1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-12 09:58:36 +00:00
Commit Graph

9078 Commits

Author SHA1 Message Date
Stefan Eßer
9300e88039 bc: upgrade to version 3.3.4
This upgrade performs an implicit flush of the output if the script
funcion read() is called, to make sure a prompt that does not end in a
new-line is correctly displayed in line-buffered output mode.

Merge commit '893ecb52db5ed47d6c1e8698334d34e0df651612'
2021-03-19 09:46:12 +01:00
Cy Schubert
eeb26cf52c wpa: import fix for P2P provision discovery processing vulnerability
Latest version available from: https://w1.fi/security/2021-1/

Vulnerability

A vulnerability was discovered in how wpa_supplicant processes P2P
(Wi-Fi Direct) provision discovery requests. Under a corner case
condition, an invalid Provision Discovery Request frame could end up
reaching a state where the oldest peer entry needs to be removed. With
a suitably constructed invalid frame, this could result in use
(read+write) of freed memory. This can result in an attacker within
radio range of the device running P2P discovery being able to cause
unexpected behavior, including termination of the wpa_supplicant process
and potentially code execution.

Vulnerable versions/configurations

wpa_supplicant v1.0-v2.9 with CONFIG_P2P build option enabled

An attacker (or a system controlled by the attacker) needs to be within
radio range of the vulnerable system to send a set of suitably
constructed management frames that trigger the corner case to be reached
in the management of the P2P peer table.

Note: FreeBSD base does not enable P2P.
2021-03-17 06:06:55 -07:00
Dmitry Chagin
5224c2a3bc Merge tcsh 6.22.03-ceccc7f
PR:		252663
MFC after:	1 week
2021-03-14 19:33:13 +03:00
Dimitry Andric
9097e3cbca Partially revert libcxxrt changes to avoid _Unwind_Exception change
(Note I am also applying this to main and stable/13, to restore the old
libcxxrt ABI and to avoid having to maintain a compat library.)

After the recent cherry-picking of libcxxrt commits 0ee0dbfb0d and
d2b3fadf2d, users reported that editors/libreoffice packages from the
official package builders did not start anymore. It turns out that the
combination of these commits subtly changes the ABI, requiring all
applications that depend on internal details of struct _Unwind_Exception
(available via unwind-arm.h and unwind-itanium.h) to be recompiled.

However, the FreeBSD package builders always use -RELEASE jails, so
these still use the old declaration of struct _Unwind_Exception, which
is not entirely compatible. In particular, LibreOffice uses this struct
in its internal "uno bridge" component, where it attempts to setup its
own exception handling mechanism.

To fix this incompatibility, go back to the old declarations of struct
_Unwind_Exception, and restore the __LP64__ specific workaround we had
in place before (which was to cope with yet another, older ABI bug).

Effectively, this reverts upstream libcxxrt commits 88bdf6b290da
("Specify double-word alignment for ARM unwind") and b96169641f79
("Updated Itanium unwind"), and reapplies our commit 3c4fd2463b
("libcxxrt: add padding in __cxa_allocate_* to fix alignment").

PR:		253840
2021-03-13 14:54:24 +01:00
Alex Richardson
8cf5812af4 capsicum-test: Update for O_BENEATH removal
Update the tests to check O_RESOLVE_BENEATH instead.
If this looks reasonable, I'll try to upstream this change.
This keeps a compat fallback for O_BENEATH since the Linux port still
has/had O_BENEATH with "no .., no absolute paths" semantics.

Test Plan:	`/usr/tests/sys/capsicum/capsicum-test -u 977` passes and
		runs the O_RESOLVE_BENEATH tests.
Reviewed By:	markj
Differential Revision: https://reviews.freebsd.org/D29016
2021-03-12 17:12:10 +00:00
Stefan Eßer
028616d0dd bc: Vendor import new version 3.3.3 2021-03-05 12:33:01 +01:00
Ed Maste
19587d7422 clang: Fix -gz=zlib options for linker
Clang commit ccb4124a4172bf2cb2e1cd7c253f0f1654fce294:

Fix -gz=zlib options for linker

gcc translates -gz=zlib to --compress-debug-options=zlib for both
assembler and linker but clang only does this for assembler.

The linker needs --compress-debug-options=zlib option to compress the
debug sections in the generated executable or shared library.

Due to this bug, -gz=zlib has no effect on the generated executable or
shared library.

This patch fixes that.

Clang commit 462cf39a5c180621b56f7602270ce33eb7b68d23:

[Driver] Fix -gz=zlib options for linker also on FreeBSD

ccb4124a4172 fixed translating -gz=zlib to --compress-debug-sections for
linker invocation for several ToolChains, but omitted FreeBSD.

Approved by:	dim
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D29028
2021-03-04 15:10:03 -05:00
Chris Rees
5ac70383c8 elftoolchain: stop leaving tempfiles on error
Temporary files were not cleaned up, resulting in $TMPDIR or even
the current directory becoming littered with ecp.* files.

This happened with error and even sometimes on success!

Approved by:		dim
MFC after:		4 weeks
Accepted upstream:	https://sourceforge.net/p/elftoolchain/code/3918/
Differential Revision:	https://reviews.freebsd.org/D28651
2021-03-04 12:24:07 +00:00
Alex Richardson
47ceb65f3c Fix capsicum-test build with GCC
Apparently GCC defines NULL to 0 in C++11 mode (instead of nullptr), so
this causes the following error:
```
In file included from capsicum-test.h:15,
                 from capsicum-test.cc:1:
gtest-1.10.0/include/gtest/gtest.h: In instantiation of 'testing::AssertionResult testing::internal::CmpHelperNE(const char*, const char*, const T1&, const T2&) [with T1 = long int; T2 = procstat*]':
capsicum-test.cc:75:3:   required from here
gtest-1.10.0/include/gtest/gtest.h:1621:28: error: ISO C++ forbids comparison between pointer and integer [-fpermissive]
 1609 |   if (val1 op val2) {\
      |       ~~~~~~~~~~~~
......
 1621 | GTEST_IMPL_CMP_HELPER_(NE, !=);
gtest-1.10.0/include/gtest/gtest.h:1609:12: note: in definition of macro 'GTEST_IMPL_CMP_HELPER_'
 1609 |   if (val1 op val2) {\
      |            ^~
```

Fix this by using nullptr directly.

Submitted upstream as https://github.com/google/capsicum-test/pull/56

Reported by:	Jenkins CI
2021-03-03 13:53:45 +00:00
Alex Richardson
955a3f9ad5 Update capsicum-test to git commit f4d97414d48b8f8356b971ab9f45dc5c70d53c40
This includes various fixes that I submitted recently such as updating the
pdkill() tests for the actual implemented behaviour
(https://github.com/google/capsicum-test/pull/53) and lots of changes to
avoid calling sleep() and replacing it with reliable synchronization
(pull requests 49,51,52,53,54). This should make the testsuite more reliable
when running on Jenkins. Additionally, process status is now retrieved using
libprocstat instead of running `ps` and parsing the output
(https://github.com/google/capsicum-test/pull/50). This fixes one previously
failing test and speeds up execution.

Overall, this update reduces the total runtime from ~60s to about 4-5 seconds.
2021-03-02 16:38:05 +00:00
Alex Richardson
c88c1f23a8 Allow ssp_test:read to pass more reliably
It appears that the stackframe layout can be slightly different depending on
compiler and target architecture. For example, when using CHERI LLVM for RISC-V
we can actually overflow the buffer by up to 8 bytes without SSP detecting it.
Fix this by increasing the overflow to 15 bytes.

Reviewed By:	ngie, emaste
Differential Revision: https://reviews.freebsd.org/D28997
2021-03-01 19:56:05 +00:00
Baptiste Daroussin
95da5e131a dialog: fix macro redefinition
dialog.h defines MIN and MAX (making sure to undefine the previous
macros if it already exists), but sys/param.h also defines those
macros (without guards) and is included after dialog.h resulting
in both gcc and clang complaining about macro redefiniton

While clang do accept -Wno-macro-redefined to ignore the redefinition
warning, gcc does not [1]

Undefine both macros prior inclusion of sys/param.h to avoid the warning

Reported by:	arichardson
2021-03-01 16:01:44 +01:00
dankm
888ae57252 nvi: fix catalog generation
Upstream broke catalog generation with some over-eagre style cleanups.
This brings in my pull request.

Obtained from:	https://github.com/lichray/nvi2/pull/88
Differential Revision: https://reviews.freebsd.org/D28594
2021-02-26 16:32:01 +01:00
Baptiste Daroussin
ec74116ace dialog: finish update to 1.3-20210117
patch dialog.c which requires stddef for the usage of offsetof
catchup on the config header
2021-02-26 10:17:19 +01:00
Baptiste Daroussin
a96ef45019 dialog: import dialog 1.3-20210117 2021-02-26 10:16:49 +01:00
Baptiste Daroussin
7a65641922 ncurses: import version 6.2-20210220 2021-02-25 19:26:56 +01:00
Alex Richardson
fa32350347 close_range: add audit support
This fixes the closefrom test in sys/audit.

Includes cherry-picks of the following commits from openbsm:

4dfc628aaf
99ff6fe32a
da48a0399e

Reviewed By:	kevans
Differential Revision: https://reviews.freebsd.org/D28388
2021-02-23 17:47:07 +00:00
Dimitry Andric
d149877758 Fix possibly unitialized variables in __cxa_demangle_gnu3()
After 0ee0dbfb0d where I imported a more
recent libcxxrt snapshot, the variables 'rtn' and 'has_ret' could in
some cases be used while still uninitialized. Most obviously this would
lead to a jemalloc complaint about a bad free(), aborting the program.

Fix this by initializing a bunch variables in their declarations. This
change has also been sent upstream, with some additional changes to be
used in their testing framework.

PR:		253226
MFC after:	3 days
2021-02-22 21:01:09 +01:00
Alex Richardson
1ec3feb648 Update libm tests from NetBSD
I did this without a full vendor update since that would cause too many
conflicts. Since these files now almost match the NetBSD sources the
next git subtree merge should work just fine.

Reviewed By:	lwhsu
Differential Revision: https://reviews.freebsd.org/D28797
2021-02-22 17:41:04 +00:00
Dimitry Andric
d2b3fadf2d Revert 3c4fd2463b since upstream libcxxrt fixed it in another way
In 0ee0dbfb0d I imported a more recent
libcxxrt snapshot, which includes an upstream fix for the padding of
struct _Unwind_Exception:

e458560b7e

However, we also had a similar fix in our tree as:
https://cgit.freebsd.org/src/commit/?id=3c4fd2463bb29f65ef1404011fcb31e508cdf2e2

Since having both fixes makes the struct too large again, it leads to
SIGBUSes when throwing exceptions on amd64 (or other LP64 arches). This
is most easily tested by running kyua without any arguments.

It looks like our fix is no longer needed now, so revert it to reduce
diffs against upstream.

PR:		253226
Reviewed by:	arichardson, kp
MFC after:	3 days
Differential Revision: https://reviews.freebsd.org/D28799
2021-02-19 22:18:02 +01:00
Dimitry Andric
0ee0dbfb0d Merge libcxxrt master 8049924686b8414d8e652cbd2a52c763b48e8456
Interesting fixes:
b3c73ba libelftc_dem_gnu3: Sync with elftoolchain r3877
7b2335c Mostly fix __cxa_demangle after #3

Reported by:	arichardson
PR:		253226
MFC after:	3 days
2021-02-18 22:30:27 +01:00
Fernando Apesteguía
cee8be2c78 vis(1): Add EXAMPLES section
Add three examples showing the use of `-h`, `-l`, `-t`, `-w`

christos@netbsd.org to be notified.

Reviewed by: bcr@, gbe@, imp@
Approved by: bcr@, gbe@ (mentor), imp@

Differential Revision: https://reviews.freebsd.org/D25242
2021-02-18 19:10:33 +01:00
Alex Richardson
2aa3ef285a libc: Fix t_spawn_fileactions test after ATF update
Since 4581cefc1e
ATF opens the results file on startup. This fixes problems like
capsicumized tests not being able to open the file on exit.

However, this test closes all file descriptors above 3 to get a
deterministic fd table allocation for the child. Instead of using closefrom
(which will close the ATF output file FD) I've changed this test use
the lowest available fd and pass that to the helper program as a string.

We could also try to re-open the results file in ATF if we get a EBADF
error, but that will fail when running under Capsicum.

Reviewed By:	cem
Differential Revision: https://reviews.freebsd.org/D28684
2021-02-18 14:02:47 +00:00
Stefan Eßer
9a995fe186 Upgrade to version 3.3.0
This update changes the behavior of "-e" or "-f" in BC_ENV_ARGS:

Use of these options on the command line makes bc exit after executing
the given commands. These options will not cause bc to exit when
passed via the environment (but EOF in STDIN or -e or -f on the
command line will make bc exit as before).

The same applies to DC_ENV_ARGS with regard to the dc program.
2021-02-17 23:02:01 +01:00
Jung-uk Kim
6b7e592c21 lex: Do not let input() return 0 when end-of-file is reached
Importing flex 2.6.4 has introduced a regression: input() now returns 0
instead of EOF to indicate that the end of input was reached, just like
traditional AT&T and POSIX lex.  Note the behavior contradicts flex(1).
See "INCOMPATIBILITIES WITH LEX AND POSIX" section for information.
This incompatibility traces back to the original version and documented
in its manual page by the Vern Paxson.

Apparently, it has been reported in a few places, e.g.,

https://github.com/westes/flex/issues/448
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911415

Unfortunately, this also breaks the scanner used by libdtrace and
dtrace is unable to resolve some probe argument types as a result.  See
PR253440 for more information.

Note the regression was introduced by the following upstream commit
without any explanation or documentation change:

f863c9490e

Now we restore the traditional flex behavior unless lex-compatibility
mode is set with "-l" option because I believe the author originally
wanted to make it more lex and POSIX compatible.

PR:		253440
Reported by:	markj
2021-02-17 02:22:47 -05:00
Alex Richardson
2d936e6c99 Update capsicum-test to git commit 7707222b46abe52d18fd4fbb76115ffdb3e6f74b
This includes changes to use GTEST_SKIP() instead of the local hand-rolled
mechanism as well as a few minor cleanups.
2021-02-16 14:35:12 +00:00
Alex Richardson
10fc4c3218 Fix two failing tests after ATF update
Since 4581cefc1e
ATF opens the results file on startup. This fixes problems like
capsicumized tests not being able to open the file on exit.

However, this test closes all file descriptors just to check that
socketpair returns fd 3+4 and thereby also closes the ATF results file.
This then results in an EBADF when writing the result so the test is
reported as broken.

While system calls that create new file descriptors (must?) use the lowest
available file descriptor number, it does not seem useful to test this
property here. Drop the check for FD==3/4 to unbreak the testsuite.

We could also try to re-open the results file in ATF if we get a EBADF
error, but that will fail when running under Capsicum.

Reviewed By:	cem
Differential Revision: https://reviews.freebsd.org/D28683
2021-02-15 22:55:12 +00:00
Alex Richardson
90b5fc9583 lib/libc/tests/rpc: Correctly set timeout
The rpc_control() API does not accept the CLCR_SET_RPCB_TIMEOUT command,
it only accepts RPC_SVC_CONNMAXREC_GET/RPC_SVC_CONNMAXREC_SET, so it was
not doing anything.
Instead of incorrectly calling this API, use clnt_create_timed() instead.

I noticed this because the test was timing out after 120s in the CheriBSD CI.

Reviewed By:	ngie
Differential Revision: https://reviews.freebsd.org/D28478
2021-02-13 13:53:01 +00:00
Dimitry Andric
0ff1014944 Update Subversion to 1.14.1 LTS. See contrib/subversion/CHANGES for a
summary of changes, or for a more thorough overview:

https://subversion.apache.org/docs/release-notes/1.14

NOTE 1: There is no need to dump and reload repositories, and the
working copy format is still the same as Subversion 1.8 through 1.13.

NOTE 2: The upstream release also contains a fix for a security issue in
mod_dav_svn (CVE-2020-17525), but since we do not build or use any
Apache modules, it is not an issue for the FreeBSD base system.

Relnotes:	yes
MFC after:	3 days
2021-02-13 14:38:51 +01:00
Jung-uk Kim
bf80e08ed5 yacc: Regen test cases for the previous commit 2021-02-11 18:41:28 -05:00
Jung-uk Kim
80f3143274 yacc: Use NULL instead of 0 for pointers
Note araujo tried to fix it in r298241 but he only touched generated
files for bootstrap.  This commit properly fixes the problem.
2021-02-11 18:40:00 -05:00
Jung-uk Kim
34e67bb597 lex: Use NULL instead of 0 for pointers
Note araujo tried to fix it in r298241 but he only touched generated
files for bootstrap.  This commit properly fixes the problem.
2021-02-11 18:31:53 -05:00
Dimitry Andric
2512066228 Fix lib/msun/test builds on platforms without 80-bit long doubles
After d3338f3355, the lib/msun test case
'hypotl_near_underflow' would fail to compile on platforms where long
doubles weren't 80 bit, like on x86. Disable this particular test on
such platforms for now.

PR:		253313
MFC after:	1 week
X-MFC-With:     d3338f3355
2021-02-11 12:01:10 +01:00
Simon J. Gerraty
dba7b0ef92 Merge bmake-20210206
Changes of interest

  o unit-tests: use private TMPDIR to avoid errors from other users
  o avoid strdup in mkTempFile
  o always use vfork
  o job.c: do not create empty shell files in jobs mode
    reduce unnecessary calls to waitpid
  o cond.c: fix debug output for comparison operators in conditionals
2021-02-10 22:03:22 -08:00
Dimitry Andric
d3338f3355 Fix incorrect hypotl(3) result with subnormal numbers
This adjusts the factor used to scale the subnormal numbers, so it
becomes the right value after adjusting its exponent. Thanks to Steve
Kargl for finding the most elegant fix.

Also enable the hypot tests, and add a test case for this bug.

PR:		253313
MFC after:	1 week
2021-02-10 23:28:43 +01:00
Cy Schubert
f44e67d120 MFV d60fa10fd8:
Update unbound 1.13.0 --> 1.13.1.

Includes numerous bugfixes documented at:
https://www.nlnetlabs.nl/projects/unbound/download/#unbound-1-13-1

MFC after:	1 month
2021-02-09 20:27:25 -08:00
Dimitry Andric
51af033287 Add test case for 93fc678965 (incorrect powf(3) result)
This adds the test case to contrib/netbsd-tests/lib/libm/t_pow.c, as it
is currently the only place testing pow(3) and friends.

MFC after:	1 week
2021-02-09 23:37:18 +01:00
Cy Schubert
d60fa10fd8 Vendor import of Unbound 1.13.1.
Includes numerous bugfixes documented at:
https://www.nlnetlabs.nl/projects/unbound/download/#unbound-1-13-1
2021-02-09 12:59:02 -08:00
Cy Schubert
57785538c6 Simplify the FreeBSD check using __FreeBSD__ compiler macro.
Rather than rely on __FreeBSD_version, defined in sys/param.h, use
__FreeBSD__ defined by the compiler.

Reported by:	emaste
MFC after:	1 week
2021-02-08 16:36:27 -08:00
Cy Schubert
d20f7a5a3d Simply FreeBSD check using __FreeBSD__ and remove OpenBSD
MFC after:	1 week
2021-02-08 16:36:27 -08:00
Kyle Evans
3e2d96ac97 grep: fix -A handling in conjunction with -m match limitation
The basic issue here is that grep, when given -m 1, would stop all
line processing once it hit the match count and exit immediately.  The
problem with exiting immediately is that -A processing only happens when
subsequent lines are processed and do not match.

The fix here is relatively easy; when bsdgrep matches a line, it resets
the 'tail' of the matching context to the value supplied to -A and
dumps anything that's been queued up for -B. After the current line has
been printed and tail is reset, we check our mcount and do what's
needed. Therefore, at the time that we decide we're doing nothing, we
know that 'tail' of the context is correct and we can simply continue
on if there's still more to pick up.

With this change, we still bail out immediately if there's been no -A
flag. If -A was supplied, we signal that we should continue on. However,
subsequent lines will not even bothere to try and process the line.  We
have reached the match count, so even if the next line would match then
we must process it if it hadn't. Thus, the loop in procfile() can
short-circuit and just process the line as a non-match until
procmatches() indicates that it's safe to stop.

A test has been added to reflect both that we should be picking up the
next line and that the next line should be considered a non-match even
if it should have been.

PR:		253350
MFC-after:	3 days
2021-02-08 12:41:22 -06:00
Cy Schubert
10990cb460 Simplify FreeBSD check.
MFC after:	1 week
2021-02-05 18:39:38 -08:00
Cy Schubert
e673debe7d Simplify BSD macro tests.
All FreeBSD and NetBSD are BSD >= 199306 and have been for a long time.

MFC after:	1 week
2021-02-05 18:39:38 -08:00
Kyle Evans
f823c6dc73 grep: fix null pattern and empty pattern file behavior
The null pattern semantics were terrible because I tried to match gnugrep,
but I got it wrong.  Let's unwind that:

- The null pattern should match every line if neither -w nor -x.
- The null pattern should match empty lines if -x.
- The null pattern should not match any lines if -w.

The first two will stop processing (shortcut) even if additional patterns
are specified. In any other case, we will continue processing other
patterns.  If no other patterns are specified beside a null pattern, then
we match if neither -w nor -x or set and do not match if either of those
are specified.

The justification for -w is that it should match on a whole word, but the
null pattern deos not have a whole word to match on.

Empty pattern files should never match anything, and more importantly, -v
should cause everything to be written.

PR:		253209
MFC-after:	4 days
2021-02-04 20:59:42 -06:00
Alex Richardson
c203bd70b5 Import atf 0.22 snapshot ca73d08c3fc1ecffc1f1c97458c31ab82c12bb01
This includes improvements to the atf-sh helper functions that
significantly reduce the number of spawned processes for each test
and therefore speeds up running the testsuite noticeably.
2021-02-04 15:03:05 +00:00
John Baldwin
cb7cc72c54 serf: Fix the default return value of the BIO control method.
OpenSSL BIO classes provide an abstraction for dealing with I/O.
OpenSSL provides BIO classes for commonly used I/O primitives backed
by file descriptors, sockets, etc. as well as permitting consumers
of OpenSSL to define custom BIO classes.

One of the methods BIO classes implement is a control method invoked
by BIO_ctrl() for various ancilliary tasks somewhat analgous to
fcntl() and ioctl() on file descriptors.  According to the BIO_ctrl(3)
manual page, control methods should return 0 for unknown control
requests.

KTLS support in OpenSSL adds new control requests.  Two of those new
requests are queries to determine if KTLS is enabled for either
reading or writing.  These control reuquest return 1 if KTLS is
enabled and 0 if it is not.

serf includes two custom BIO classes for wrapping I/O requests from
files and from a buffer in memory.  These BIO classes both use a
custom control method.  However, this custom control method was
returning 1 for unknown or unsupported control requests instead of 0.
As a result, OpenSSL with KTLS believed that these BIOs were using
KTLS and were thus adding headers and doing encryption/decryption in
the BIO.  Correcting the return value removes this confusion.

PR:		253135
Reported by:	Guido Falsi <mad@madpilot.net>
Reviewed by:	emaste
MFC after:	3 days
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D28472
2021-02-03 14:59:32 -08:00
Ed Maste
847dfd2803 readelf: do not trucate section name with -W
PR:		246015
Reviewed by:	cem
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D28461
2021-02-03 16:24:22 -05:00
Ed Maste
e79b51e2b2 readelf: decode LA48 and ASG_DISABLE feature flags
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2021-02-03 16:17:56 -05:00
Alex Richardson
2a39919364 readelf: Fix printing NT_FREEBSD_ARCH_TAG
Looking at lib/csu/arm/crt1_s.S, this should be a string and therefore the
restriction to 4 characters seems wrong.
Found whle updating https://reviews.llvm.org/D74393.

Reviewed By:	emaste
Differential Revision: https://reviews.freebsd.org/D28470
2021-02-03 15:44:39 +00:00
Cy Schubert
0f34c80f37 Replace the redundant MENTAT macro with SOLARIS.
MENTAT and SOLARIS are synonymous. Remove the extraneous duplicate
macro.

MFC after:	1 week
2021-02-01 17:19:15 -08:00