on if the 'e'
mode option is specified and remains unchanged otherwise.

Although the same behaviour for fopen() can be obtained by open(O_CLOEXEC)
and fdopen(), this needlessly complicates the calling code.

Apart from the ordering requirement, the new option matches glibc.

PR:		kern/169320
2012-11-30 23:51:33 +00:00
kevlo
ec5aeeffd0 Document that getpeername(2) and getsockname(2) can fail with EINVAL.
Reviewed by:	glebius
2012-11-23 10:14:54 +00:00
tuexen
debae4f153 Cleanup the code a bit, which improves the portability.
MFC after: 1 week
2012-11-19 19:26:19 +00:00
tuexen
55b42c566a Fix the handling of mapped IPv6 addresses in sctp_connectx().
MFC after: 3 days
2012-11-19 19:19:04 +00:00
kevlo
f2c2ff1baf - the preferred way to write a NULL pointer constant is with NULL
- whitespace nit

Reviewed by:	glebius
2012-11-16 15:02:35 +00:00
joel
3421e21bee mdoc: Use the Ev macro for environmental variables. 2012-11-16 12:03:50 +00:00
kevlo
5c97761dcf Document that rtprio(2) and rtprio_thread(2) can fail with EFAULT
due to the invoked copyout(9).

Reviewed by:	davidxu
2012-11-16 09:56:25 +00:00
grog
ff16940b26 Complete man page.
MFC after:	2 weeks
2012-11-16 01:41:42 +00:00
kevlo
0ebb652007 Document that sendfile(2) can fail with ENOBUFS.
Reviewed by:	glebius
2012-11-14 01:45:10 +00:00
kib
39bfcc5eed Document wait6() and waitid().
PR:	standards/170346
Submitted by:	"Jukka A. Ukkonen" <jau@iki.fi>
MFC after:	1 month
2012-11-13 12:56:42 +00:00
kib
37c97ba01b Implement the waitid() SUSv4 function using wait6() system call.
PR:	standards/170346
Submitted by:	"Jukka A. Ukkonen" <jau@iki.fi>
MFC after:	1 month
2012-11-13 12:55:52 +00:00
dim
551d372a1b Add an explanatory comment to lib/libc/gen/isnan.c about the fix to make
static linking with libc and libm work.

Requested by:	jilles
MFC after:	1 week
X-MFC-With:	242879
2012-11-11 13:28:04 +00:00
dim
464808b6f1 Only define isnan, isnanf, __isnan and __isnanf in libc.so, not in
libc.a and libc_p.a.  In addition, define isnan in libm.a and libm_p.a,
but not in libm.so.

This makes it possible to statically link executables using both isnan
and isnanf with libc and libm.

Tested by:	kargl
MFC after:	1 week
2012-11-10 21:22:10 +00:00
grog
8af663c65d Clarify that the ' flag is an apostrophe.
MFC after:	2 weeks
2012-11-08 02:01:04 +00:00
tuexen
7d0528e7e8 Fix errno in a couple of error cases.
MFC after: 3 days
2012-11-03 13:22:25 +00:00
jilles
04d3ae223e fopen(3): Mention that the "x" mode option is from C11.
MFC after:	1 week
2012-11-01 22:47:42 +00:00
jilles
4be8d9368b fcntl(2): Fix typos in name of constant "F_DUP2FD_CLOEXEC".
MFC after:	1 week
2012-11-01 09:38:28 +00:00
eadler
7f780401e5 Update the kill(2) and killpg(2) man pages to the modern permission
checks. Also indicate killpg(2) is POSIX compliant.

Reviewed by:	jilles
Reviewed by:	wblock
Approved by:	cperciva
MFC after:	3 days
2012-10-22 03:37:00 +00:00
eadler
3f7a414911 remove duplicate semicolons where possible.
Approved by:	cperciva
MFC after:	1 week
2012-10-22 03:00:37 +00:00
andre
6062df3e66 Grammar fixes to r241781.
Submitted by:	alc
2012-10-20 19:38:22 +00:00
andre
1211b4598c Hide the unfortunate named sysctl kern.ipc.somaxconn from sysctl -a
output and replace it with a new visible sysctl kern.ipc.acceptqueue
of the same functionality.  It specifies the maximum length of the
accept queue on a listen socket.

The old kern.ipc.somaxconn remains available for reading and writing
for compatibility reasons so that existing programs, scripts and
configurations continue to work.  There no plans to ever remove the
orginal and now hidden kern.ipc.somaxconn.
2012-10-20 12:53:14 +00:00
brooks
cb3047054f Replace our version of the pwcache(3) API with NetBSD's implementation.
This adds two features:
 * uid_from_user() and gid_from_group() as the reverse of user_from_uid()
   and groups_from_gid().
 * pwcache_userdb() and pwcache_groupdb() which allow alternative lookup
   functions to be used.  For example lookups from passwd and group
   databases in a non-standard location.
2012-10-19 12:44:22 +00:00
stefanf
61816f86e1 Fix my last commit. Only call strunvis after properly checking the argument is
not NULL.
2012-10-11 08:18:28 +00:00
stefanf
054e35b9ef Decode the first two fstab fields with strunvis(3). This allows having spaces
in devices and mount paths, encoded as \s or \040.

PR:		bin/117687
Submitted by:	Martin Kammerhofer
Discussed on:	arch
2012-10-11 07:54:29 +00:00
stefanf
1ae38f4b7e Apply some style. Checked with md5. 2012-10-11 07:39:51 +00:00
eadler
6a02d06d1d Remove undefined behavior from sranddev() and
srandomdev(). This doesn't actually work
with any modern C compiler:

In particular, both clang and modern gcc
verisons silently elide any xor operation
with 'junk'.

Approved by:	secteam
MFC after:	3 days
2012-10-09 14:25:14 +00:00
pfg
322c7845da rpc: convert all uid and gid variables to u_int.
After further discussion, instead of pretending to use
uid_t and gid_t as upstream Solaris and linux try to, we
are better using u_int, which is in fact what the code
can handle and best approaches the range of values used
by uid and gid.

Discussed with:	bde
Reviewed by:	bde
2012-10-04 04:15:18 +00:00
pfg
fc02898d2b rpc: convert all uid and gid variables of the type uid_t and gid_t.
The previous change (based on Solaris) doesn't work properly either
as the casting only has the effect of quieting the compiler.

Move back to the previous solution but adjust the sizeof()
type in xdr_array(). This should mostly work (by accident).

Reported by:	bde
2012-10-03 20:39:11 +00:00
ache
cbaa91b075 Optimize prev. commit for speed.
1) Don't iterate the loop from the environment array beginning each time,
iterate it under the last place we deactivate instead.
2) Call __rebuild_environ() not on each iteration but once, only at the end
of whole loop (of course, only in case if something is changed).

MFC after:      1 week
2012-10-03 04:46:58 +00:00
pfg
d142b7417c rpc: convert all uid and gid variables of the type uid_t and gid_t.
As part of the previous commit, uses of xdr_int() were replaced
with xdr_u_int(). This has undesired effects as the second
argument doesn't match exactly uid_t or gid_t. It also breaks
assumptions in the size of the provided types.

To work around those issues we revert back to the use of xdr_int()
but provide proper casting so the behaviour doesn't change.

While here fix a style issue in the affected lines.

Reported by:	bde
2012-10-03 03:44:23 +00:00
pfg
4143500b7b libtirpc: be sure to free cl_netid and cl_tp
When creating a client with clnt_tli_create, it uses strdup to copy
strings for these fields if nconf is passed in. clnt_dg_destroy frees
these strings already. Make sure clnt_vc_destroy frees them in the same
way.

This change matches the reference (OpenSolaris) implementation.

Tested by:	David Wolfskill
Obtained from:	Bull GNU/Linux NFSv4 Project (libtirpc)
MFC after:	2 weeks
2012-10-02 19:10:19 +00:00
pfg
7842c9016d Fix __rpc_getconfip
__rpc_getconfip is supposed to return the first netconf
entry supporting tcp or udp, respectively. The code will
currently return the *last* entry, plus it will leak
memory when there is more than one such entry.

This change matches the reference (OpenSolaris)
implementation.

Tested by:	David Wolfskill
Obtained from:	Bull GNU/linux NFSv4 Project (libtirpc)
MFC after:	1 week
2012-10-02 19:03:21 +00:00
pfg
801a570273 RPC: Convert all uid and gid variables of the type uid_t and gid_t.
This matches what upstream (OpenSolaris) does.

Tested by:	David Wolfskill
Obtained from:	Bull GNU/Linux NFSv4 project (libtirpc)
MFC after:	3 days
2012-10-02 19:00:56 +00:00
ache
001794b735 Using putenv() and later direct pointer contents modification it is possibe
to craft environment variables with similar names like that:
a=1
a=2
...
unsetenv("a") should remove them all to make later getenv("a") impossible.
Fix it to do so (this is GNU autoconf test #3 failure too).

PR:             172273
MFC after:      1 week
2012-10-02 17:44:08 +00:00
eadler
02d21d96e0 clarify the wording for 'first' and 'last'
Approved by:	wblock
MFC after:	3 days
2012-09-30 03:25:04 +00:00
jilles
fba61ef227 libc: Use O_CLOEXEC for various internal file descriptors.
This fixes a race condition where another thread may fork() before CLOEXEC
is set, unintentionally passing the descriptor to the child process.

This commit only adds O_CLOEXEC flags to open() or openat() calls where no
fcntl(fd, F_SETFD, FD_CLOEXEC) follows. The separate fcntl() call still
leaves a race window so it should be fixed later.
2012-09-29 11:54:34 +00:00
des
26701fe358 Slight stylification. 2012-09-28 13:50:37 +00:00
jilles
f702d078aa libc/fts: Use O_CLOEXEC for internal file descriptors.
Because fts keeps internal file descriptors open across calls, making such
descriptors close-on-exec helps not only multi-threaded applications but
also single-threaded applications.

In particular, this prevents passing a temporary file descriptor for saving
the current directory to processes created via find -exec.
2012-09-27 22:05:54 +00:00
pfg
17db4cd864 Complete revert of r239963:
The attempt to merge changes from the linux libtirpc caused
rpc.lockd to exit after startup under unclear conditions.

After many hours of selective experiments and inconsistent results
the conclusion is that it's better to just revert everything and
restart in a future time with a much smaller subset of the
changes.
____

MFC after:	3 days
Reported by:	David Wolfskill
Tested by:	David Wolfskill
2012-09-27 19:10:25 +00:00
jilles
e4c096aeb4 sigaction(2),sigwait(2),sigwaitinfo(2): Remove [EFAULT] error condition.
Passing an invalid pointer results in undefined behaviour.

The wrappers in libthr access some of the data pointed to by the arguments
in userland, so that an invalid pointer will cause a signal and not an
[EFAULT] error return.

Furthermore, if the [EFAULT] error occurs when the kernel is writing, it is
not a proper error in the sense that the call still commits (changing the
signal disposition or accepting the signal).

MFC after:	1 week
2012-09-27 17:48:04 +00:00
pfg
c2b29c9319 Partial revert of r239963:
The following change caused rpc.lockd to exit after startup:
____

libtirpc: be sure to free cl_netid and cl_tp

When creating a client with clnt_tli_create, it uses strdup to copy
strings for these fields if nconf is passed in. clnt_dg_destroy frees
these strings already. Make sure clnt_vc_destroy frees them in the
same way.
____

MFC after:	3 days
Reported by:	David Wolfskill
Tested by:	David Wolfskill
2012-09-24 03:14:17 +00:00
kevlo
02ad3abcdd Remove the restrict qualifier to match function prototype. 2012-09-20 02:25:18 +00:00
jilles
398bf0a7ed strsignal(): Reindent. 2012-09-19 19:22:24 +00:00
jilles
766649e667 strsignal(): Do not append signal numbers to messages for known signals.
Messages for known signals looked like "Terminated: 15" instead of
"Terminated".
2012-09-19 19:21:22 +00:00
eadler
8600cbb5b6 Correct double "the the"
Approved by:	cperciva
MFC after:	3 days
2012-09-14 21:28:56 +00:00
emaste
ed3f0cd13d According to a clarification at http://austingroupbugs.net/view.php?id=503
ptsname may set errno, so avoid saving and restoring errno across the
function.

PR:		standards/171572
2012-09-12 17:54:09 +00:00
emaste
87d02085ac Avoid mapping ENOENT to ENOTDIR for non-existent path components.
The ENOTDIR mapping was introduced in r235266 for kern/128933 based on
an interpretation of the somewhat ambiguous language in the POSIX realpath
specification.  The interpretation is inconsistent with Solaris and Linux,
a regression from 9.0, and does not appear to be permitted by the
description of ENOTDIR:

     20 ENOTDIR Not a directory.  A component of the specified pathname
             existed, but it was not a directory, when a directory was
             expected.

PR:		standards/171577
MFC after:	3 days
2012-09-12 17:05:39 +00:00
glebius
78d32fb722 Describe in detail required conditions for receiving the SCM_CREDS
control message and suggest to use LOCAL_CREDS setsockopt() for
reliability.
2012-09-12 09:50:17 +00:00
des
33eb85902d Add the same warning to rand48(3) as to rand(3) and random(3).
MFC after:	3 days
2012-09-11 12:55:15 +00:00
jilles
bd7319c0d8 libc/amd64: Do not export .cerror.
For some reason, libc exports the symbol .cerror (HIDENAME(cerror)), albeit
in the FBSDprivate_1.0 version. It looks like there is no reason for this
since it is not used from other libraries. Given that it cannot be accessed
from C and its strange calling convention, it is rather unlikely that other
things rely on it. Perhaps it is from a time when symbols could not be
hidden.

Most of the amd64 assembler code jumps to .cerror using the GOT. It can jump
to it directly now, as in non-PIC mode.

There are also some minor size optimizations to instructions but they yield
virtually no benefit in the size of libc.so.7 due to padding.

Reviewed by:	kib
2012-09-06 20:59:49 +00:00
trhodes
b483b4ba3d Avoid segfault if name is invalid. Basically, only
check for CTL_USER if the sysctl fails with ENOENT.

PR:		169056
Reviewed by:	jhb
2012-09-06 20:15:44 +00:00
jilles
a78b4512de libc/i386: Do not export .cerror.
For some reason, libc exports the symbol .cerror (HIDENAME(cerror)), albeit
in the FBSDprivate_1.0 version. It looks like there is no reason for this
since it is not used from other libraries. Given that it cannot be accessed
from C and its strange calling convention, it is rather unlikely that other
things rely on it. Perhaps it is from a time when symbols could not be
hidden.

Not exporting .cerror causes it to be jumped to directly instead of via the
PLT.

This change also takes advantage of .cerror's new status by not saving and
loading %ebx before jumping to it. (Therefore, .cerror now saves and loads
%ebx itself.) Where there was a conditional jump to a jump to .cerror, the
conditional jump has been changed to jump to .cerror directly (many modern
CPUs don't do static prediction and in any case it is not much of a benefit
anyway).

This change makes libc.so.7 a few kilobytes smaller.

Reviewed by:	kib
2012-09-05 21:41:05 +00:00
jhb
dfb185f559 When WIFCONTINUED was added, the number of "first" macros grew from
three to four.

MFC after:	1 week
2012-09-05 11:55:53 +00:00
des
7c43d2b090 Bump dates.
Reminded by:	bz@
2012-09-04 22:03:16 +00:00
des
2d0a5cb1e0 Add a prominent warning about these functions' unsuitability for
cryptographic purposes, and recommend using arc4random(3) instead.
2012-09-04 21:40:53 +00:00
ed
02dcf28b58 Rework all non-contributed files that use `struct timezone'.
This structure is not part of POSIX. According to POSIX, gettimeofday()
has the following prototype:

	int gettimeofday(struct timeval *restrict tp, void *restrict tzp);

Also, POSIX states that gettimeofday() shall return 0 (as long as tzp is
not used). Remove dead error handling code. Also use NULL for a
nul-pointer instead of integer 0.

While there, change all pieces of code that only use tv_sec to use
time(3), as this provides less overhead.
2012-09-01 14:45:15 +00:00
pfg
21bc2e377f Bring some changes from Bull's NFSv4 libtirpc implementation.
We especifically ignored the glibc compatibility changes
but this should help interaction with Solaris and Linux.
____

Fixed infinite loop in svc_run()
author	Steve Dickson
Tue, 10 Jun 2008 12:35:52 -0500 (13:35 -0400)
Fixed infinite loop in svc_run()
____

__rpc_taddr2uaddr_af() assumes the netbuf to always have a
non-zero data. This is a bad assumption and can lead to a
seg-fault. This patch adds a check for zero length and returns
NULL when found.
author	Steve Dickson
Mon, 27 Oct 2008 11:46:54 -0500 (12:46 -0400)
____

Changed clnt_spcreateerror() to return clearer
and more concise error messages.
author	Steve Dickson
Thu, 20 Nov 2008 08:55:31 -0500 (08:55 -0500)
____

Converted all uid and gid variables of the type uid_t and gid_t.
author	Steve Dickson
Wed, 28 Jan 2009 12:44:46 -0500 (12:44 -0500)
____

libtirpc: set r_netid and r_owner in __rpcb_findaddr_timed

These fields in the rpcbind GETADDR call are being passed uninitialized
to CLNT_CALL. In the case of x86_64 at least, this usually leads to a
segfault. On x86, it sometimes causes segfaults and other times causes
garbage to be sent on the wire.

rpcbind generally ignores the r_owner field for calls that come in over
the wire, so it really doesn't matter what we send in that slot. We just
need to send something. The reference implementation from Sun seems to
send a blank string. Have ours follow suit.
author	Jeff Layton
Fri, 13 Mar 2009 11:44:16 -0500 (12:44 -0400)
____

libtirpc: be sure to free cl_netid and cl_tp

When creating a client with clnt_tli_create, it uses strdup to copy
strings for these fields if nconf is passed in. clnt_dg_destroy frees
these strings already. Make sure clnt_vc_destroy frees them in the same
way.

author	Jeff Layton
Fri, 13 Mar 2009 11:47:36 -0500 (12:47 -0400)

Obtained from:	Bull GNU/Linux NFSv4 Project
MFC after:	3 weeks
2012-09-01 02:56:17 +00:00
zeising
9e17ee4443 Add missing .Pp macro.
PR:		docs/170380
Submitted by:	Garrett Cooper <yanegomi@gmail.com>
Approved by:	joel (mentor)
2012-08-21 16:35:14 +00:00
joel
30d5057ff7 Remove trailing whitespace. 2012-08-21 13:33:48 +00:00
davidxu
20f511dcbd Add manual pages for clock_getcpuclockid and pthread_getcpuclockid. 2012-08-21 09:18:28 +00:00
davidxu
225cbe2a01 Fix prototype. Also the function should return error code instead of
-1 on error.
2012-08-21 09:17:13 +00:00
davidxu
3f0806aa1f Implement syscall clock_getcpuclockid2, so we can get a clock id
for process, thread or others we want to support.
Use the syscall to implement POSIX API clock_getcpuclock and
pthread_getcpuclockid.

PR:	168417
2012-08-17 02:26:31 +00:00
kevlo
8552821dd8 Make 'junk' volatile so that compilers won't be tempted to optimize
Reviewed by:	ache
MFC after:	3 days
2012-08-17 01:05:56 +00:00
gonzo
0c19fd41e2 Merging of projects/armv6, part 2
Handle TLS for ARMv6 and ARMv7
2012-08-15 03:09:00 +00:00
ed
362478d3c0 Rename aux.c to auxv.c.
On Windows, AUX is the auxiliary device, usually pointing to COM1.
Therefore it is forbidden to create a file named aux.c. To make it a bit
easier for Windows users to check out our source code, rename this file
to auxv.c.

MFC after:	1 month
Discussed with:	kib
Suggested by:	Eric van Gyzen <eric vangyzen net>
2012-08-11 12:07:24 +00:00
jilles
4d961f95f8 nftw(): POSIX says directories causing loops should be silently skipped.
Formerly, loops caused nftw() to abort the traversal with ELOOP.
2012-08-09 22:05:40 +00:00
delphij
278be30294 Refresh with OpenBSD RCS ID changes to reflect that we now have essentionally
the same file.
2012-08-09 19:22:54 +00:00
jilles
01c6b906be ftw(): Do not check the maxfds argument against OPEN_MAX.
Apart from the fact that nothing should have OPEN_MAX as a limit (as opposed
to RLIMIT_NOFILE from getrlimit() or _SC_OPEN_MAX from sysconf()), POSIX
does not require us to check this. POSIX does have a requirement on the
application that maxfds not exceed {OPEN_MAX}, but does not require the
implementation to check it ("may fail").

PR:		95239
2012-08-09 15:11:38 +00:00
jilles
05000e5bd1 nftw(): Do not check the maxfds argument against OPEN_MAX.
Apart from the fact that nothing should have OPEN_MAX as a limit (as opposed
to RLIMIT_NOFILE from getrlimit() or _SC_OPEN_MAX from sysconf()), POSIX
does not require us to check this.

PR:		95239
Submitted by:	Todd Miller
2012-08-09 15:04:06 +00:00
delphij
dc04035695 Use calloc(). 2012-08-01 00:21:55 +00:00
joel
84ed784b36 Remove trailing whitespace. 2012-07-30 21:02:44 +00:00
issyl0
6a683d47fc Add more locale-specific functions to the relevant man pages and Makefile:
- lib/libc/locale/islower.3
  - lib/libc/locale/ispunct.3
  - lib/libc/locale/nl_langinfo.3
  - lib/libc/locale/isgraph.3
  - lib/libc/locale/isspace.3

Reviewed by:	bz
Approved by:	theraven
MFC after:	5 days
2012-07-30 20:56:19 +00:00
emaste
6856a42290 Correct BUGS description of static buffer use
Since r142667 strerror has unconditionally returned a pointer to a
static buffer.

MFC after:	1 week
2012-07-27 21:38:14 +00:00
kib
4e7839007a Document F_DUP2FD_CLOEXEC.
MFC after:	1 week
2012-07-27 10:41:53 +00:00
joel
dcf3898747 Start manpage with Dd macro and also remove a trailing whitespace
while here.
2012-07-26 14:46:19 +00:00
pluknet
99f0d16551 Update the 'C1x draft' reference to '.St -isoC-2011' mdoc macro.
Reviewed by:	theraven
MFC after:	1 week
2012-07-26 12:04:11 +00:00
issyl0
430cf8efee Add a new man page containing details of new locale-specific functions for
wctype.h, iswalnum_l(3).  Add it and its functions to the Makefile.

Reviewed by:	gavin, jilles
Approved by:	theraven
MFC after:	5 days
2012-07-25 22:17:44 +00:00