BSD Commit Log Search

   sync

   Get rid of struct dtls1_retransmit_state.

   In order to retransmit DTLS messages we potentially need to use the
   record protection from a previous epoch. However, DTLS currently also
   saves and restores the session, which is unnecessary - all of the
   record protection and keys are handled in the TLS record layer.

   Remove the rather useless dtls1_retransmit_state struct and just
   keep the epoch - keeping pointers hanging around to sessions is pretty
   nasty and unnecessary.

   ok kenjiro@ tb@

   Avoid use of uninitialised decode_error variable.

   Pull initialisation of decode_error and invalid_key up to
   tls_key_share_{client,server}_peer_public(), which are the entry points
   for the key share code. The entry point was previously
   tls_key_share_peer_public(), however with the introduction of MLKEM this
   was split into separate client and server functions, without the
   initialisation being included. Also initialise decode_error and
   invalid_params on entry to tls_key_share_peer_params().

   Code that reaches tls_key_share_client_peer_public_mlkem768x25519() could
   previously result in code branching based on decode_error, which is
   uninitialised stack based memory.

   Thanks to Guido Vranken of Aisle Research for reporting this issue.

   With and ok tb@

   Add time limit to a couple of other loops.

   Add missing bounds check for the relocation flags table.
   ok kettenis@

   High Severity end-of-line whitespace found by GrepTechnologies AI
   ok guenther mlarkin

   callloc -> calloc

   from Jan Schreiber

   fix build with ENCDEBUG defined, broken by rev 1.409
   from Jan Schreiber

   Add checks to make sure that the ELF header and program header fit into
   the data we read from the on-disk shared library.  These checks should
   only fail for malformed shared libraries, but failing to load a shared
   library is better than crashing the program because of an out-of-bounds
   access.

   Issue found by Frank Denis using the Swival Security Scanner.

   ok guenther@

   Fix a regression in rev. 1.269 reported by anton@.

   Due to unveil(2), mansearch() can no longer change back to the initial
   working directory.  But check_xr() calls mansearch(), so the main program
   needs to change back if -T lint or -W style is requested, such that these
   work even when multiple relative file names are given on the command line.

   Add missing bounds check for the relocation flags table.
   Found by Frank Denis using the Swival Security Scanner.

   ok guenther@, jsg@

   Size is the number of wide characters, not the number of bytes.
   The correct amount of memory was allocated but the stored size did
   not match the allocation due to being multiplied by sizeof(wchar_t).

   Spotted by Frank Denis using the Swival Security Scanner
   OK deraadt@

   define HAVE_DECL_REALLOCARRAY to use libc reallocarray()
   ok millert@ tb@

   When I added UF_PLEDGEOPEN in the sys_fchflags() chunk I mistakenly
   used the wrong vnode operation.
   spotted by Frank Denis using the Swival Security Scanner
   ok claudio

   Do not sanitize title when popping it from stack, also add a limit to
   number of pushed titles.

   correct bounds test
   found with smatch, ok tb@ deraadt@

   Frank Denis using the Swival Security Scanner concludes that
   kill(0,sig) should not be allowed because of a source code comment.
   Actually, kill of the default pgid 0 MUST be allowed or large amounts
   of userland software won't work.  What pledge prevents is playing with
   other process groups (ie. -pid where pid is not 0) which require
   permission from the "proc" pledge.  Killing the default pgrp 0 is a
   common way for privsep (and other) software to tear itself down it's
   process trees, for cases where a pipe read of 0 doesn't work.
   The current behaviour is intentional, and the proposed diff was not
   considered nor tested for consequences.
   Change the comment very subtly to see which AI/human collaboration fails next.

   wycheproof: add regress target to ensure proper go formatting

   Use the correct struct itemerval when recording the old value for ktrace.
   This fixes a potential information leak from an uninitializes stack
   variable.
   Found by Frank Denis using the Swival Security Scanner.

   ok deraadt@

   Add missing flags to screen_mode_to_string and do not write before
   before if any are missed, second bit from qingliu at alauda dot io.

   Discard queued data and clear offsets when turning pane off to prevent
   later read of data that has been removed. From Aaron Campbell in GitHub
   issue 5054.

   In eigrp the TLV encoding includes the header length in the length encoding.

   So check that the minimal length is at least that of the TLV header.
   OK renato@

   Fix minimal length check for notification status messages.

   Found while reviewing all the length checks in ldpd.
   OK renato@

   Unlike all other TLV encodings in ldp the sub-tlv includes the header size
   in its length. Therefore check that the size is at least that of the header.

   OK renato@

   Ensure that alt_len includes at least the size of alt.family member
   to ensure that the parser is not going off the rails.

   OK renato@

   Add RK3576 support.

   ok dlg@

   add parentheses around use of a macro argument

   rpki-client: convert ip.c and mft.c to ASN1_BIT_STRING_get_length()

   This isn't the greatest of APIs, but we're going to be stuck with it
   since better APIs depend on libcrypto not doing the implicit truncation
   nonsense, which only OpenSSL 4 and BoringSSL dropped by now.

   Some of the error checks become now unreachable. This will be cleaned
   up another time.

   ok claudio job

   rpki-client: convert ccr.c to ASN1_BIT_STRING_set1()

   This becomes slightly simpler and more correct with this change.
   In particular, this now makes sure that the unused bits are set
   to 0 as required by the DER.

   ok claudio job

   check address size; from markus via millert