macro is defined in lots of different places in ipfilter, so replace all
of the nonportable definitions with portable ones.
Pointy hat to: dim
X-MFC-With: r304959, r304953
MFC after: 3 days
conversions from int to short changing the values. This applies to
B38400 and higher, since their values do not fit into a short.
However, since the wrapped values are still unique, and they only serve
as keys, there is no problem in adding a cast to silence the warnings.
This also avoids changing the ABI, which would happen if we changed
NCURSES_OSPEED to int.
Discussed with: Thomas Dickey
MFC after: 1 week
Sync libarchive with vendor including security fixes
Vendor issues fixed:
Issue #731: Reject tar entries >= INT64_MAX
Issue #744 (part of Issue #743): Enforce sandbox with very long pathnames
Issue #748: Zip decompression failure with highly-compressed data
Issue #767: Buffer overflow printing a filename
Issue #770: Zip read: be more careful about extra_length
MFC after: 3 days
- Return appropriate error code instead of ENOMEM when sosend() fails in
send_mpa_req.
- Fix for problematic race during destroy_qp.
- Abortive close in the failure of send_mpa_reject() instead of normal close.
- Remove the unnecessary doorbell flowcontrol logic.
Submitted by: Krishnamraju Eraparaju at Chelsio
MFC after: 1 month
Sponsored by: Chelsio communications
Update from sqlite3-3.12.1 (3120100) to sqlite3-3.14.1 (3140100).
This commit addresses the tmpdir selection vulnerability fixed in
sqlite3-1.13.0. See VuXML entry 546deeea-3fc6-11e6-a671-60a44ce6887b.
Security: VuXML 546deeea-3fc6-11e6-a671-60a44ce6887b
Security: CVE-2016-6153
Most important change being:
dma - Fix security hole (#46)
Affecting DragonFly 4.6 and earlier, Matt Dillon fixed this in base after
finding out from BSDNow Episode 152. Comments following were from his commit
which explains better than I. Just taking his change and putting it here as well.
* dma makes an age-old mistake of not properly checking whether a file
owned by a user is a symlink or not, a bug which the original mail.local
also had.
* Add O_NOFOLLOW to disallow symlinks.
Thanks-to: BSDNow Episode 152, made me dive dma to check when they talked
about the mail.local bug.
MFC After: 2 days
Fix for pr24346: arm asm label calculation error in sub
Some ARM instructions encode 32-bit immediates as a 8-bit integer
(0-255) and a 4-bit rotation (0-30, even) in its least significant 12
bits. The original fixup, FK_Data_4, patches the instruction by the
value bit-to-bit, regardless of the encoding. For example, assuming
the label L1 and L2 are 0x0 and 0x104 respectively, the following
instruction:
add r0, r0, #(L2 - L1) ; expects 0x104, i.e., 260
would be assembled to the following, which adds 1 to r0, instead of
260:
e2800104 add r0, r0, #4, 2 ; equivalently 1
The new fixup kind fixup_arm_mod_imm takes care of the encoding:
e2800f41 add r0, r0, #260
Patch by Ting-Yuan Huang!
This fixes label calculation for ARM assembly, and is needed to enable
ARM assembly sources for OpenSSL.
Requested by: jkim
MFC after: 3 days
[X86] AMD Bobcat CPU (btver1) doesn't support XSAVE
btver1 is a SSSE3/SSE4a only CPU - it doesn't have AVX and doesn't
support XSAVE.
Differential Revision: http://reviews.llvm.org/D17682
Pull in r262782 from upstream llvm trunk (by Simon Pilgrim):
[X86] AMD Bobcat CPU (btver1) doesn't support XSAVE
btver1 is a SSSE3/SSE4a only CPU - it doesn't have AVX and doesn't
support XSAVE.
Differential Revision: http://reviews.llvm.org/D17683
This ensures clang does not emit AVX instructions for CPUTYPE=btver1.
Reported by: Michel Depeige <demik+freebsd@lostwave.net>
PR: 211864
MFC after: 3 days
The NetBSD ATF tests explicitly check that these functions do not modify
their input. These tests are NetBSD-specific. They test for something
that is not part of POSIX.
PR: 211873
Reviewed by: ngie
Differential Revision: https://reviews.freebsd.org/D7506
Sync libarchive with vendor including three security fixes
Vendor issues fixed:
Issue #744: Very long pathnames evade symlink checks
Issue #748: libarchive can compress, but cannot decompress zip some files
PR #750: ustar: fix out of bounds read on empty string ("") filename
PR #755: fix use of acl_get_flagset_np() on FreeBSD
MFC after: 3 days
The partition_name field is an array, so can never be NULL itself. Check only
the first byte instead.
This was found when test building with clang, but I'm not sure how it passes
gcc's warnings either.
The blacklist library can accept a function to use for logging,
defaulting to vsyslog(), if no function is specified. Make the
blacklist library use strerror(errno) explicitly, instead of %m,
so that the passed in function does not need to support the
syslog specific placeholder.
This matches a change already submitted and accepted upstream.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
'wchar_t' is 7 characters long, not 6. r303297 fixed this in libelftc,
but not the second copy of this file that we have in libcxxrt.
PR: 208661
Submitted by: Daniel McRobb
Obtained from: ELF Tool Chain r3480
MFC after: 3 days
llvm libunwind includes a libunwind.cpp, but on ARM libunwind.S is found
first in .PATH. Rename the latter one, since it is not going to be
updated again.
Reviewed by: andrew
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D7162
which is more efficient.
Note that for now we do not create a separate library for libdivsufsort
because it's not used anywhere else.
Obtained from: Chromium
MFC after: 2 months
The addition of the referenceCount to __cxa_allocate_exception put the
unwindHeader at offset 0x58 in __cxa_exception, but it requires 16-byte
alignment. In order to avoid changing the current __cxa_exception ABI
(and thus breaking its consumers), add explicit padding in the
allocation routines (and account for it when freeing).
This is intended as a lower-risk change for FreeBSD 11. A "more correct"
fix should be prepared for upstream and -CURRENT.
Reviewed by: dim
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D7271
_Unwind_Exception is required to be double word aligned. GCC has
interpreted this to mean "use the maximum useful alignment for the
target" so follow that lead.
Obtained from: LLVM review D22543
FreeBSD uses LLVM's libunwind on FreeBSD/arm64 today (and we expect to
use it more widely in the future) and it requires the EH frame segment
in static binaries.
Reviewed by: dim
Obtained from: Clang commit r266123
MFC after: 3 days
Relnotes: yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D7250
For historical reasons Darwin/i386 has ebp and esp swapped in the
eh_frame register numbering. That is:
Darwin Other
Reg # eh_frame eh_frame DWARF
===== ======== ======== =====
4 ebp esp esp
5 esp ebp ebp
Although the UNW_X86_* constants are not supposed to be coupled to
DWARF / eh_frame numbering they are currently conflated in LLVM
libunwind, and thus we require the non-Darwin numbering.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Instead of changing the whole course to another POSIX-permitted way
for consistency and uniformity I decide to completely ignore missing
regex fucntionality and focus on fixing bugs in what we have now,
too many small obstacles we have choicing other way, counting ports.
Corresponding libc changes are backed out in r302824.
Instead of changing the whole course to another POSIX-permitted way
for consistency and uniformity I decide to completely ignore missing
regex fucntionality and focus on fixing bugs in what we have now,
too many small obstacles we have choicing other way, counting ports.
Corresponding libc changes are backed out in r302824.
Instead of changing the whole course to another POSIX-permitted way
for consistency and uniformity I decide to completely ignore missing
regex fucntionality and focus on fixing bugs in what we have now,
too many small obstacles we have choicing other way, counting ports.
Corresponding libc changes are backed out in r302824.
Instead of trying to expand whole range at regcomp() stage as we do,
GNU regex allocates separate ranges [start,end] set each character
is checked against, so collation is possible and turned on for ranges here.
When something like that will be implemented or our obsoleted regex code
will be replaced to something like TRE, and in case we decide to use
collation in [a-z] ranges, all changes related to r302512 can be backed out,
but now we need consistency.
glob() here too.
I try to keep the change minimal to not touch contribed code much.
I'll send it upstream when it will be merged to the main branches,
but we need this change now here.
I'll try to keep the change very minimal to not touch contribed code much.
I'll send it upstream when it will be merged to main branches,
but we need the change right now here.
This may be reworked upstream but in the interim should address the
stack usage issue reported in the PR.
PR: 206384
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
The key improvement is that it may be built without cross-unwinding
support, which significantly reduces the stack space requirement.
MFC after: 1 week
Relnotes: yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D7123
This fixes the 02 testcases on i386 (at least), and may fix the testcases
in general on 32-bit platforms
Differential Revision: https://reviews.freebsd.org/D7052
Approved by: phil (maintainer)
Approved by: re (gjb)
Reported by: asomers
Reviewed by: phil
Submitted by: phil
Sponsored by: EMC / Isilon Storage Division
