syslogd: fix memory leak in casper_ttymsg()
nvlist_take_string_array(9) takes ownership of the array and its
strings. casper_ttymsg() freed neither, leaking memory on every
F_CONSOLE and F_TTY message. On long-running systems with high
error-rate syslog traffic routed to /dev/console, syslogd.casper grew
to hundreds of MB.
Use nvlist_get_string_array(9) to borrow the array instead. Update
casper_wallmsg() similarly.
Approved by: src (des)
Closes: https://github.com/freebsd/freebsd-src/pull/2222
Fixes: 61a29eca550b ("syslogd: Log messages using libcasper")
MFC after: 3 days
MFC to: stable/15
PR: 295488
Reported by: Pat Maddox <pat at patmaddox.com>
Reviewed by: markj
Tested by: dch
unbound: Update to 1.24.2
Merge commit 'ec5b94f552d7cb2a9d456c67e9941bcf5e3698bf'
This is purely cosmetic as we already had the functional changes.
MFC after: 1 week
unbound: Tweak freebsd-configure script
Regenerating the configure script is optional and can introduce noise
if the installed versions of autoconf, automake, and libtool do not
match those used upstream. Tweak our script slightly so it will skip
this step if libtoolize is not found.
sendfile: Fix bug when using headers with SW KTLS offload
When using SW KTLS, we must account for the headers in sf_iodone()
in terms of either freeing or enqueuing them for TLS work.
Not doing so can lead to a situation where we enqueue only
the payload, and not the header, for encryption. Rather than
leaking the header, the socket is left "hung" with the header marked
M_NOTREADY.
Sponsored by: Netflix
Reviewed by: glebius, kib
Differential Revision: https://reviews.freebsd.org/D57134
MFC After: 14 days
mdoc.7: Revert upstream changes to Lb/LIBRARY
Since this manual describes the mdoc syntax throughout the ecosystem,
I had to blend what we had before with what upstream is doing now.
Thanks: adrian
MFC after: 3 days (we shipped this doc in 15.0/14.4)
Reviewed by: ivy, mhorne, des, adrian
Discussed with: arch@
Differential Revision: https://reviews.freebsd.org/D56153
tftpd: Simplify packet drop macro
The first argument is always the function name, for which we can simply
use __func__. This leaves only the optional return value, so we can use
a single variadic macro instead of two nearly-identical copies.
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57076
tftpd: Add missing bounds checks
In send_[rw]rq(), we were using strlcpy() to avoid overflowing our
packet buffer, then failing to check the result and blithely advancing
our pointer by the full length.
Luckily, this code is only ever used by tftp(1), not tftpd(8).
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57075
tftp: Add test case with over-long URL
This adds a test case that passes a very long URL on the command line,
which would previously have resulted in a benign buffer overflow in
urihandling(), detectable only by compiling tftp with ASAN enabled.
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57074
tftp: Close files when we're done with them
Also, delete the file we created if receiving it failed.
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57071
tftp: Simplify URI handling
* No need to copy our argument into a new buffer; it is writeable and
will not be reused after we return.
* Instead of constructing the string "get path" and then splitting it
into an argument vector, just construct the vector directly. This
avoid potentially overrunning the buffer.
* Call settftpmode() just once, with either the default mode or the
user-provided value we already validated.
* Use errx() instead of fprintf(stderr) + exit().
Reported by: Moyao, Minghao Fu
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57070
