memory area would arise. Only an addrinfo list from an earlier
call to getaddrinfo() should be freed there because it will be
substituted by the current list referenced by "res".
Reported by: John Long <fbsd1@pruam.com>
MFC after: 5 days
MAC labels are set if MAC is enabled and configured for the user
logging in.
Note that lukemftpd is not considered a supported application when
MAC is enabled, as it does not use the standard system interfaces for
managing user contexts; if lukemftpd is used with labeled MAC policies,
it will not properly give up privileges when switching to the user
account.
Approved by: re
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
than the LOMAC-specific interfaces for listing MAC labels. This permits
ls to view MAC labels in a manner similar to getfmac, when ls is used
with the -l argument. Next generation LOMAC will use the MAC Framework
so should "just" work with this and other policies. Not the prettiest
code in the world, but then, neither is ls(1).
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
before referencing object's DAG. This makes it possible for
C++ exceptions to work across shared libraries and brings
us closer to the search order used by Solaris/Linux.
Reviewed by: jdp
Approved by: obrien
MFC after: 1 month
even if there was no error occured (when trying to dlopen(3) object that
already linked into executable which does dlopen(3) call). This is more
proper fix for `ldd /usr/lib/libc.so' problem, because the new behaviour
conforms to documentation.
Remove workaround from ldd.c (rev.1.32).
PR: 35099
Submitted by: Nathan Hawkins <utsl@quic.net>
MFC after: 1 week
under way to move the remnants of the a.out toolchain to ports. As the
comment in src/Makefile said, this stuff is deprecated and one should not
expect this to remain beyond 4.0-REL. It has already lasted WAY beyond
that.
Notable exceptions:
gcc - I have not touched the a.out generation stuff there.
ldd/ldconfig - still have some code to interface with a.out rtld.
old as/ld/etc - I have not removed these yet, pending their move to ports.
some includes - necessary for ldd/ldconfig for now.
Tested on: i386 (extensively), alpha
o Don't free(3) memory occupied by host structures
already in the host list.
o Set hrp->hostinfo to NULL if a host record has to stay in
the host list, but is to be ignored. Selecthost() knows that.
o Reduce the pollution with excessive NULL checks.
o Close a couple of memory leaks.
MFC after: 1 week
for the DT_IA64_PLT_RESERVE dynamic table entry. When a shared object
does not have any PLT relocations, the linker apparently doesn't find
it necessary to actually reserve the space for the BOR (Bind On
Reference) entries as pointed to by the DTE. As a result, relocatable
data in the PLT was overwritten, causing some unexpected control flow
with annoyingly predictable outcome: coredump.
To reproduce:
% echo 'int main() { return 0; }' > foo.c
% cc -o foo foo.c -lxpg4
o check getaddrinfo(3) return value, not result pointer
o getaddrinfo(3) returns int, not pointer
o don't leak memory allocated for hostnames and hostinfo structures
o initialize pointers that will be checked for NULL somewhere
MFC after: 1 week
(I skipped those in contrib/, gnu/ and crypto/)
While I was at it, fixed a lot more found by ispell that I
could identify with certainty to be errors. All of these
were in comments or text, not in actual code.
Suggested by: bde
MFC after: 3 days
o Remove the race between stat(2) & fopen(3) when creating
a unique file.
o Improve bound checking when generating a unique name from
a given pathname.
o Ignore REST marker on APPE. No RFC specifies this case,
but the idea of resuming APPE's implies this.
o By default, deny upload resumes and appends by anonymous users.
Previously these commands were translated to STOU silently,
which led to broken files on server without any notification
to the user.
o Add an option, -m, to allow anonymous users to modify
existing files (e.g., to resume uploads) if filesystem
permissions permit.
Portions obrainded from: OpenBSD
MFC after: 3 weeks
objects' reference counts. This function is called by the atexit
mechanism at program shutdown. I don't think the locking is necessary
here. It caused OpenOffice builds to hang more often than not.
Credit to Martin Blapp and Matt Dillon for helping to diagnose this
problem and for testing the fix.
Earlier, a decimal number (e.g., 890) could be passed
for mode, leading to dangerous permissions set:
-1, that is, 07777.
Obtained from: OpenBSD
MFC after: 1 week
socket option to avoid exausting the passive port
space by TIME_WAIT'ing connections.
PR: bin/36955
Submitted by: Maxim Konovalov <maxim@FreeBSD.org>
MFC after: 2 weeks
write(2), and getipnodebyaddr(3) calls. Now all the above functions
accept "void *" in that arguments and have prototypes. Thus, the
casts are useless under the normal circumstances (and would be harmful
if the functions had no prototypes.)
MFC after: 2 weeks
o Always check a setsockopt(2) return value
o Use a consistent message format
o Don't abort if the failed setsockopt(2) was actually not vital
o Use LOG_WARNING, not LOG_ERR, in non-fatal cases
MFC after: 1 week
o "struct addrinfo" contains a pointer to "struct sockaddr,"
not "struct sockaddr" itself
o the function takes a pointer to "struct in*_addr", not to
"struct sockaddr," so the address length must be corresponding
MFC after: 1 week
Thus lines of any length can be handled, unlike before.
Don't assume that each line read from the files ends with a newline.
As a side effect in inithosts(), don't use automatic buffer at all,
utilize malloc(3) when getting local host name instead.
PR: misc/21494
Reviewed by: maxim, mikeh
MFC after: 1 month
comsat:
only send two bell charecters if S_IXGRP is set and S_IXUSR is not.
biff:
add new option 'b' to set S_IXGRP.
PR: 10931
Submitted by: Andrew J. Korty <ajk@purdue.edu>
Approved by: sheldonh (mentor)
MFC after: 1 month
They provided little benefit (if any) and they caused some problems
in OpenOffice, at least in post-KSE -current and perhaps in other
environments too. The nanosleep calls prevented the profiling timer
from advancing during the spinloops, thereby preventing the thread
scheduler from ever pre-empting the spinning thread. Alexander
Kabaev diagnosed this problem, Martin Blapp helped with testing,
and Matt Dillon provided some helpful suggestions.
This is a short-term fix for a larger problem. The use of spinlocking
isn't guaranteed to work in all cases. For example, if the spinning
thread has higher priority than all other threads, it may never be
pre-empted, and the thread holding the lock may never progress far
enough to release the lock. On the other hand, spinlocking is the
only locking that can work with an arbitrary unknown threads package.
I have some ideas for a much better fix in the longer term. It
would eliminate all locking inside the dynamic linker by making it
safe for symbol lookups and lazy binding to proceed in parallel
with a call to dlopen or dlclose. This means that the only mutual
exclusion needed would be to prevent multiple simultaneous calls
to dlopen and/or dlclose. That mutual exclusion could be put into
the native pthreads library. Applications using foreign threads
packages would have to make their own arrangements to ensure that
they did not have multiple threads in dlopen and/or dlclose -- a
reasonable requirement in my opinion.
MFC after: 3 days
of the remote host (or rather, the name as mangled by realhostname_sa())
so that the process can use it to behave differently depending on the
origin on the request. We use this to implement rudimentary visibility
control on our user information.
Make sure that the child process's standard error goes through the same
NVT-ASCII filter as is applied to the standard output.
Don't attempt to call logerr() from the child since stdio is not safe in
a vforked process. Just write a message to fd 2 instead. (Ideally, the
parent would open two pipes, and siphon off our stderr to some place less
public, but I have not attempted to do so in this implementation.)
matching constraints where appropriate. This makes the dynamic
linker buildable at -O0 again.
Thanks to Bruce Evans for identifying the cause of the build
problem.
MFC after: 1 week
Untested (testing request went unanswered), but sparc64 is not expected to
cause problems. IA64 is not expected to cause problems but the patch was
slightly more complex so the possibility exists.
Approved by: jdp
goto target was so the cache could be freed. So free the cache after
done: rather then before done: (!)
Submitted by: Gavin Atkinson <gavin@ury.york.ac.uk>
Martin Blapp determined that the elf dynamic loader was at fault. In
particular, the loader uses alloca() to allocate a symbol cache on the
stack. Normally this would work just fine, but if the loader is called
from a threaded program and the object being loaded is fairly large the
alloca() can blow away the thread stack and effect other nearby thread
stacks as well. My testing showed that the symbol cache can be as large
as 250KBytes during the openoffice port build and install sequence. Martin
was able to work around the problem by disabling the symbol cache
(cache = NULL;). However, this solution is not adequate for commit because
it can cause an enormous cpu burden for applications which do a lot of
dynamic loading (e.g. like konqueror).
The solution is to use anonymous mmap() to temporarily allocate space to
hold the symbol cache. In testing I found that replacing the alloca()
with mmap() has no observable degredation in performance.
It should be noted that this bug does not necessarily cause an immediate
crash but can instead result in long term corruption and instability in
applications that load modules from threads. The bug is almost certainly
responsible for some of the instabilities found in konqueror, for example,
and possibly netscape too.
Sleuthing work by: Martin Blapp <mb@imp.ch>
X-MFC after: Before or after the 4.6 release depending on the release engineers
can then end up not properly clearing wtmp/utmp entries.
PR: bin/37934
Submitted by: Sandeep Kumar <skumar@juniper.net>
Reviewed by: markm
MFC after: 2 weeks
