bluhm
df4fda1761
Calling llabs(LLONG_MIN) is undefined behavior, llvm 7.0.1 does not
work with our old code. In fmt_scaled() move the check before
calling llabs().
found by regress/lib/libutil/fmt_scaled; OK deraadt@ millert@ tedu@
5 years ago
jmc
c1931faa11
explicitly mention local processes; from geoff hill
ok nicm
6 years ago
deraadt
68d7aa0670
delete volatile intended to silence whiny old compilers around vfork.
This variable is only used in the parent context so there is no issue.
ok kettenis
6 years ago
djm
468ab01728
constrain fractional part to [0-9] (less confusing to static analysis); ok ian@
6 years ago
nicm
2c571a29e6
Fix function argument names, from Abel Abraham Camarillo Ojeda via jmc@.
6 years ago
deraadt
3bfb6d03b3
Adjust references for sysctl(3) to sysctl(2)
6 years ago
kettenis
0566b09422
Make a few internal symbols static and add a Symbols.map version script
to control which symbols are exported from the shared library.
ok guenther@, deraadt@, jca@
6 years ago
zhuk
8d93985924
It's the imsg_compose(3) who accepts 'fd' argument, not imsg_create(3).
6 years ago
reyk
9b036c42f9
spacing (in EXAMPLES code)
7 years ago
jmc
e471403169
add previous to NAME;
7 years ago
nicm
cddf1b0fbc
Add getptmfd(), fdopenpty(), fdforkpty() functions. These allow programs
to separate the open(/dev/ptm) from the ioctl(PTMGET) for privilege
separation or pledge().
Based on a diff from reyk@.
ok deraadt millert
7 years ago
deraadt
f94fcc6e0f
use freezero() instead of explicit_bzero+free
7 years ago
reyk
9e0fddd8a3
Use freezero(3) for the imsg framework in imsg_free(3) and ibuf_free(3).
In our privsep model, imsg is often used to transport sensitive
information between processes. But a process might free an imsg, and
reuse the memory for a different thing. iked uses some
explicit_bzero() to clean imsg-buffer but doing it in the library with
the freezero() is less error-prone and also benefits other daemons.
OK deraadt@ jsing@ claudio@
7 years ago
nicm
df542bfce2
Use C99 types (uint32_t) instead of BSD (u_int32_t) - the former are
more portable. Add stdint.h to the headers in imsg_init(3).
No objections from millert@.
7 years ago
deraadt
a6614e5870
Grow buffers using recallocarray, to avoid the potential dribble that
the standard realloc*() functions can leave behind. imsg buffers are
sometimes used in protocol stacks which require some secrecy, and layering
violations would be needed to resolve this issue otherwise.
Discussed with many.
7 years ago
dtucker
b249d7ea63
Fix overly-conservative overflow checks on mulitplications and add checks
on additions. This allows scan_scaled to work up to +/-LLONG_MAX (LLONG_MIN
will still be flagged as a range error). ok millert@
7 years ago
dtucker
73af3c1b7e
Collapse underflow and overflow checks into a single block.
ok djm@ millert@
7 years ago
dtucker
4cba5ce8e2
Catch integer underflow in scan_scaled reported by Nicolas Iooss.
ok deraadt@ djm@
7 years ago
djm
29fbe34e31
fix signed integer overflow in scan_scaled. Found by Nicolas Iooss
using AFL against ssh_config. ok deraadt@ millert@
7 years ago
jmc
fa0722f382
zap trailing whitespace;
8 years ago
reyk
0fd38ba8e4
Fixup the example for msgbuf_write() and imsg_read() to check the
error cases for -1 and 0 explicitly (it initially only checked for -1,
I updated it to also check for 0, and rzalamena@ figured out that 0
has to be checked in a differently).
OK millert@ rzalamena@
8 years ago
guenther
487debcae6
Use a constant format string and output the variable part with %s
ok krw@ millert@
8 years ago
guenther
98ac59d5a1
Use O_CLOEXEC when opening fds local to a function
ok jca@ krw@
8 years ago
guenther
b73a72cf6b
Pull in <stdio.h> for NULL
ok deraadt@
8 years ago
tb
68bc198e0c
Refer to /etc/passwd consistently as the "legacy password file" and
remove some references to differences between versions 6 and 7.
ok jmc, millert, tedu
8 years ago
jca
1adc3fff12
Fix example: long long should be print with %lld
8 years ago
millert
f5bf7ac057
Remove obsolete caveat. OK deraadt@
8 years ago
jmc
813a539cd3
for some time now mandoc has not required MLINKS to function
correctly - logically complete that now by removing MLINKS from base;
authors need only to ensure there is an entry in NAME for any function/
util being added. MLINKS will still work, and remain for perl to ease
upgrades;
ok nicm (curses) bcook (ssl)
ok schwarze, who provided a lot of feedback and assistance
ok tb natano jung
8 years ago
benno
9e6e578d7b
mention that ibuf_free() does not need a NULL check.
8 years ago
benno
a3c84db0c2
check for NULL in ibuf_free().
ok and slight improvement, mmcco@
ok semarie@ and encouragement tedu@ krw@
8 years ago
guenther
b34242015e
Switch login(3) from lseek+read/write to pread/pwrite and only do the pread()
if the data is needed. Use O_CLOEXEC on the internal fd as MT paranoia.
Fix cast in offset calculation; delete register keyword;
prefer memset() over bzero()
ok millert@
8 years ago
tb
a02ad43121
Add a cast to silence a compiler warning by clang on FreeBSD.
From Craig Rodrigues.
ok tedu@
8 years ago
claudio
a3ecc333c4
Do not loop on EAGAIN in imsg_read(). Better to return the error to the
caller and let him do another poll loop. This fixes spinning relayd
processes seen on busy TLS relays. OK benno@ henning@
8 years ago
mmcc
e95c7e3634
Remove three NULL-checks before free(). ok millert@
8 years ago
millert
af62780c97
Use the backchannel for all error messages instead of syslog(3).
OK deraadt@ beck@
8 years ago
deraadt
399fdad76b
creat() -> open equiv; from Frederic Nowak
9 years ago
jmc
657bd2849a
update NAME section to include all documented functions,
or otherwise change Dt to reflect the name of an existing function;
feedback/ok schwarze
9 years ago
deraadt
9e1200d556
Don't Xr flock, since that is not the locking method used.
ok millert
9 years ago
schwarze
6201910f6e
Remove useless quoting from .Fo and .Fn function names, to prevent
development of a cargo cult in case people look at existing files
for examples. This achieves a consistent .Fo and .Fn quoting style
across the whole tree.
9 years ago
schwarze
0f5a134fe9
in the SYNOPSIS, make void function arguments explicit
9 years ago
schwarze
558404f2f1
reduce more .Nd to one line and kill more .Tn
9 years ago
schwarze
a9afc2531c
reduce .Nd to one line and kill .Tn while here
9 years ago
kettenis
ba19740f18
Remove lies about openpty(4) searching for a free pseudo-tty by iterating
through all existing pseudo-tty devices in /dev.
9 years ago
deraadt
c2feb81bea
remove cast of malloc(), since stdlib.h is included
9 years ago
nicm
0f67cd6d58
Handle malloc(0) returning NULL (which can happen on some other
platforms) by explicitly making imsg->data = NULL when there is no
data. ok deraadt
9 years ago
sobrado
f38d8c1811
typo in manual page.
ok jsing@
9 years ago
nicm
cac6c14d57
Use memset instead of bzero for better portability.
ok gilles claudio doug
9 years ago
deraadt
4db28c17f3
typo in embedded code block; from Ben Cornett
9 years ago
brynet
1493b9464e
bzero cmsgbuf before using it, silences valgrind warnings.
henning@ "sure"
9 years ago
reyk
13bb9544ea
The correct semantic is to check msgbuf_write() for <= 0, not just < 0.
Fix one occurence in imsg_flush() and clarify it the man page.
Discussed with at least blambert@ jsg@ yasuoka@.
OK gilles@
9 years ago