r299529,r299540:
Update libarchive to 3.2.0
New features:
- new bsdcat command-line utility
- LZ4 compression (in src only via external utility from ports)
- Warc format support
- 'Raw' format writer
- Zip: Support archives >4GB, entries >4GB
- Zip: Support encrypting and decrypting entries
- Zip: Support experimental streaming extension
- Identify encrypted entries in several formats
- New --clear-nochange-flags option to bsdtar tries to remove noschg and
similar flags before deleting files
- New --ignore-zeros option to bsdtar to handle concatenated tar archives
- Use multi-threaded LZMA decompression if liblzma supports it
- Expose version info for libraries used by libarchive
r299576,r299896:
Fix broken cpio behavior.
Relnotes: yes
Don't leak olinep if malloc() fails.
If malloc() fails to allocate linep, then free olinep (if it exists)
before returning to avoid a memory leak.
Reported by: Coverity
CID: 1016716
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D6755
Don't leak addrinfo if ai->ai_addrlen <= minsiz test fails.
If the ai->ai_addrlen <= minsiz test fails, then freeaddrinfo()
does not get called to free the memory just allocated by getaddrinfo().
Fix by moving ai->ai_addrlen <= minsiz to a separate nested if
block, and keep freeaddrinfo() in the outer block so that freeaddrinfo()
will be called whenever getaddrinfo() succeeds.
Reported by: Coverity
CID: 1273652
Reviewed by: ume
Differential Revision: https://reviews.freebsd.org/D6756
r299511 (by cem):
print_positional_test: Fix misuse of wchar APIs
These APIs take unit length, not byte length parameters.
CIDs: 1338543, 1338544, 1338545
r299510 (by cem):
libmp: Fix trivial buffer overrun
fgetln yields a non-NUL-terminated buffer and its length. This routine
attempted to NUL-terminate it, but did not allocate space for the NUL. So,
allocate space for the NUL.
CID: 1017457
r299502 (by cem):
nss/gethostby_test: fix broken vector iteration of gethostbyaddr h_aliases
h_aliases is a NULL-terminated rather than fixed-length array. nitems() is not
a valid way to determine its end; instead, check for NULL.
CID: 1346578
Fix up r300385
I accidentally glossed over the fact that tmp is manipulated via strchr, so
if we tried to free `tmp` after r300385, it would have crashed.
Create a separate pointer (tmp2) to track the original allocation of `tmp`,
and free `tmp2` if `p->nc_lookups` can't be malloced
CID: 1356026
Remove NO_WERROR from libbsnmp/Makefile.inc
This has been compiling without warnings with clang/gcc for a while now
Tested with: clang 3.8.0, gcc 4.2.x, gcc 5.x
r300387:
getnetid(..): consistently fclose fd at the end of the function
This mutes a false positive with cppcheck, but also helps eliminate future
potential issues with this variable
r300388:
Call endnetconfig on nc_handle sooner to avoid leaking nc_handle if tmpnconf
was NULL
This would theoretically happen if the netconfig protocol family and protocol
semantics were never matched.
CID: 978179
r300389:
nis_rpcent: don't leak resultbuf from yp_first(..)/yp_next(..)
If the buffer couldn't be adequately resized to accomodate an additional "\n",
it would leak resultbuf by breaking from the loop early
CID: 1016702
r300620:
Use reallocf instead of malloc to fix leak with outbuf_pmap
The previous code overwrote outbuf_pmap's memory with malloc once per
loop iteration, which leaked its memory; use reallocf instead to ensure
that memory is properly free'd each loop iteration.
Add a outbuf_pmap = NULL in the failure case to avoid a double-free
at the bottom of the function.
CID: 1038776
r300621:
Remove redundant NULLing of outbuf_pmap
If reallocf ever failed, outbuf_pmap would already be NULL
1) Unifdef USE_WEAK_SEEDING since it is too obsolete to support and makes
reading hard.
2) Instead of doing range transformation in each and every function here,
do it single time directly in do_rand(). One "mod" operation overhead is not
a big deal, but the code looks nicer and possible future functions additions
or PRNG change do not miss range transformations neither have unneeded ones.
3) Use POSIX argument types for visible functions (cosmetic).
1) Unifdef USE_WEAK_SEEDING it is too obsolete to support and makes reading
harder.
2) ACM paper require seed to be in [1, 2^31-2] range, so use the same range
shifting as already done for rand(3). Also protect srandomdev() + TYPE_0 case
(non default) from negative seeds.
3) Don't check for valid "type" range in setstate(), it is always valid as
calculated. Instead add a check that rear pointer not exceeed end pointer.
MFC: r300965
Micro optimize: C standard guarantees that right shift for unsigned value
fills left bits with zero, and we have exact 32bit unsigned value
(uint32_t), so there is no reason to add "& 0x7fffffff" here.
Make both the loader and kernel use the interface-mtu option if the
dhcp server provides it. Made up of these (semi-)related changes...
[kernel...] If the dhcp server provides an interface-mtu option, parse
the value and set that mtu on the interface.
[libstand...]
Garbage collect the bswap routines from libstand, use sys/endian.h.
If the dhcp server delivers an interface-mtu option, parse it and store
the value in a new global intf_mtu for use by the application.
[loader...]
If the dhcp server provided an interface-mtu option, transcribe the value
to the boot.netif.mtu env var, which will be picked up by pre-existing code
in nfs_mountroot() and used to configure the interface accordingly.
PR: 187094
libc/regex: fix two buffer underruns.
Fix some rather complex regex issues found on OpenBSD as part of some
ongoing work to fix a sed(1) bug.
Curiously the OpenBSD tests don't trigger segfaults on FreeBSD but the
bugs were confirmed by running a port of FreeBSD's regex under OpenBSD's
malloc. Huge thanks to Ingo for confirming the behavior.
Obtained from: OpenBSD (CVS 1.20, 1.21)
1) POSIX prohibits printing errors to stderr here and require
returning NULL:
"Upon successful completion, initstate() and setstate() shall return a
pointer to the previous state array; otherwise, a null pointer shall
be returned.
Although some implementations of random() have written messages to
standard error, such implementations do not conform to POSIX.1-2008."
2) Move error detections earlier to prevent state modifying.
------------------------------------------------------------------------
r300327 | ken | 2016-05-20 13:30:52 -0600 (Fri, 20 May 2016) | 11 lines
Add the density code for LTO-7 to libmt and the mt(1) man page.
The density code and bits per mm values were obtained from an
actual drive density report.
The number of tracks were obtained from an LTO-7 hardware
announcement on IBM's web site.
------------------------------------------------------------------------
Sponsored by: Spectra Logic
Set retval in the empty password case to avoid a path through the
code that fails to set retval before falling through to the final
return().
Reported by: emaste
Reported by: Coverity
CID: 1018711
Read the contents of the snapshot files properly
- Use fgetln instead of fgets; localize complexity related to fgetln(3)
inside the loop.
- Skip over blank lines.
- Skip over lines (properly) that start with a "#"
Hoist the getpwnam() call outside the first if/else block in
pam_sm_chauthtok(). Set user = getlogin() inside the true
branch so that it is initialized for the following PAM_LOG()
call. This is how it is done in pam_sm_authenticate().
Reported by: Coverity
CID: 272498
The requirement is for a GCC-compatible compiler and not necessarily
GCC itself. However, we currently expect any compiler used for building
the whole of FreeBSD to be GCC-compatible and many things will break if
not; there's no longer a need to have an explicit test for this in csu.
r299879 | truckman | 2016-05-15 18:30:32 -0700 (Sun, 15 May 2016) | 7 lines
Likely a false positive ... but make sure that -1 can't be used as an
array index by splitting up a test.
r299880 | truckman | 2016-05-15 18:38:24 -0700 (Sun, 15 May 2016) | 8 lines
Since rdata is only used as an argument to the immediately following
call to res_nopt_rdata(), revert r299879 and fix CID 603941 by moving
rdata = &buf[n];
inside the if block.
Reported by: Coverity
CID: 603941
Use strlcpy() instead of strncpy() to ensure that qf->fsname is NUL
terminated. Don't bother checking for truncation since the subsequent
stat() call should detect that and fail.
Reported by: Coverity
CID: 1018189
Issue NOTE_EXTEND when a directory entry is added to or removed from
the monitored directory as the result of rename(2) operation. The
renames staying in the directory are not reported.
Fix memory allocation edgecases in kvm_argv(..)
- Don't leak nbufp on realloc failure in kvm_argv
- Catch malloc errors with bufp
- Set buflen last in the "buflen == 0" case to ensure that
bufp/nbufp is properly reallocated on the next go around
Provide an example to the kqueue man page, showing
a basic usage example. Although it is an
untypical example for the use of kqueue, it is
better than nothing and should get people started.
PR: 196844
Submitted by: fernando.apesteguia@gmail.com
Reviewed by: kib
Approved by: kib
Differential Revision: https://reviews.freebsd.org/D6082
