interfaces. The original resource_find() returned a pointer to an internal
resource table entry. resource_find_hard() dereferences the actual
passed in value (oops!) - effectively trashing random memory due to
the pointer being passed in with a random initial value.
Submitted by: bde
up cam_fill_ctio usage to passed atio flags. Clear periph_priv area
of new ctio so if the kernel is dumb enough to look at them (this is
a SECURITY hole) the panic will be obvious instead of subtle.
pthread_cond_signal(), pthread_cond_broadcast(), and pthread_cond_timedwait().
Do not dump core in pthread_cond_timedwait() (due to a NULL pointer
dereference) if attempting to wait on an uninitialized condition variable.
PR: bin/18099
libfetch features (fetchRestartCalls, fetchXGet()).
Since it doesn't make much sense to have m_flag and r_flag set at the same
time, and it can actually cause trouble in some cases, die if they're both
set.
Set the SA_RESETHAND flag for SIGINT so that when we've caught one, we can
kill ourselves with a second SIGINT (thus notifying our parent of our tragic
fate) instead of just exiting.
These changes fix several problems that would show up when fetching ports,
as well as speeding up HTTP transfers quite a bit (at least for relatively
small files).
Most of these changes were prompted by an interaction problem with an HTTP
server called SWS-1.0, which exhibited two bugs, the first of which prevented
fetch from working around the second (the first was not sending content-type
in reply to HEAD requests, the second was sending garbage after the end of
the requested file).
fetchStat*(). In most cases, either fetchGet*() or fetchXGet*() is a wrapper
around the other; in all cases, calling fetchGet*() is identical to calling
fetchXGet*() with the second argument set to NULL.
outside the loop inspects it to determine whether or not we succeeded in
retrieving the requested document. This fixes a bug where fetchGetHTTP()
would return a FILE with an invalid file descriptor if it hit the redirect
limit without locating the requested document.
or not interrupted system calls will be restarted. This fixes a bug where
fetch(1) would hang (potentially forever) if a server stopped responding,
because the signal handler would absorb the user's efforts to interrupt the
transfer.
some reason, mboot.bootinst is not initialized to NULL at the beginning
of the program, then the last commit to this would try to free whatever
bogus address is in it.
- Restore the behavior of free()'ing the mboot.bootinst buffer after we
abuse it to determine the sector size of the disk (as clearly noted in
the comments). Properly fix the double free() bug by setting the pointer
to NULL after we free it.
There is a number of devices that are compliant, of which the 3Com 5605 is
has been verified to work.
The driver is not perfect yet, but should be able to get you somewhere.
The driver was originally written by Lennart Augustsson, but Mike Smith
and Mike Meyer <mwm@mired.org> did the porting.
3.3volt PCI/cardbus chipsets similar to the 98715 (and they have
512-bit hash tables). Also update the man page to mention the 98727/98732
and the SOHOware SFA110A Rev B4 card with the 98715AEC-C chip.
lock against themselves, causing infinite spinning. Brian Feldman
found this problem when testing with Mozilla and supplied the fix,
which I have revised slightly.
Here is the failure scenario. A thread calls dlopen() and acquires
the writer lock. While the thread still holds the lock, a signal
is delivered and caught. The signal handler tries to call a function
which hasn't been bound yet. It thus enters the dynamic linker
and tries to acquire the reader lock. Since the writer lock is
already held, it will spin forever in the signal handler. The
thread holding the lock won't be able to progress and release the
lock.
The solution is to block almost all signals while holding the
exclusive lock.
A similar problem could conceivably occur in the opposite order.
Namely, a thread is holding the reader lock and then a signal
handler calls dlopen() or dlclose() and spins waiting for the writer
lock. We deal with this administratively by proclaiming that signal
handlers aren't allowed to call dlopen() or dlclose(). Actually
we don't have to proclaim a thing, since signal handlers aren't
allowed to call any system functions except those which are explicitly
permitted.
Submitted by: Brian Fundakowski Feldman <green>
Linux kernel image, and is designed to be dropped into a Linux system
and booted via LILO. Once booted, the user is greeted by the FreeBSD
loader. This still isn't quite complete, as the the root= specification
from LILO isn't currently passed to the loader yet.
time, and this is used to reseed the random number generator at
boot time.
NOTE - this has no hope of working if you halt(); you need to
execute rc.shutdown to get the entropy stash.
entropy estimation, but causes an immediate reseed after the input
(read in sizeof(u_int64_t) chunks) is "harvested".
This will be used in the reboot "reseeder", coming in another
commit. This can be used very effectively at any time you think
your randomness is compromised; something like
# (ps -gauxwww; netstat -an; dmesg; vmstat -c10 1) > /dev/random
will give the attacker something to think about.
* Re-order the list of options in teh DESCRIPTION as per
the SYNOPSIS.
* Move the description of exit conditions from the
DESCRIPTION section to a new DIAGNOSTICS section.
* Typo fix: "effect" -> "affect" when used as a verb.
* Clear the Nm macro as appropriate.
* Typo fix: "consider" -> "considers" for a singular subject.
* Use Nx instead of NetBSD.