d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
freebsd-skq/sys
History
mjg 027c9d90e3 fork: plug a use after free of the returned process 
fork1 required its callers to pass a pointer to struct proc * which would
be set to the new process (if any). procdesc and racct manipulation also
used said pointer.

However, the process could have exited prior to do_fork return and be
automatically reaped, thus making this a use-after-free.

Fix the problem by letting callers indicate whether they want the pid or
the struct proc, return the process in stopped state for the latter case.

Reviewed by:	kib
2016-02-04 04:25:30 +00:00
..
amd64
Redo r292484. Embed task(9) into zone, so that uz_maxaction is called
2016-02-03 23:30:17 +00:00
arm
ARM: Consistently use cpu_setttb() instead of setttb().
2016-02-03 16:44:06 +00:00
arm64
Fix build.
2016-02-04 03:55:41 +00:00
boot
Still open the network interface when EFI_OPEN_PROTOCOL_EXCLUSIVE failed.
2016-02-03 14:34:25 +00:00
bsm
cam
Clean up unused-but-set-variable spotted by gcc-4.9.
2016-02-01 02:33:58 +00:00
cddl
MFV r294821: 6529 Properly handle updates of variably-sized SA entries.
2016-02-01 15:40:40 +00:00
compat
fork: plug a use after free of the returned process
2016-02-04 04:25:30 +00:00
conf
ARM: Remove support for xscale i80219 and i80321 CPUs. We haven't single
2016-02-03 09:15:44 +00:00
contrib
These files were getting sys/malloc.h and vm/uma.h with header pollution
2016-02-01 17:41:21 +00:00
crypto
Break up opencrypto/xform.c so it can be reused piecemeal
2015-12-30 22:43:07 +00:00
ddb
dev
Fix inverse logic. If this is zone_pack, then we shouldn't free the
2016-02-03 20:39:52 +00:00
fs
Revert r294695:
2016-02-03 14:31:23 +00:00
gdb
geom
Teach the flashmap code about the SPI flash.
2016-01-23 05:26:29 +00:00
gnu
i386
Convert ss_sp in stack_t and sigstack to void *.
2016-01-27 17:55:01 +00:00
isa
Convert rman to use rman_res_t instead of u_long
2016-01-27 02:23:54 +00:00
kern
fork: plug a use after free of the returned process
2016-02-04 04:25:30 +00:00
kgssapi
kcrypto_aes: Use separate sessions for AES and SHA1
2016-02-02 00:14:51 +00:00
libkern
mips
Fix build.
2016-02-04 03:55:41 +00:00
modules
filemon: Use process_exec EVENTHANDLER to capture sys_execve.
2016-01-28 21:45:25 +00:00
net
These files were getting sys/malloc.h and vm/uma.h with header pollution
2016-02-01 17:41:21 +00:00
net80211
These files were getting sys/malloc.h and vm/uma.h with header pollution
2016-02-01 17:41:21 +00:00
netgraph
These files were getting sys/malloc.h and vm/uma.h with header pollution
2016-02-01 17:41:21 +00:00
netinet
Increase max allowed backlog for listen sockets
2016-02-02 05:57:59 +00:00
netinet6
These files were getting sys/malloc.h and vm/uma.h with header pollution
2016-02-01 17:41:21 +00:00
netipsec
These files were getting sys/malloc.h and vm/uma.h with header pollution
2016-02-01 17:41:21 +00:00
netnatm
netpfil
These files were getting sys/malloc.h and vm/uma.h with header pollution
2016-02-01 17:41:21 +00:00
netsmb
nfs
MFP r287070,r287073: split radix implementation and route table structure.
2016-01-25 06:33:15 +00:00
nfsclient
nfsserver
nlm
ofed
LinuxKPI list updates:
2016-01-26 15:12:31 +00:00
opencrypto
Break up opencrypto/xform.c so it can be reused piecemeal
2015-12-30 22:43:07 +00:00
pc98
Convert rman to use rman_res_t instead of u_long
2016-01-27 02:23:54 +00:00
powerpc
Fix build.
2016-02-04 03:55:41 +00:00
riscv
Fix build.
2016-02-04 03:55:41 +00:00
rpc
These files were getting sys/malloc.h and vm/uma.h with header pollution
2016-02-01 17:41:21 +00:00
security
Busy the mount point which is the owner of the audit vnode, around
2016-01-16 10:06:33 +00:00
sparc64
Convert ss_sp in stack_t and sigstack to void *.
2016-01-27 17:55:01 +00:00
sys
fork: plug a use after free of the returned process
2016-02-04 04:25:30 +00:00
teken
tests
tools
Fix MFS builds when both MD_ROOT_SIZE and MFS_IMAGE are specified
2016-02-02 07:02:51 +00:00
ufs
Remove ffs_mountroot() prototype; seems to be long gone.
2016-01-28 12:21:23 +00:00
vm
Redo r292484. Embed task(9) into zone, so that uz_maxaction is called
2016-02-03 23:30:17 +00:00
x86
Convert rman to use rman_res_t instead of u_long
2016-01-27 02:23:54 +00:00
xdr
xen
xenbus: add a comment with the names of the generated accessors
2016-01-15 14:34:31 +00:00
Makefile