Age | Commit message (Collapse) | Author |
|
pledge for a new execve image immediately upon start. Also introduces
"error" which makes violations return -1 ENOSYS instead of killing the
program ("error" may not be handed to a setuid/setgid program, which
may be missing/ignoring syscall return values and would continue with
inconsistant state)
Discussion with many
florian has used this to improve the strictness of a daemon
|
|
(e.g. %u, %o) other than %s. This aligns libfuse with the Linux reference
implementation.
ok mpi@
|
|
the supplied option. This allows the following templates to be supplied to set
multiple members of a struct at the same time. e.g.
#define FUSE_LIB_OPT(t, p, v) { t, offsetof(struct fuse_config, p), v }
static const struct fuse_opt fuse_lib_opts[] = {
FUSE_LIB_OPT("gid=", set_gid, 1),
FUSE_LIB_OPT("gid=%u", gid, 0),
FUSE_OPT_END
};
If "-ogid=1000" is passed to fuse_opt_parse(3) it will set both:
fuse_config.set_gid=1
fuse_config.gid=1000
ok mpi@
|
|
libfuse supports option templates of the following form that can be used
to automatically parse arguments supplied on the command line.
"-p " argument that takes an option e.g -p 22 or -p22
"-p %x" argument that takes an option parsed like sscanf(3)
"cache=yes" matches -ocache=yes or -o cache=yes
"cache=%s" matches -ocache=<string> or -o cache=<string>
"cache=" matches same as above but value is passed to option proc
"noatime" matches -onoatime or -o atime
For example, it does not match options of the form "-p 22" or
"cache=yes" to the corresponding templates "-p " and "cache=yes". This
patch fixes that and updates the regression tests accordingly.
ok mpi@
|
|
|
|
My read of this: Long time ago (Think Conan, not dinasaurs) during the race
to make speedier processors, a cpu vendor built a pipeline with a bad stall,
and proposed a tremendously hasky workaround. A wizard adopted this into his
perl scroll, and failed to reflect later when no compiler adopted the practice.
This relic remains at the tail end of some functions in OpenSSL as
".byte 0xf3,0xc3". Banish it straight to hell.
ok mlarkin, others also stared blankly
|
|
for a protocol string.
Issue found by semarie@, who also provided the diff.
|
|
block which defines a variable late, after code. Place this chunk into
a { subblock } to satisfy old compilers and old eyes.
|
|
|
|
failure. This change brings fwscanf(3) back in line with fscanf(3).
From FreeBSD; ok deraadt@, millert@
|
|
strings to be used in commands, and .Li for example strings
* clarify what uses the two environment variables, and that only these
two are ignored for issetugid(2) programs
triggered by a question from Jan Stary <hans at stare dot cz>
feedback and OK ratchov@
|
|
|
|
_libc___cxa_thread_atexit_impl reference on gcc architectures that breaks
the build.
|
|
interface is also made available as __cxa_thread_atexit_impl to satisfy the
needs of GNU libstdc++.
ok guenther@, millert@
|
|
correctly take into account the segment p_align. Previously, anything
with a size belong the natural alignment or with alignment larger than
the natural one would either not be intialized correctly, be misaligned,
or result in the TIB being misaligned.
Problems reported by Charles Collicutt (charles (at) collicutt.co.uk)
ok kettenis@
|
|
string-handling <stdio.h> functions, like we already do it for <string.h>.
Includes a smaller patch from <kshe59 at zoho dot eu>, OK jmc@.
|
|
while here, consistently use .Fo to cure execessive line lengths
|
|
support FBT_CREATE. Fall back to FBT_MKNOD + FBT_OPEN so that a valid
sequence of FUSE messages is sent to the file system when creating files.
input from mpi@, otto@
|
|
to builtins like mem{set,cpy,move} and __stack_smash_handler. So, when
building with clang, instead mark those as protected visibility to get rid
of the PLT relocations. We can't take the address of them then, but that's
ok: it's a build-time error not a run-time error.
ok kettenis@
|
|
POSIX functions) and turn the weird DIAGNOSTICS section into a normal
RETURN VALUES section while here.
|
|
This removes the last remaining use of the old M_ASN1_* macros (asn1_mac.h)
from API that needs to continue to exist.
ok beck@ inoguchi@
|
|
If no TLS extensions are present in a client hello or server hello, omit
the entire extensions block, rather than including it with a length of
zero.
ok beck@ inoguchi@
|
|
Based on BoringSSL.
|
|
with "warning: " since 2003, so the messages themselves need not
contain the prefix anymore.
From Scott Cheloha
ok jca, deraadt
|
|
sufficiently and at least one horrific security hole was the result.
ok deraadt@ beck@
|
|
running in the foreground.
ok mpi@
|
|
ok patrick@
|
|
and the resulting byte-alignment triggers unaligned access.
ok patrick@, deraadt@
|
|
using mbrtowc(3). Thus, we now treat the format string as a bytestring,
not as a multibyte character string.
We think that ANSI C made a small error when adding wide characters:
The committees essentially replaced "characters" with "wide characters"
in the existing printf documentation, which was written before the
concept of processing was established. Doing processing on the format
string would break some 8-bit format strings in the wild, and that
isn't something these committees gave themselves license to do.
Based on the "10x printf speedup" commit from android found by tedu:
https://github.com/aosp-mirror/platform_bionic/commit/5305a4d4a723b06494b93f2df81733b83a0c46d3
Thanks to millert and schwarze for digging into the history and
testing *printf behavior on other platforms.
ok deraadt, millert
|
|
ok mpi@
|
|
Endless loop if directory nested more than one level from root of file system
Current directory not found if the parent directory contains more children than
will fit in the buffer passed to VOP_READDIR(9)
Open and close directory in fusefs_readdir if dir is not already open.
Now behaves as if readdir_ino option was passed to fuse so that directories in
path have a valid ino.
ok mpi@
|
|
multiple options after -o.
arguments that require options e.g. -p 22
%s, %lu, %u option templates
ok mpi@
|
|
changes by schwarze to vfprintf.c r1.71. Cherrypicked from android:
https://github.com/aosp-mirror/platform_bionic/commit/5305a4d4a723b06494b93f2df81733b83a0c46d3
ok millert
|
|
|
|
While it is not clear (to me) why that ports ends up with corrupted
shared libs, reverting those changes fixes the issue and should allow us
to close p2k17 more smoothly.
Discussed with a bunch, ok ajacoutot@ guenther@
|
|
From Helg Bredow.
|
|
From Helg Bredow, ok pirofti@
|
|
|
|
|
|
Delete incorrect "unused" keyword and remove redundant variables due
to missing NULL checks.
From Helg Bredow.
|
|
fixes, no library bump needed.
OK deraadt@
|
|
in binutils that results in uninitialized .dynsym entries in shared objects
in the samba port.
problem reported by naddy@
ok jca@ kettenis@
|
|
|
|
ok jca@, deraadt@
|
|
ok kettenis@ deraadt@
|
|
suggested by miod@
ok kettenis@
|
|
Also, '_memcpy' and '_stack' were specific to arm and should not have been
copied here
|
|
ok kettenis@
|
|
unlock the mutex inside the pthread_once_t. Push a cleanup wrapper for that.
Diff from Scott Cheloha <scottcheloha@gmail.com>
ok mpi@
|
|
on the stack instead of mallocing the list and move the APIs from libpthread
to libc so that they can be used inside libc.
Note: the standard was explicitly written to permit/support this
"macro with unmatched brace" style and it's what basically everyone
else already does. We xor the info with random cookies with a
random magic to detect/trip-up overwrites.
Major bump to both libc and libpthread due to the API move.
ok mpi@
|