Sanitize pane titles and window and session names more consistently and
strictly, prevents C0 characters and other nonvisible characters causing
problems. Reported (with a different fix) by Chris Monardo in GitHub
issue 4999.
fix section merging for .srodata and .openbsd.randomdata
there was a bad merge of changes and a comma was lost and with that
section merging for .srodata and .openbsd.randomdata
ok naddy@, sthen@
sys/octeon: fix PCIe config tag layout
Octeon PCIe config-space MMIO uses a 12-bit register field; function,
device, and bus begin at bits 12, 15, and 20.
octpcie_make_tag() and octpcie_decompose_tag() used the conventional PCI
tag layout instead, so config accesses to non-zero device or function
numbers used the wrong MMIO offset.
On SRX300 this breaks enumeration of the second Broadcom switch function
at 0:0:1, which reads back garbage until the tag layout is corrected.
OK: kettenis@, visa@
A packet with a FIN flag needs to act as a barrier in tcp_flush_queue.
Once a FIN packet is received all following data should simply be
discarded. tcp_input handels this FIN but for that tcp_reass() needs
to properly return TH_FIN when a FIN is processed in tcp_flush_queue.
This reassembly was not quite correct. Unexpected data directly following
the FIN packet was also reassembled and the FIN was actually lost.
The failure to return TH_FIN caused the regression in the previous fix.
tcp_input() passes some FIN packets through reassembly even though they
are in sequence and the queue is empty.
tcp_flush_queue() needs to treat packets with TH_FIN set as a barrier
and stop reassembly after processing this last packet. This ensures that
tcp_reass() returns TH_FIN to tcp_input which then changes the state of
the session. It also ensures that only data up to the FIN packet are
passed to userland.
Reported by Xint Code
OK sashan@
Fix PREF64 option corruption if DNSSL is also set
On octeon (but not amd64) setting both a NAT64 prefix and a search domain
causes the former ICMPv6 option to be corrupted due to how it is added last
in the Router Advertisement packet, following too much zero padding.
Bytes after the DNSSL option are zeroed up the next 8-byte boundary to
align options inside the packet.
Instead of checking alignment of the pointer address somewhere inside the
packet buffer that lives on the stack, which is thus architecture specific,
use their offset, i.e. see how many bytes were already written, in order to
zero-fill what is left between last search domain and next 8-byte boundary.
This makes RAs byte-identical between octeon and amd64 and prevents rad(8)
from sending the kind of invalid packets that clients like slaacd(8) and
gelatod(8) (from ports) need 029_v6daemons for.
OK florian
Fix handing of multi-line blacklist error strings in spamd.conf
When appending the blacklist error string, spamd splits the message
on a newline and continues the message on a new line. There was
a bug where the current pointer was incremented too far, which
resulted in the message being truncated at the newline instead
of continued.
For very long blacklist messages (around 8K) in spamd.conf, this
could result in heap corruption. However, this is very unlikely
in practice.
OK jsg@
Reported by and fix from Dhiraj Mishra
