Update get/setthrname and pthread_get/set_name_np man pages to advise
of what buffer sizes to use. After discussion with Theo, _MAXCOMLEN
was the best value to use for these non-portable interfaces. Also update
for setthrname(2) no longer failing with EINTVAL.
ok deraadt@
Instead of failing with EINVAL when setthrname(2) is passed a thread
name longer then _MAXCOMLEN-1, truncate the name to fit. This is likely
what the user wants and saves them from having to snprintf(3) into a
buffer sized _MAXCOMLEN first. Man page update to follow.
This makes pthread_set_name_np(3) succeed with long thread names
instead of silently failing.
ok deraadt@ miod@ sthen@ mpi@
Use the correct start address for the initial immutable address range
for a shared library. The code used the load offset of the shared
library instead of the start address of the mapped memory. In most case
that works because the first segment of a shared library typically starts
at virtual address zero. But on sparc64 (and possibly other architectures
that still use ld.bfd) libicudata.so from ports has a non-zero virtual
address (possibly because it is a data-only library). So this fixes
the bug reported by claudio@
ok deraadt@, jca@, claudio@
This moves the code to lookup and set the pftable_id and rtlabel_id
from rde_apply_set() to filterset_recv(). This was already done in the
nexthop case.
OK tb@
rpki-client: convert most of ip.c to opaque ASN1_STRING
There is still a flag access due to unused bits, fixing this will have to
wait until we have an API everyone agrees on.
ok claudio
The definition of PAGE_SHIFT should not be limited to defined(_KERNEL); this
prevents userland from getting a valid PAGE_SIZE definition by including
<machine/param.h>.
Reported on bugs@
rpki-client: fix ip_addr_afi_parse()
The somewhat weird length checks would nominally accept an octet string
of length 1, in which case the subsequent memcpy() would perform a 1-byte
overread (harmless since libcrypto 'helpfully' adds a trailing NUL) since
ip.c r1.12.
The only allowed length for an AFI are 2 and 3 per RFC 3779 and SAFI is
out, so pull the check for presence of the SAfI up and reject other
lengths != 2.
Also convert this function to opaque ASN1_STRING.
ok job
rpki-client: convert cms.c to opaque ASN1_STRING
Add length checks for the eContent to avoid malloc(0) and malloc(huge).
Neither of these should be reachable, but who knows for sure...
feedback/ok claudio
Fix possible use-after-free in up_generate_addpath()
adjout_prefix_withdraw() is too complex to be sure that there is never a
case where the prefix is removed and freed. So use the safe idiom and fetch
the next element before calling adjout_prefix_withdraw().
Fix for CID 500335
OK tb@
Let the page daemon recover when uao_set_swslot() returns ENOMEM.
When all available pages have been exhausted it might not be possible for the
aobj layer to allocate a new element for a hash table. In that case simply
skip the page. The page daemon will likely find a page that can be added to
the cluster without requiring any allocation in uao_set_swslot().
Not that this edge case, reported by bluhm@, can be triggered because the
aiodone daemon releases the memory reserved for the page daemon asynchronously.
So there might always be a window where no page are available to write pages
to disk.
Tested by and ok bluhm@
Fixes for vulnerabilities found in xkbcommon also present in xkbcomp
CVE-2018-15863 Don't crash on no-op modmask expressions
CVE-2018-15861 Don't falsely promise from ExprResolveLhs
CVE-2018-15859 Fail expression lookup on invalid atoms
CVE-2018-15853 fix stack overflow when evaluating boolean negation
from matthieu@
this is errata/7.8/009_xkbcomp.patch.sig
Fixes for vulnerabilities found in xkbcommon also present in xkbcomp
CVE-2018-15863 Don't crash on no-op modmask expressions
CVE-2018-15861 Don't falsely promise from ExprResolveLhs
CVE-2018-15859 Fail expression lookup on invalid atoms
CVE-2018-15853 fix stack overflow when evaluating boolean negation
from matthieu@
this is errata/7.7/016_xkbcomp.patch.sig
