summaryrefslogtreecommitdiff
path: root/gnu
AgeCommit message (Collapse)Author
2014-08-20Backport support for i386/amd64 'rdtscp' instruction from binutils-2.17Philip Guenther
Request and testing by krw@
2014-08-14Backport from binutils-2.17:Philip Guenther
2005-08-17 Alan Modra <amodra@bigpond.net.au> * elfxx-mips.c (_bfd_mips_elf_hide_symbol): Cope with being called without any got section. ok miod@
2014-08-10Format time_t with %lld after casting to long longPhilip Guenther
2014-08-09Use time_t for storing timesPhilip Guenther
2014-08-09Parse times with strtoll() instead of strtol()Philip Guenther
2014-08-09Regenerate to pick up time_t changesPhilip Guenther
2014-08-09bfd-in2.h is generated from this; merge back a change that was made therePhilip Guenther
2014-08-09Store timestamps in time_tPhilip Guenther
2014-08-09bfd-in2.h is generated from this; merge back a change that was made therePhilip Guenther
2014-08-09Fix readelf --debug-dump=frames-interp output: once a register is givenPhilip Guenther
a column, it needs to included in all rows, even after the register is restored. ok jsg@
2014-08-09Backport from 2.17: mark the _GLOBAL_OFFSET_TABLE_, _DYNAMIC, andPhilip Guenther
_PROCEDURE_LINKAGE_TABLE_ symbols as (at least) hidden.
2014-08-09Backport from binutils-2.17 the correct i386/amd64 register->int assignmentsPhilip Guenther
for CFI. This changes the unwind information generated on amd64.
2014-08-09We don't use the __openbsd_randomdata_{start,end} symbols, but ratherPhilip Guenther
get that info via the PT_OPENBSD_RANDOM segment info, so kill the symbols While here, delete the commented out lines for __DYNAMIC as the question they ask is answered 'no' ok matthew@ back in May
2014-08-09Match format width of symbol visibility to the column headerPhilip Guenther
This corrects the alignment of the columns of hidden symbols
2014-07-24Revert ssp-strong on arm. This has been exposing one or more bugs in GCC thatPascal Stumpf
kill large portions of the ports tree. Most notably, it broke devel/gperf at runtime. ok martynas@, "make a decision" deraadt@
2014-07-23delinked from tree, now it goes to the bit bucketTheo de Raadt
2014-07-21printf(9) and friends don't support the <number>$ flags, so gcc'sPhilip Guenther
kprintf attribute shouldn't accept them. ok martynas@
2014-07-16lynx has left the tree, and let's be honest noone will find these htmlTheo de Raadt
files in their installed system. this extended documentation experience is available better on the net using a browser installed with pkg_add. (also note that two of the subsystems involved in this issue are heading to the bit bucket sometime soon)
2014-07-16lynx will go to ports. there are too many reasons for it to go there,Theo de Raadt
and not enough for it to stay. lengthy discussions.
2014-07-14international currency locale rules as per POSIX.1-2008Martin Pelikan
required for libc++ ok guenther afresh1
2014-07-14Fix an off-by-one error that's already been accepted upstreamPhilip Guenther
2013-03-25import perl 5.16.3 from CPAN - worked on by Andrew Fresh and myselfStuart Henderson
2002-10-27stock perl 5.8.0 from CPANTodd C. Miller
2014-07-11use CC when running configureJonathan Gray
matches the behaviour of the other Makefile.bsd-wrapper files ok miod@
2014-07-11start reducing the attack surface of lynx.Daniel Dickman
leave gopher, news, and dired in place for now. but we will soon catch up to the security level of internet explorer 7 by removing these too. ok's for the version of this diff that removes even more protocols from deraadt@, tedu@. general support from other devs.
2014-07-11make the __cxa_call_terminate() proto match the definitionJonathan Gray
From dt71 at gmx.com via FreeBSD Required to build with recent versions of clang.
2014-07-10Backport support for -Wframe-larger-than=N to base GCCMatthew Dempsky
This is the flag name that modern GCC and Clang have de facto standardized on for the functionality that we locally named -Wstack-larger-than-N. ok brad, miod
2014-07-09update to lynx 2.8.8rel2, keeping local changes. primarily to get theseDaniel Dickman
changes from 2.8.8dev.16: * fix most issues found by clang 3.2 analyze * fix most issues found by Coverity scan tested on i386, sparc64, and macppc by myself. tested on vax by miod@ (including https) helpful discussion with avsm@, sthen@ ok deraadt@
2014-06-25delete some leftovers.Daniel Dickman
ok deraadt@, sthen@
2014-06-23gcc4: emit warning when ignoring alignment constraintsMatthew Dempsky
Currently, GCC 4.2 silently ignores the "aligned" attribute for objects allocated on the stack if the specified minimum alignment exceeds the platform's natural stack alignment. This has bitten us in the past, so we shouldn't allow this to continue. Fixing the "ignores" problem seems hard, so this commit settles for tackling the "silently" problem instead. ok miod, and possibly guenther and deraadt
2014-06-05Fix sendmail improper close-on-exec flag handling (CVE-2014-3956)Jasper Lievisse Adriaanse
From FreeBSD SA-14:11 ok millert@
2014-06-01Correct version for disabling getserbyname_r to reduce diff with upstreamAndrew Fresh
OK sthen@ miod@
2014-05-31Remove now unnecessary local patch to disable usemallocwrap on m68kAndrew Fresh
Sure miod@
2014-05-31Remove unneeded patch, upstream fixed this differently in 2008Andrew Fresh
ok sthen@
2014-05-29We now use arc4random() so PERL_RANDOM_DEVICE is no longer needed.Philip Guenther
ok afresh@
2014-05-29To get a random seed, just call arc4random() instead of reading aPhilip Guenther
word from the (deprecated) /dev/arandom. This also makes it work in chroot environments. ok deraadt@ afresh@
2014-05-28finally enable writing per-commit commitid tokens to rcs ,v filesjoshua stein
ok deraadt@ millert@
2014-05-27Enable strong stack protector by default for GCC 3 architectures.Martynas Venckus
Miod says all architectures work with it now (thanks to his fix for the pf.c bug).
2014-05-08Recognize `t' as a valid format modifier for kprintf-style format strings.Miod Vallat
2014-05-07Match search_string_def() prototype change, forgotten in previous protector.[ch]Miod Vallat
commit.
2014-05-06When the stack protector heuristics doesn't cover a function, leaveMartynas Venckus
a little pointer-sized gap before the return value. This protects from common off-by-one type of bugs and costs nothing: the attacker won't be able to overwrite return pointer. Developed at m2k14, thanks for the hackathon!
2014-05-06Introduce -fstack-shuffle, which randomizes local stack variables.Martynas Venckus
This will make the environment more hostile and help detect bugs that depend on overrunning one variable into another, with almost no performance cost. Discussed with Theo at m2k14 hackathon. "oh god yes" tedu@, "oh nice" djm@
2014-05-06Remove the ``addressable'' argument to search_string_def(). Turned out to beMiod Vallat
a bad idea, for it causes false positives, which then can cause ICE trying to protect narrower-than-int incoming arguments, if building with -fstack-protector-all. From etoh@'s gcc 3.4 tree, unbreaks -fstack-protector-all on m88k (well, maybe not completely, but it makes it compile more files, such as pf.c which contains functions receiving uint16_t arguments pushed on the stack due to the exhaustion of caller-saved registers).
2014-05-01Revert 1.49 (bad merge with free dejavu)Miod Vallat
2014-05-01x86-64 ABI requires arrays greater than 16 bytes to be aligned toMartynas Venckus
16byte boundary. However, GCC 16-byte aligns arrays of >=16 BITS, not BYTES. This diff improves bug detectability for code which has local arrays of [16 .. 127] bits: in those cases SSP will now detect even 1-byte overflows. OK kettenis@. Tested in snaps for a week.
2014-04-22Remove KERBEROS5 from the Makefiles (except ssh for now, where it isReyk Floeter
already manually disabled). ok deraadt@
2014-04-15Remove workarounds for ld reaching MAXDSIZ on vax, now that MAXDSIZ isMiod Vallat
more comfortable. Reminded by brad@
2014-04-13Clean up last bits of TCP_WRAPPERS and ELF_TOOLCHAIN.Brad Smith
ok miod@
2014-04-12Bring back the fix in r1.16 of the gcc 2.95 version of protector.c - the codeMiod Vallat
was present, but commented. This fixes code generation of usr.sbin/dhcpd/memory.c!new_address_range() on vax.
2014-04-10Revive the fix for Perl RT bug 116441 (null dereference affectingMatthias Kilian
mod_perl). ok sthen@ millert@