Age | Commit message (Collapse) | Author |
|
This will be used soon to pin system calls to designated call sites.
ok deraadt@
|
|
discussed with, tested by and ok tb@
|
|
This will be used soon to pin system calls to designated call sites.
ok deraadt@
|
|
Large arm64 binaries like chromium use range extension thunks
for accessing plt entries. Add bti landing pads for the
additional indirection.
upstream commit: 60827df765156cee6cca3dc5049388dde9dac1c0
ok kettenis@
|
|
From upstream commit:
From 7047915eef37fccd93e7cd985c29fe6be54650b6 Mon Sep 17 00:00:00 2001
From: Karl Williamson <khw@cpan.org>
Date: Sat, 9 Sep 2023 11:59:09 -0600
Subject: [PATCH] Fix read/write past buffer end: perl-security#140
A package name may be specified in a \p{...} regular expression
construct. If unspecified, "utf8::" is assumed, which is the package
all official Unicode properties are in. By specifying a different
package, one can create a user-defined property with the same
unqualified name as a Unicode one. Such a property is defined by a sub
whose name begins with "Is" or "In", and if the sub wishes to refer to
an official Unicode property, it must explicitly specify the "utf8::".
S_parse_uniprop_string() is used to parse the interior of both \p{} and
the user-defined sub lines.
In S_parse_uniprop_string(), it parses the input "name" parameter,
creating a modified copy, "lookup_name", malloc'ed with the same size as
"name". The modifications are essentially to create a canonicalized
version of the input, with such things as extraneous white-space
stripped off. I found it convenient to strip off the package specifier
"utf8::". To to so, the code simply pretends "lookup_name" begins just
after the "utf8::", and adjusts various other values to compensate.
However, it missed the adjustment of one required one.
This is only a problem when the property name begins with "perl" and
isn't "perlspace" nor "perlword". All such ones are undocumented
internal properties.
What happens in this case is that the input is reparsed with slightly
different rules in effect as to what is legal versus illegal. The
problem is that "lookup_name" no longer is pointing to its initial
value, but "name" is. Thus the space allocated for filling "lookup_name"
is now shorter than "name", and as this shortened "lookup_name" is
filled by copying suitable portions of "name", the write can be to
unallocated space.
The solution is to skip the "utf8::" when reparsing "name". Then both
"lookup_name" and "name" are effectively shortened by the same amount,
and there is no going off the end.
This commit also does white-space adjustment so that things align
vertically for readability.
|
|
ok hackroom
tested by plenty
|
|
image, in addition to or instead of the x86 boot image, to the output file.
Per the UEFI standard, the EFI boot image should be an image of an EFI
System Partition to be loaded in no-emulation mode, so we always record it
that way rather than checking if it looks like a floppy image.
with, tested by and ok yasuoka@
strong encouragement from deraadt@
|
|
lang/gcc on riscv64 has a wart, it creates such relocs which upset ld.lld.
The workaround I have used in lang/gcc since Sep 2022 doesn't work any
more, so ask ld.lld to be more lenient. This will let the fortran ports
and friends build on riscv64. clang has fixed since some time already,
but our lang/gcc port will likely keep that wart for some time.
Upstream report: https://reviews.llvm.org/D83244
Input and ok kettenis@
|
|
for the .openbsd.randomdata and .openbsd.mutable section merging code.
ok jca@
|
|
This lets lld link code with object files created with ld -b binary,
as used by several ports (mupdf, postgresql-pllua, various games).
Upstream report with an unfinished diff: https://reviews.llvm.org/D106378
ok gkoehler@ kettenis@
|
|
before this change, clang on armv7 defined __ARM_FEATURE_BTI_DEFAULT and
__ARM_FEATURE_PAC_DEFAULT which broke the build of llvm libunwind
ok kettenis@ deraadt@
|
|
is incomplete resulting in SIGSEGV with the OpenBSD default options.
ok deraadt@, jsg@
|
|
ok hackroom
tested by plenty
|
|
Handle CALL_RM like CALL for 32-bit ELF. If a function call has the
strictfp attribute, its opcode changes from CALL to CALL_RM. If a
call uses the secure PLT, then it must getGlobalBaseReg() to set r30.
After I rebuilt xenocara/lib/pixman with this change, Xorg stopped
crashing on my macppc. pixman uses cc -ftrapping-math which puts
strictfp on each function call.
https://github.com/llvm/llvm-project/pull/72758
ok jca@ tobhe@ deraadt@
|
|
ok hackroom
tested by plenty
|
|
Tested by deraadt@
|
|
autoconf might misinterpet this so we need to do a full sweep
before it can be upgraded to an error again
|
|
ok deraadt@
|
|
Reported and suggested by jsing@
|
|
|
|
all the symbol lists
|
|
|
|
BTI and PAC again by default on OpenBSD.
ok robert@
|
|
so instead of shipping the file internally, let's generate it and
install it with the rest of the headers; unbreaks xenocara build
|
|
llvm-13
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ok hackroom
tested by plenty
|
|
ok hackroom
tested by plenty
|
|
|
|
|
|
|
|
(see user_caps(5))
also obviously protects the term name just in case someone wants to have
fun with it..
|
|
|
|
as noticed by afresh1@
(this should be all for now)
|
|
"in case of emergency run info_cmp block" (more efficient: we only
parse the entry we need). Keep the small part that creates a dumb terminal
on VMS, even though we're not running that.
Add an extra state check in the automaton to avoid skipping a tmp_term
|
|
|
|
This allows terminals with only terminfo capabilities to show up in
Term::Cap (like kitty) !
|
|
the variable doesn't exist
|
|
in a hash instead.
Side effect: we no longer parse the same tc again and again, leading
to a smaller result with the same capabilities but no duplicates.
(instead of parsing 36 entries for xterm, we end up with 10 entries, as
the "tc=" stuff is actually a tree instead of a list: xterm references
several intermediate tc that all lead to the same basic list !)
|
|
|
|
use \Q\E to quote stuff around tmp_term, instead of rolling our own
in termpat (get rid of termpat)
|