| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
In the function fgetwln() there's a 4 byte heap overflow.
There is a while loop that has this check to see whether there's still
enough space in the buffer:
if (!fb->len || wused > fb->len) {
If this is true more memory gets allocated. However this test won't be
true if wused == fb->len, but at that point wused already points out
of the buffer. Some lines later there's a write to the buffer:
fb->wbuf[wused++] = wc;
This bug was found with the help of address sanitizer.
Warned-by: ASAN
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=93881
Signed-off-by: Guillem Jover <guillem@hadrons.org>
|
|
Reuse the getentropy code for Linux on the Hurd, which has fallbacks
for when the better interfaces are not present. And remove all the code
that is not supported currently on the Hurd. Ideally the Hurd should
get an equivalent interfaces that does not suffer from the same
problems as /dev/urandom.
|
|
|
|
Include getentropy_<SYSTEM>.c instead of arc4random_<SYSTEM>.c.
|
|
|
|
The Unix hook should work for most Unix-like systems, move glibc
specific code there and a FreeBSd specific comment, and remove the rest.
Also change the code to always fallback to use the generic Unix code.
This should cover GNU/Hurd and GNU/kFreeBSD among others.
|
|
Actually use the local private SHA512 header instead of relying on the
OpenSSL one for no good reason. Add definition for expected macro
SHA512_DIGEST_LENGTH.
|
|
Rework arc4random_stir() and arc4random_addrandom() code over the new
internal API, and documentation in the man page. Adapt the code to the
local build system.
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=85827
|
|
Adapt the code to the local build system.
|
|
|
|
Add support for the NIOS2 soft-core CPU provided by Altera.
Signed-off-by: Marek Vasut <marex@denx.de>
Signed-off-by: Guillem Jover <guillem@hadrons.org>
Cc: Ley Foon Tan <lftan@altera.com>
Cc: Thomas Chou <thomas@wytron.com.tw>
Cc: Walter Goossens <waltergoossens@home.nl>
|
|
Use this variable in EXTRA_DIST and libbsd_la_DEPENDENCIES.
|
|
|
|
|
|
The fparseln() function had the NetBSD uppercase macros stubbed out,
so replace them with the actual stdio ones. The fgetln() function was
missing any locking at all.
|
|
Although the current implementation in libbsd is probably one of the
safest ones around, it still poses some problems when used with many
file streams. This function has now a replacement, that is both more
standard and portable. Ask users to switch to getline(3) instead.
|
|
|
|
|
|
|
|
Some 64-bit platforms (e.g. Windows 64) have a 32-bit long. So, shifting
1UL 32-bits to the left causes an overflow. This replaces the constant
1UL with (size_t)1 so that we get the correct constant size for the
platform.
Import from OpenBSD.
Signed-off-by: Guillem Jover <guillem@hadrons.org>
|
|
|
|
|
|
|
|
Closing file descriptors changes the content of the fd directories in
the /proc filesystem, which means readdir() might get very confused.
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=85663
|
|
|
|
|
|
Import from sudo. Adapt the build system to detect the required features.
|
|
|
|
|
|
In case the support is not available, just stop building the
libbsd-ctor.a library, which is a nice to have thing, but should not
have been a hard requirement from the start. This should allow to
build libbsd on non-glibc based systems using another libc.
|
|
Signed-off-by: Guillem Jover <guillem@hadrons.org>
|
|
|
|
Import code from DragonFlyBSD and man page from FreeBSD.
|
|
Signed-off-by: Guillem Jover <guillem@hadrons.org>
|
|
Inline license information from FreeBSD root dir COPYRIGHT file.
|
|
This is a wrapper over the glibc fopencookie() function.
We diverge from the FreeBSD, OpenBSD and DragonFlyBSD declarations,
because seekfn() there wrongly uses fpos_t, assuming it's an integral
type, and any code using that on a system where fpos_t is a struct
(such as GNU-based systems or NetBSD) will fail to build. In which case,
as the code has to be modified anyway, we might just as well use the
correct declaration.
|
|
Do not allow numbers greated than INT64_MAX and smaller than INT64_MIN.
Clarify the positive sign value by prefixing it with an explicit +.
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=66909
|
|
Try to give a helpful message in case the program is not initializing
the setproctitle() machinery.
|
|
The automatic initialization cannot be part of the main shared library,
because there is no thread-safe way to change the environ global
variable. This is not a problem if the initializaion happens just at
program load time, but becomes one if the shared library is directly or
indirectly dlopen()ed during the execution of the program, which could
have either kept references to the old environ or could change it in
some other thread. This has been observed for example on systems using
Samba NSS modules.
To avoid any other possible fallout, the constructor is split into a
new static library that needs to be linked explicitly into programs
using setproctitle(). As an additional safety measure the pkg-config
linker flags will mark the program as not allowing to be dlopen()ed
so that we avoid the problem described above.
Reported-by: Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=66679
|
|
It's easier to find there, and the value can be reused in case we have
to provide another shared library.
|
|
|
|
Because clearenv() or setenv() might free the environ array of pointers,
we should make sure to copy it so that we can access it later on when
doing the deep copy via setenv().
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=65470
|
|
Do not stop exporting the function in the version node even if typeof
is not available, as that would break ABI.
|
|
|
|
The GNU .init_array support is an extension over the standard System V
ABI .init_array support, which passes the main() arguments to the init
function.
This support comes in three parts. First the dynamic linker (from glibc)
needs to support it. Then function pointers need to be placed in the
section, for example by using __attribute__((constructor)), that the
compiler (gcc or clang for example) might place in section .ctors and
the linker (from binutils) will move to .init_array on the output
object, or by placing them directly into .init_array by the compiler
when compiling. If this does not happen and the function pointers end
up in .ctors, then they will not get passed the main() arguments, which
we do really need in this case.
But this relies on recent binutils or gcc having native .init_array
support, and not having it disabled through --disable-initfini-array.
To guarantee we get the correct behaviour, let's just place the function
pointer in the .init_array section directly, so we only require a recent
enough glibc.
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=65029
|
|
|
|
|
|
|
|
|
|
Merge some interesting changes.
|
