| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
diff From: Mike Burns
(though my fix differs a bit)
|
|
|
|
conversion along with commentary. A more comprehensive sample
conversion is needed too. OK deraadt@
|
|
|
|
from calloc().
|
|
ignored in events. The kernel does actually set POLLERR in revents
in some cases.
|
|
in gethostbyname(). Similar fix for getnetbyname().
ok deraadt@ daniel@ jca@
|
|
Since tempchars is never reassigned there's no need to indirect
through a pointer. Still getting used to this newfangled C89.
|
|
|
|
don't want to give people the idea that this is non-portable (it
has been present since C89). OK deraadt@ schwarze@
|
|
for consistency with the rest of the manual.
|
|
creation while here.
ok jmc@ schwarze@ millert@
|
|
ok millert@
|
|
Suggested by millert@ and schwarze@.
OK schwarze@, millert@
|
|
Requested by guenther@
|
|
OK deraadt@
|
|
ok deraadt@
|
|
Remove excessive technicalities on zero-sized objects as suggested by deraadt@.
contributions and ok deraadt@, ok jmc@ on an earlier version
|
|
and fix two instances of "new sentence, new line" while here
feedback and ok jmc@, ok doug@
|
|
The old man page had a lot of useful information, but it was all mixed
together which made it difficult to reference. The main theme in this
commit is that the sections are more focused:
* DESCRIPTION describes the overall behavior
* RETURN VALUES describes what it may return (including implementation
defined values)
* EXAMPLES shows why we recently started an audit on malloc and realloc
usage in the tree.
* Added CAVEATS which describes what is implementation defined, gotchas
and security implications of misusing these functions
* Added IDIOMS which describes how these functions should or
should not be used
The MALLOC_OPTIONS section was left unchanged. Function names were
added to DIAGNOSTICS and STANDARDS. The MALLOC_OPTIONS and DIAGNOSTICS
sections were pushed down in the page so more pertinent information is
higher up.
This has gone through several revisions thanks to input from deraadt@
and schwarze@. Ingo also helped with some of the mandoc formatting.
OK schwarze@ (as far as it is a good starting point and the code
snippets look ok)
|
|
|
|
millert@ made changes to realpath.c based on FreeBSD's version. I merged
Todd's changes into dl_realpath.c.
ok millert@, guenther@
|
|
ok doug millert
|
|
with btree(3) and recno(3); from jean-philippe at ouellet dot biz
|
|
OK deraadt@
|
|
and existing implementations vary as to whether it returns time for
the calling thread or the entire process. OK kettenis@
|
|
ok tedu@
|
|
i looked a bit closer and found instances before Reno, so correct HISTORY.
References:
http://minnie.tuhs.org/cgi-bin/utree.pl?file=4.1cBSD/usr/src/ucb/dbx/defs.h
http://minnie.tuhs.org/cgi-bin/utree.pl?file=4.3BSD/usr/src/etc/inetd.c
http://minnie.tuhs.org/cgi-bin/utree.pl?file=4.3BSD-Reno/src/lib/libc/string/strdup.c
ok deraadt@
|
|
Avoid potential integer overflow in the size argument of malloc() and
realloc() by using reallocarray() to avoid unchecked multiplication.
ok deraadt@
|
|
Avoid potential integer overflow in the size argument of malloc() and
realloc() by using reallocarray() to avoid unchecked multiplication.
ok deraadt@
|
|
ok doug
|
|
ok doug
|
|
Avoid potential integer overflow in the size argument of malloc() and
realloc() by using reallocarray() to avoid unchecked multiplication.
ok deraadt@
|
|
Patch from jmates at ee dot washington dot edu.
ok otto@, millert@
|
|
looks good deraadt@
tweaks and ok millert@
|
|
(or struct timeval). Instead, we should include time.h for the
nanosleep() prototype and struct timespec. OK dlg@
|
|
ok deraadt@ guenther@
|
|
proper mult int overflow detection. The existing code already handles
malloc failure properly, of course.
|
|
|
|
|
|
in case something wants to create massive amounts of environment, like
a bit more than 1/4 of a 32-bit address space. unrealistic -- but why
audit one code path, and not treat others the same? then you have to
re-engage everytime you see the code. read the news, that isn't what
developers do. At least if the code paths look the same, there is hope,
because they are easier to verify for correctness. developers need
to give other developers a chance to want to care.
|
|
using pollfd, because if this was fd_set... it would not be obvious
(or easy)
|
|
|
|
|
|
|
|
|
|
lines when printing to console or stderr.
OK deraadt@
|
|
jmates at ee dot washington dot edu reported this bug and provided a patch.
This is a slightly modified version of the patch that only contains the
bug fix.
ok millert@, otto@
|
