summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-10-01Align Rx buffers to prevent unaligned access in the network stack.Mark Kettenis
ok patrick@, deraadt@
2017-09-30openssh-7.6; ok deraadt@Damien Miller
2017-09-30The property that points the the attached PHY is called "phy-handle" insteadMark Kettenis
of "phy". ok patrick@, deraadt@
2017-09-30Add some more boundary checks and prevent an attempt to divide by zeroJonathan Gray
to resolve some additional crashes found by afl. ok mpi@ deraadt@
2017-09-30Add preliminary kabylake support to inteldrm(4) by backporting the relevantRobert Nagy
commits from linux-4.8.x. The changes are quiet minimal due to the fact that kabylake and skylake share most of the code because they are both gen9 graphics. This was tested by many and was also in snapshots for a while. ok kettenis@
2017-09-29When fault indicates PGEX_W, only tell uvm we need a writeable page..Theo de Raadt
don't request R+W. Issue observed by jsing in a go test of some sort. ok mlarkin
2017-09-29don't be silent on auto-allocation failure in write mode. ok millert@ krw@Otto Moerbeek
2017-09-29update to unbound-1.6.6, ok florianStuart Henderson
2017-09-29Rev. 1.2 enabled UTF-8 by default.Ingo Schwarze
During subsequent Perl updates, all the documentation changes etc. got carried along, but the actual code change was deleted in Rev. 1.3 and never restored. Restore it now. Bug found by bentley@; OK afresh1@ bentley@.
2017-09-29Check that the end of sections do not exceed the filesize for bothJonathan Gray
symtab and sections. Corrects behaviour that led to crashes found via afl. ok mpi@
2017-09-29SPI values 0-255 are reserved, so change the example to use a valid one.Peter Hessler
fixes parsing of the example configuration OK benno@
2017-09-29New ddb(4) command: kill.Martin Pieuchot
Send an uncatchable SIGABRT to the process specified by the pid argument. Useful in case of CPU exhaustion to kill the DoSing process and generate a core for later inspection. ok phessler@, visa@, kettenis@, miod@
2012-03-26Import Unbound 1.4.16 to work on in-tree (not yet linked to the build).Stuart Henderson
These are the direct sources from NLnet Labs upstream, minus these: compat contrib libunbound/python pythonmod testcode testdata winrc ok deraadt@ jakob@
2017-09-29Do not segfault when the string table is invalid or not present.Martin Pieuchot
Based on a diff from jsg@. Found independently by jsg@ with afl and markj@FreeBSD with a port.
2017-09-29Mention that U-Boot images for Allwinner and Rockchip targets contain aJonathan Gray
default DTB.
2017-09-29With arm64 targets U-Boot looks for dtbs in a directory named after theJonathan Gray
vendor of the SoC.
2017-09-28Correct the timeout used when select-timeout isKenneth R Westerback
set to a non-zero value in dhclient.conf(5). Fixes the bsd.rd upgrade issue reported by Eivinde Eide via misc@.
2017-09-28make clang include a FILE symbol for .(s|S) filesRobert Nagy
This is mostly needed by syspatch at the moment to be to be able to re-link in the same order as the original libraries were linked with by relying on the readelf(1) and without this .(s|S) assembly files were not getting a file directive. A bug reports has been filed as well: https://bugs.llvm.org/show_bug.cgi?id=34019 ok deraadt@
2017-09-28The DELAY() recently added to iwn(4) to make association more reliable couldStefan Sperling
be triggered by incoming management frames, such as DEAUTH frames. As krw@ found out, a system receiving many such frames would become unresponsive. Ensure this extra DELAY() only happens if we decide to send an AUTH frame. ok mpi@ krw@
2017-09-28When option DDB_STRUCTINFO was removed from the kernel, too much fromPatrick Wildt
the kernel makefiles was removed which lead to C files not being re- compiled when a dependency changed. This can lead to panics in odd places and generally a broken system. ok deraadt@
2016-09-03Use the space freed up by sparc and zaurus to import LLVM.Pascal Stumpf
ok hackroom@
2017-09-27config -e's adds new devices to an extra locator array, which is accountedTheo de Raadt
using a variable which started at 0 and hence got planted in .bss. Refactor that variable to begin at the maximum and decrease, such that it lands in .data instead. ok jsg
2017-09-27Document how ioctl(2) LIOCSFD on /dev/klog registers a socket pairAlexander Bluhm
to receive sendsyslog(2) messages. discussed with martijn@; OK jmc@ deraadt@
2017-09-27Unserstand DW_OP_bregN locations.Martin Pieuchot
Sync with readdwarf(1).
2017-09-27tweak EposeAuthinfo;Jason McIntyre
diff from lars nooden tweaked by sthen; ok djm dtucker
2017-09-27guenther sleep-commited the version without #ifdefsTheo de Raadt
2017-09-27Xr; from jan staryJason McIntyre
2017-09-27amd64 needs FS.base values (the TCB pointer) to be validated, as noncanonicalPhilip Guenther
addresses will cause a fault on load by the kernel. Problem observed by Maxime Villard ok kettenis@ deraadt@
2017-09-26UsePrivilegeSeparation is gone, stop trying to test it.Darren Tucker
2017-09-26Prevent null pointer dereference when probing channelsMike Belopuhov
Account for the case when wdc is attached to the ISA bus and performs channel probing using a dummy structure that lacks the back pointer to the controller's softc. Bug reported and fix tested by Andrew Daugherity, thanks! OK phessler, jsg, krw, deraadt
2017-09-26- pfctl always prints warning when flushes rulesetAlexandr Nedvedicky
OK mikeb@
2017-09-26bump version in advance of final releaseBrent Cook
2017-09-26Ignore file offset values in section headers that exceed the length ofJonathan Gray
the file. Avoids a crash found with afl. ok mpi@
2017-09-26Return the correct error value in generate().Martin Pieuchot
From Mark Johnston, markj@FreeBSD
2017-09-26Use quoted #includes for files kdump's mkioctls indirectly includes soJonathan Gray
mkioctls can find the files and not error out as drm headers are not installed to /usr/include. This results in more complete ioctl coverage in kdump (not just for drm). ok kettenis@
2017-09-26disable POOL_DEBUG for releaseJonathan Gray
ok deraadt@
2017-09-26bump wo 2.6.2Brent Cook
2017-09-25sendsyslog should take a const char * everywhere.Marc Espie
okay bluhm@, deraadt@
2017-09-25Calling waitpid(pid,...) where pid is either uninitialized orKenneth R Westerback
-1 because vflork() failed is bad. Initialize pid to -1 and call waitpid() only when pid != -1. Uninitialized use of pid found by clang. Suggestion of -1 from millert@. ok millert@
2017-09-25the Alea I works fine with urng(4) so update the manpage accordinglyJasper Lievisse Adriaanse
2017-09-25If tls_config_parse_protocols() is called with a NULL pointer, return theJoel Sing
default protocols instead of crashing - this makes the behaviour more useful and mirrors what we already do in tls_config_set_ciphers() et al.
2017-09-25Annotate some API-side memory leaks for future resolution.Joel Sing
2017-09-25Fix various issues in the OCSP extension parsing code:Joel Sing
- When parsing the OCSP extension we can have multiple responder IDs - pull these out correctly. - Stop using CBS_stow() - it's unnecessary since we just need access to the data and length (which we can get via CBS_data() and CBS_len()). - Use a temporary pointer when calling d2i_*() functions, since it will increment the pointer by the number of bytes it consumed when decoding. The original code incorrectly passes the pointer allocated via CBS_stow() (using malloc()) to a d2i_*() function and then calls free() on the now incremented pointer, most likely resulting in a crash. This issue was reported by Robert Swiecki who found the issue using honggfuzz. ok beck@
2017-09-25When building the OCSP extension, only add the length prefixed extensionsJoel Sing
after we finish building the responder ID list. Otherwise adding to the responder ID list fails. ok beck@
2017-09-25Mark FATAL() as __dead so clang doesn't reportKenneth R Westerback
use of uninitialized variables after calls to FATAL(). ok millert@ guenther@
2017-09-25Mark error() as __dead so clang doesn't reportKenneth R Westerback
use of uninitialized variables after calls to error(). ok millert@ guenther@
2017-09-25keep up with @version, noticed by bluhm@Marc Espie
2017-09-25Initialize 'out' file descriptor to avoid possibleKenneth R Westerback
uninitialized use. Spotted by clang during 'make release', triggered when both NOSSL and SMALL are defined. ok bluhm@ deraadt@
2017-09-25update set sizesJonathan Gray
2017-09-25take us out of -betaTheo de Raadt