not going to fix in order to stay compatible with legacy password data.
Nobody should use DES crypt anyway these days.
See http://www.freebsd.org/security/advisories/FreeBSD-SA-12:02.crypt.asc
for details about this bug.
Discussed with deraadt and beck about half a year ago (I'm pruning Ms
from my tree).
unmapping of freed allocations without disabling chunk randomisation
like the "Freeguard" ('F') option does. Make security 'S' option
use 'U' and not 'F'.
Rationale: guarding with no chunk randomisation is great for debugging
use-after-free, but chunk randomisation offers better defence against
"heap feng shui" style attacks that depend on carefully constructing a
particular heap layout so we should leave this enabled when requesting
security options.
variants) for URLs, allowing mandoc -Thtml to properly generate links;
(sendmail.8 changes are simply using Lk, which i somehow missed in previous)
ingo reminded me to verify that gnu groff recognises %U: 1.20.1 does not,
but 1.21 does;
``-upper_bound % upper_bound''. Simplifies the code and makes it the
same on both ILP32 and LP64 architectures, and also slightly faster on
LP64 architectures by using a 32-bit remainder instead of a 64-bit
remainder.
Pointed out by Jorden Verwer on tech@
ok deraadt; no objections from djm or otto
clear out the entire requested area, not just a perfect fit. second,
use mquery to check for room to avoid getting an address we don't like
and having to send it back.
and valloc() are not in the current version, while posix_memalign() mkstemp(),
and mkdtemp() are, and setstate()'s argument has lost a bogus 'const'.
ok millert@ jmc@ espie@ kettenis@; ports build testing by naddy@
explaining of "what a C string is", and make it more clear that these
functiosn BEHAVE EXACTLY LIKE snprintf with "%s"! (anyone who wants
to write a 'strlcpy considered harmful' paper should probably write a
'strlcpy and snprintf considered harmful' paper instead).
note to those from other projects reading this commit message: It would
be very good if this new manual was picked up in your project.
ok jmc millert krw
the last node is deleted. Instead, resolve the Coverity warning
by returning (node *)1 when you delete the root node.
based an idea from millert@. ok otto@