net-im/libquotient: Update to 0.9.6.1
- Build shared library
- Remove stale CONFLICTS
- Pass the port to kde@ team
PR: 295459
Approved by: adridg (maintainer)
tftpd: Simplify packet drop macro
The first argument is always the function name, for which we can simply
use __func__. This leaves only the optional return value, so we can use
a single variadic macro instead of two nearly-identical copies.
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57076
(cherry picked from commit 76c3387024b40c2e28ed2d1bb64b3a14371c3c0b)
tftpd: Add missing bounds checks
In send_[rw]rq(), we were using strlcpy() to avoid overflowing our
packet buffer, then failing to check the result and blithely advancing
our pointer by the full length.
Luckily, this code is only ever used by tftp(1), not tftpd(8).
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57075
(cherry picked from commit 933893771344e1647eeda152016b938fdc30ccdc)
tftp: Add test case with over-long URL
This adds a test case that passes a very long URL on the command line,
which would previously have resulted in a benign buffer overflow in
urihandling(), detectable only by compiling tftp with ASAN enabled.
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57074
(cherry picked from commit b94689d036c5f5bdc04d080ff7dd5d0e9df9b8d4)
tftp: Simplify URI handling
* No need to copy our argument into a new buffer; it is writeable and
will not be reused after we return.
* Instead of constructing the string "get path" and then splitting it
into an argument vector, just construct the vector directly. This
avoid potentially overrunning the buffer.
* Call settftpmode() just once, with either the default mode or the
user-provided value we already validated.
* Use errx() instead of fprintf(stderr) + exit().
Reported by: Moyao, Minghao Fu
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57070
(cherry picked from commit a4b17594181502cea38ab0d8b2a9a10782286334)
nlist: Handle multiple symbol tables
* Instead of looking for and stopping at the first SHT_SYMTAB section,
iterate over all SHT_DYNSYM and SHT_SYMTAB sections until we've either
found all our symbols or run out.
* Perform bounds checks on section and string table offsets and sizes
before attempting to mmap() the string table.
* Perform bounds checks on individual symbol table entries before
attempting to access the corresponding strings.
* Stop treating _Foo and Foo as the same symbol.
This unbreaks OpenSSH which uses nlist(3) to verify PKCS#11 providers.
PR: 295336
MFC after: 1 week
Fixes: 77909f597881 ("Initial elf nlist support [...]")
[13 lines not shown]
tftpd: Add missing bounds checks
In send_[rw]rq(), we were using strlcpy() to avoid overflowing our
packet buffer, then failing to check the result and blithely advancing
our pointer by the full length.
Luckily, this code is only ever used by tftp(1), not tftpd(8).
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57075
(cherry picked from commit 933893771344e1647eeda152016b938fdc30ccdc)
tftpd: Simplify packet drop macro
The first argument is always the function name, for which we can simply
use __func__. This leaves only the optional return value, so we can use
a single variadic macro instead of two nearly-identical copies.
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57076
(cherry picked from commit 76c3387024b40c2e28ed2d1bb64b3a14371c3c0b)
tftp: Add test case with over-long URL
This adds a test case that passes a very long URL on the command line,
which would previously have resulted in a benign buffer overflow in
urihandling(), detectable only by compiling tftp with ASAN enabled.
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57074
(cherry picked from commit b94689d036c5f5bdc04d080ff7dd5d0e9df9b8d4)
tftp: Simplify URI handling
* No need to copy our argument into a new buffer; it is writeable and
will not be reused after we return.
* Instead of constructing the string "get path" and then splitting it
into an argument vector, just construct the vector directly. This
avoid potentially overrunning the buffer.
* Call settftpmode() just once, with either the default mode or the
user-provided value we already validated.
* Use errx() instead of fprintf(stderr) + exit().
Reported by: Moyao, Minghao Fu
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D57070
(cherry picked from commit a4b17594181502cea38ab0d8b2a9a10782286334)
nlist: Handle multiple symbol tables
* Instead of looking for and stopping at the first SHT_SYMTAB section,
iterate over all SHT_DYNSYM and SHT_SYMTAB sections until we've either
found all our symbols or run out.
* Perform bounds checks on section and string table offsets and sizes
before attempting to mmap() the string table.
* Perform bounds checks on individual symbol table entries before
attempting to access the corresponding strings.
* Stop treating _Foo and Foo as the same symbol.
This unbreaks OpenSSH which uses nlist(3) to verify PKCS#11 providers.
PR: 295336
MFC after: 1 week
Fixes: 77909f597881 ("Initial elf nlist support [...]")
[13 lines not shown]
