vmd(8): prevent virtio scsi DoS from bad descriptor length.
A guest can construct a looping, zero-length descriptor chain that
spins forever when processing a READ_10 command. Check for zero
length scenario and abort the read with a warning.
Reported by Frank Denis.
Discussed with and "go for it" from mlarkin@
vmd(8): reject invalid PIT periods causing UB.
A guest can write values to Register A that results in a negative
shift exponent when computing the resulting timer rate. Detect and
ignore values to prevent UB from negative shift.
Reported by Frank Denis.
Discussed with and "go for it" from mlarkin@
vmd(8): fix fw_cfg leak of file directory buffer.
FW_CFG_FILE_DIR selector requests leak file directory buffers.
Repeated requests from guests can exhaust vmd process memory.
Reported by Frank Denis.
Discussed with and "go for it" from mlarkin@
www/mozilla-firefox: MFC update to 152.0.3.
see https://www.firefox.com/en-US/firefox/152.0.3/releasenotes/
Fixed an issue that could cause extreme memory usage and freezing on
startup for users with language packs installed. (Bug 2049845)
ospfd(8) must be more paranoid about what it sends
to its peers using IPC messages (see imsg_add(3)).
The data passed between processes must not leak
information on memory address layout from process.
The process must be sending to its peers either data which
are needed or, if taking a shortcut, zeroize fields
which carry pointer (memory addresses) from process.
The issue has been reported by students
from British Columbia University earlier this year.
The fix includes generous feedback from claudio@
OK claudio@
Major rework of prompts. The basic prompt mechanics (draw, editing, etc)
are now wrapped up in prompt*.c and do not depend on a client. These
functions are used to provide the original client prompt but also to
allow panes to have their own prompts, which works much much better for
floating panes. The mode prompts for both the tree modes and copy mode
are switched over to be per pane.
There are some visible changes (some of these may be changed if they
don't seem to be working well):
- Prompts in modes now appear in the bottom line, covering whatever
content was there.
- command-prompt has a -P flag to open a pane prompt.
- Because they cover the content, the default style for prompts in modes
now does not fill the entire line; the main command prompt stays the
same.
[5 lines not shown]
Let this build with clang 22 on arm64
More complete trio.c diff to avoid:
trio.c:4858:57: error: passing 'void *' to parameter of incompatible type 'va_list' (aka '__builtin_va_list')
There is a newer 2.4.0 release from 2019 in upstream's github repo.
