millert
5cd2c72134
Avoid using and end pointer since strnlen(string, -1) is legal
and would otherwise result in overflowing the end pointer and
cause strnlen() to return 0. OK sthen@
14 years ago
sthen
dc836a92d7
typo; Ian McWilliam
14 years ago
nicm
8b7d56fe29
Move imsg into libutil and add a man page.
Minor bump for libutil.
Previous versions of this diff and man page looked at by various people.
"you should just commit" deraadt
14 years ago
jmc
ffc1056ac2
oops - forgot to check for trailing whitespace;
14 years ago
thib
7087fc1c2f
reword the 'D' dump bit to make it clear that the malloc.out file needs
to exist before exit for malloc to dump stats in it.
tweaks from jmc@
ok otto@,jmc@
14 years ago
millert
ec550b1dc0
Add HISTORY section, mostly for strnlen() but include strlen() for
completeness (verified).
14 years ago
chl
0809e538e1
remove unused variable.
ok millert@ tedu@
14 years ago
jmc
e009efae5d
tweak previous;
14 years ago
tedu
bbe8fdc923
add posix_madvise, posix_memalign, strndup, and strnlen. mostly from
brad and millert, with hints from guenther, jmc, and otto I think.
ok previous.
14 years ago
jmc
ae4224e9df
- nuke some unneeded Pp; from kristaps
- small tweak while here
14 years ago
jmc
6adb9298b2
WARNINGS -> CAVEATS, and a little neccessary cleanup;
14 years ago
kettenis
92dc8ab6e1
Modify example not to use an assignment in the if statement. We shouldn't
teach people bad habits!
ok krw@, jmc@, dlg@, thib@
15 years ago
kili
e5fe5595e0
It's unsetenv() that doesn't like `=' in the argument, not putenv().
ok millert@
15 years ago
otto
1fc05bec9f
Use size_t in appropriate places; fixes sorting of big arrays;
after the diff was written, I made it similar to the freebsd fix of
the same code; pr6287 ok millert@ guenther@
15 years ago
otto
c80808a2a6
use size_t to index arrays; avoids big array bugs; ok millert@ guenther@
15 years ago
miod
0d9cbfe642
Use MACHINE_CPU instead of MACHINE_ARCH to pick the correct machine dependent
files or directories when applicable.
The inspiration and name of MACHINE_CPU come from NetBSD, although the way to
provide it to Makefiles is completely different.
ok kettenis@
15 years ago
jmc
652f4e1cc3
stucture -> structure;
15 years ago
otto
f816214aa0
New options 'S', as a shorthand for the options most suitable as an
extra safeguard (FGJ). Idea from deraadt@; ok deraadt@ dlg@
15 years ago
oga
5548c875db
plug a file descriptor leak in HASHFileChunk().
From Igor Zinovik; thanks!
ok millert@
15 years ago
otto
da818aa199
save calls to arc4random() by using a nibble at a time; not because
arc4random() is slow, but it induces getpid() calls; also saves a
bit on stirring efforts
15 years ago
guenther
253b3ff700
No point in refreshing the pid from inside arc4_stir() when that
doesn't test it, so factor out the two places that test it into a
routine and do the refreshing there. With this, arch4random_buf()
doesn't trigger superfluous calls to getpid() when filling large
buffers.
ok deraadt@, "looks nicer indeed" otto@
15 years ago
miod
f303db8b57
Make userland malloc use __LDPGSZ granularity on mips, regardless of the
actual kernel page size.
15 years ago
jmc
d208a2f0f2
missing word;
from trhodes@freebsd, r200095;
15 years ago
otto
9ddcd3502a
Switch the chunk_info lists to doubly-linked lists and use the queue
macros for them. Avoids walking the lists and greatly enhances speed
of freeing chunks in reverse or random order at the cost of a little
space. Suggested by Fabien Romano and Jonathan Armani; ok djm@
15 years ago
otto
600b8b9fd5
Don't forget to fill region from the cache with junk if needed in one case;
from Fabien Romano and Jonathan Armani
15 years ago
otto
c8f1be5032
No need to clear a mmapped region; from Fabien Romano and Jonathan
Armani
15 years ago
todd
ef8dd643ed
permit -DMALLOC_STATS to compile again
noticed by Jonathan Armani & Fabien Romano
ugh+ok otto@
15 years ago
sobrado
2101574acc
s/Mhz/MHz/, MHz is a multiple of the SI unit hertz (whose symbol is Hz).
15 years ago
deraadt
e44f0a8fb7
Do not need -DLIBC_SCCS anymore
15 years ago
deraadt
46f44e2831
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and
unmaintainable). these days, people use source. these id's do not provide
any benefit, and do hurt the small install media
(the 33,000 line diff is essentially mechanical)
ok with the idea millert, ok dms
15 years ago
pirofti
5e4aca2f5f
Check mmap return value against MAP_FAILED not NULL.
Okay deraadt@, otto@.
15 years ago
martynas
f30cf48cfa
teach gdtoa & its subroutines that malloc can fail; in which case
ecvt, fcvt, gcvt, *printf, strtof, strtod, strtold act per ieee
1003.1. after these massive changes, remove unused files which
would not work now. reported by Maksymilian Arciemowicz; ok theo
15 years ago
otto
65dc48b142
rewrite the history section, prompted by Paul Stoeber; ok deraadt@ jmc@
15 years ago
jmc
db67d7c77d
remove unsupported LIBRARY section; from Alan R. S. Bueno
15 years ago
millert
4bfe74412c
Use STD*_FILENO instead of 0-2. OK henning@ djm@ gilles@ dhill@
15 years ago
martynas
e1c2ed5d72
abs conforms c99 -> imaxabs conforms c99. ok millert@
15 years ago
martynas
b263bc8a8a
use llabs instead of the home-grown version; and some comment changes
ok ian@, millert@
15 years ago
deraadt
d4f78c2955
quieten compiler by converting pointers to uintptr_t before truncating them
to u_int32_t to do integer math with (in a situation where that is legit)
ok otto millert
15 years ago
millert
63a463cfbd
Don't assume that we can overwrite strings in the environment.
Someone may have passed a read-only string to putenv() (I'm looking
at you cron!).
15 years ago
millert
d3d9cc08f7
Make putenv(), setenv() and unsetenv() standards compliant. The
standard explicitly disallows passing setenv a name with a '=' in
it but historic BSD behavior is to allow this but to ignore the '='
and anything after it.
15 years ago
djm
8b81695079
allow building without SHA384 and SHA512 (i.e. SHA256 only) with
-DSHA256_ONLY in order to save space; ok deraadt@
15 years ago
okan
3bc42fd077
document that no leading whitespace is permitted between the option and
argument if the argument is deemed to be optional ('::').
feedback and ok jmc@ and millert@
15 years ago
jmc
2024268fd6
kill whitespace at eol;
16 years ago
otto
69f875a94f
decribe 'F' better and mention flags are debugging aids; ok tedu@ jmc@
16 years ago
jmc
d69225c623
correct function definitions; from Markus Bergkvist
16 years ago
djm
10887343e6
reintroduce extra malloc protections, but avoiding the use of
PAGE_(SIZE|SHIFT|MASK) defines that evaluate to variables on the
sparc architecture;
ok otto@ tested on my reanimated ss20
16 years ago
deraadt
69d34d79a8
PAGE_SIZE is not a valid symbol to use in that way. In particular,
on sparc, it expands to something that just plain does not work,
because the page size can be variable. Sorry we didn't spot this
before. Backing it all out to allow sparc to build; please find a
different way to fix it.
16 years ago
djm
d835fe24d1
Remove mprotecting of struct dir_info introduced in previous commit
(MALLOC_OPTIONS=L). It was too slow to turn on by default, and we
don't do optional security.
requested by deraadt@ grumbling ok otto@
16 years ago
djm
b1b6e37e4e
extra paranoia for malloc(3):
Move all runtime options into a structure that is made read-only
(via mprotect) after initialisation to protect against attacks that
overwrite options to turn off malloc protections (e.g. use-after-free)
Allocate the main bookkeeping data (struct dir_info) using mmap(),
thereby giving it an unpredictable address. Place a PROT_NONE guard
page on either side to further frustrate attacks on it.
Add a new 'L' option that maps struct dir_info PROT_NONE except when
in the allocator code itself. Makes attacks on it basically impossible.
feedback tedu deraadt otto canacar
ok otto
16 years ago
deraadt
81a1885e03
repair the ARC4 story; ok jmc djm millert
16 years ago