Merge FreeBSD 2024-02-02 #2168
Merged
Merge FreeBSD 2024-02-02 #2168
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: rilysh <nightquick@proton.me> Reviewed by: imp Pull Request: freebsd/freebsd-src#959
Signed-off-by: rilysh <nightquick@proton.me> Reviewed by: imp Pull Request: freebsd/freebsd-src#959
Signed-off-by: rilysh <nightquick@proton.me> Reviewed by: imp Pull Request: freebsd/freebsd-src#959
Signed-off-by: rilysh <nightquick@proton.me> Reviewed by: imp Pull Request: freebsd/freebsd-src#959
The script uses [ -z "$INTERFACES" ] to check if the list of interfaces is empty and will exit early if so, but INTERFACES always contains at least a space due to the way it appends the list of wireless devices. Fix this by only adding the space when there are devices to append, mirroring the behaviour for non-wireless devices above (both will result in a redundant leading space when the list is non-empty, but that one is harmless). Fixes: 159ca5c ("Adapt to new wireless scheme where base wlan interfaces do not show up in ifconfig anymore.") MFC after: 1 week
This isn't inherently an error. It is if you're attempting to download dist tarballs or later install packages, but a FreeBSD system with no NIC is a reasonable setup to have, especially in a throwaway VM setting, so we shouldn't say it is one. Leaving the exit code as 1 is still fine, since auto will ignore it, and avoids breaking other uses. MFC after: 1 week
Silence the warning: argument to 'sizeof' in 'strncpy' call is the same expression as the source; did you mean to use the size of the destination?" by using strlcpy() and the size of the destination (device). No functional change intended. Reviewed by: imp Pull Request: freebsd/freebsd-src#901
Standardize the documentation and update it to reflect the current values. Reviewed by: imp Pull Request: freebsd/freebsd-src#901
Reviewed by: imp Pull Request: freebsd/freebsd-src#901
Fix a number of warning mandoc -Tlint and igor turned up. No changes intended. Reviewed by: imp Pull Request: freebsd/freebsd-src#901
Reviewed by: imp Pull Request: freebsd/freebsd-src#901
PR: 273530 Fixes: 08c9016 Add a manpage for the urndis driver. Signed-off-by: Graham Perrin <grahamperrin@gmail.com> Reviewed-by: imp, zlei Pull-request: freebsd/freebsd-src#834
When only the user (ALL) is specified explicitly, and the group is implied, only sudo -u works. Specifying both the user and group, like (ALL:ALL), is required to: 1. Use sudo -g by itself (with no -u user) 2. Use sudo -u and -g together, with a -g group that is different from the -u user's primary group Obtained from: sudo-project/sudo@1d13533 Reviewed by: imp Pull Request: freebsd/freebsd-src#835
Both insecure keys, RSA and Ed25519, are required. Obtained from: hashicorp/vagrant@b40f6e5 Reviewed by: imp Pull Request: freebsd/freebsd-src#835
The way the __fp_type_select macro uses the _Generic expression causes
gcc to throw a warning on valid code if the -Wconversion flag is used.
For example, consider the following program:
#include <math.h>
int main()
{
double x = 1.0;
isnan(x);
return 0;
}
which throws a warning:
$ gcc -Wconversion a.c
a.c:5:15: warning: conversion from 'double' to 'float' may change value [-Wfloat-conversion]
5 | isnan(x);
| ^
This happens because the functions are invoked inside of the _Generic.
Looking at the example of _Generic in the C11 specification, one sees
that the parameters are outside of the _Generic expression (see page 79
here: https://www.open-std.org/jtc1/sc22/wg14/www/docs/n1570.pdf).
Reference: https://stackoverflow.com/a/68309379
Signed-off-by: Martin Oliveira <martin.oliveira@eideticom.com>
Reviewed by: imp
Pull Request: freebsd/freebsd-src#841
Sponsored by: Arm Ltd Reviewed by: imp Pull Request: freebsd/freebsd-src#878
Sponsored by: Arm Ltd Reviewed by: imp Pull Request: freebsd/freebsd-src#878
Add explaination about console fonts, how to convert them, which subset of things support them and how to use them. Reviewed by: imp Pull Request: freebsd/freebsd-src#1063
Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
This should fix build with GCC 13. Fixes: 861274c
The section INTERNET ADDRESSES describes the acceptance of dotted values with varying number of parts in multiple bases. This applies to inet_aton and inet_addr, but not to inet_pton. Clarify this section by listing the functions to which this applies. Move the description of what inet_pton accepts into this section from STANDARDS, where it is easily missed. Rename the section to clarify that it applies only to IPv4. (inet_pton also works with IPv6.) Reviewed by: imp Differential Revision: https://reviews.freebsd.org/D43537
Based on the test case submitted by Andreas Bock for PR 275286. PR: 275286 MFC after: 2 weeks
MFC after: 1 week
These tests reuse jail names and so cannot run in parallel. MFC after: 1 week
This one has been commented out since the initial commit, but doesn't appear to pose any problems. MFC after: 1 week
Otherwise we get spurious test failures when running tests in parallel. The intent here was to name jails after the tests, but this was done incorrectly in a couple of places. MFC after: 1 week
We have s_fabs.c, but fabs(3) is already provided by libc due to historical reasons, so it is not compiled into libm. When the linker does not use --undefined-version, this leads to a complaint about the symbol being nonexistent, so remove it from Symbol.map. While here, adjust the comment about some functions being supplied by libc: while it is true that all these are indeed in libc, libm still includes its own versions of frexp(3), isnan(3), isnanf(3), and isnanl(3). Reported by: Steve Kargl <sgk@troutmask.apl.washington.edu> MFC after: 3 days
[compiler-rt] remove hexdump interception. (#79378) a freebsd dev member reported a symbol conflict and intercepting this had little value anyway. This is one part of fixing the WITH_ASAN build. Some executables in the base system define their own hexdump() symbol, which would otherwise conflict with the ASan-intercepted one. Reported by: markj PR: 276597 MFC after: 3 days
This is another part of fixing the WITH_ASAN build. Some additional source files had to be added to libllvm and liblldb, since the ASan instrumentation causes symbols in those files to be referenced. Reported by: markj PR: 276597 MFC after: 3 days
On several systems we've noticed that when NTB link goes down, the Physical Layer User Test Pattern registers we use as additional scratchpad registers (that is explicitly allowed by the chip specs) become read-only for about 100us. I see no explanation for this in the chip specs, neither why it was not seen before, may be a race. Since we do need these registers, workaround it by repeating writes until we succeed or 1ms timeout expire. MFC after: 1 week
Signed-off-by: rilysh <nightquick@proton.me> Reviewed by: imp Pull Request: freebsd/freebsd-src#959
Signed-off-by: rilysh <nightquick@proton.me> Reviewed by: imp Pull Request: freebsd/freebsd-src#959
Signed-off-by: rilysh <nightquick@proton.me> Reviewed by: imp Pull Request: freebsd/freebsd-src#959
Signed-off-by: rilysh <nightquick@proton.me> Reviewed by: imp Pull Request: freebsd/freebsd-src#959
Signed-off-by: rilysh <nightquick@proton.me> Reviewed by: imp Pull Request: freebsd/freebsd-src#959
Signed-off-by: rilysh <nightquick@proton.me> Reviewed by: imp Pull Request: freebsd/freebsd-src#959
Signed-off-by: rilysh <nightquick@proton.me> Reviewed by: imp Pull Request: freebsd/freebsd-src#959
Signed-off-by: rilysh <nightquick@proton.me> Reviewed by: imp Pull Request: freebsd/freebsd-src#959
Signed-off-by: rilysh <nightquick@proton.me> Reviewed by: imp Pull Request: freebsd/freebsd-src#959
The script uses [ -z "$INTERFACES" ] to check if the list of interfaces is empty and will exit early if so, but INTERFACES always contains at least a space due to the way it appends the list of wireless devices. Fix this by only adding the space when there are devices to append, mirroring the behaviour for non-wireless devices above (both will result in a redundant leading space when the list is non-empty, but that one is harmless). Fixes: 159ca5c ("Adapt to new wireless scheme where base wlan interfaces do not show up in ifconfig anymore.") MFC after: 1 week
This isn't inherently an error. It is if you're attempting to download dist tarballs or later install packages, but a FreeBSD system with no NIC is a reasonable setup to have, especially in a throwaway VM setting, so we shouldn't say it is one. Leaving the exit code as 1 is still fine, since auto will ignore it, and avoids breaking other uses. MFC after: 1 week
Silence the warning: argument to 'sizeof' in 'strncpy' call is the same expression as the source; did you mean to use the size of the destination?" by using strlcpy() and the size of the destination (device). No functional change intended. Reviewed by: imp Pull Request: freebsd/freebsd-src#901
Standardize the documentation and update it to reflect the current values. Reviewed by: imp Pull Request: freebsd/freebsd-src#901
Reviewed by: imp Pull Request: freebsd/freebsd-src#901
Fix a number of warning mandoc -Tlint and igor turned up. No changes intended. Reviewed by: imp Pull Request: freebsd/freebsd-src#901
Reviewed by: imp Pull Request: freebsd/freebsd-src#901
PR: 273530 Fixes: 08c9016 Add a manpage for the urndis driver. Signed-off-by: Graham Perrin <grahamperrin@gmail.com> Reviewed-by: imp, zlei Pull-request: freebsd/freebsd-src#834
When only the user (ALL) is specified explicitly, and the group is implied, only sudo -u works. Specifying both the user and group, like (ALL:ALL), is required to: 1. Use sudo -g by itself (with no -u user) 2. Use sudo -u and -g together, with a -g group that is different from the -u user's primary group Obtained from: sudo-project/sudo@1d13533 Reviewed by: imp Pull Request: freebsd/freebsd-src#835
Both insecure keys, RSA and Ed25519, are required. Obtained from: hashicorp/vagrant@b40f6e5 Reviewed by: imp Pull Request: freebsd/freebsd-src#835
The way the __fp_type_select macro uses the _Generic expression causes
gcc to throw a warning on valid code if the -Wconversion flag is used.
For example, consider the following program:
#include <math.h>
int main()
{
double x = 1.0;
isnan(x);
return 0;
}
which throws a warning:
$ gcc -Wconversion a.c
a.c:5:15: warning: conversion from 'double' to 'float' may change value [-Wfloat-conversion]
5 | isnan(x);
| ^
This happens because the functions are invoked inside of the _Generic.
Looking at the example of _Generic in the C11 specification, one sees
that the parameters are outside of the _Generic expression (see page 79
here: https://www.open-std.org/jtc1/sc22/wg14/www/docs/n1570.pdf).
Reference: https://stackoverflow.com/a/68309379
Signed-off-by: Martin Oliveira <martin.oliveira@eideticom.com>
Reviewed by: imp
Pull Request: freebsd/freebsd-src#841
Sponsored by: Arm Ltd Reviewed by: imp Pull Request: freebsd/freebsd-src#878
Add explaination about console fonts, how to convert them, which subset of things support them and how to use them. Reviewed by: imp Pull Request: freebsd/freebsd-src#1063
Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
This should fix build with GCC 13. Fixes: 861274c
bsdjhb
pushed a commit
to bsdjhb/cheribsd
that referenced
this pull request
Jan 28, 2025
Security fixes: CTSRD-CHERI#2158 rpm: calculate huge header sizes correctly CTSRD-CHERI#2160 util: fix out of boundary access in mktemp functions CTSRD-CHERI#2168 uu: stop processing if lines are too long CTSRD-CHERI#2174 lzop: prevent integer overflow CTSRD-CHERI#2172 rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696) CTSRD-CHERI#2175 unzip: unify EOF handling CTSRD-CHERI#2179 rar4: fix out of boundary access with large files CTSRD-CHERI#2203 rar4: fix OOB access with unicode filenames CTSRD-CHERI#2210 rar4: add boundary checks to rgb filter CTSRD-CHERI#2248 rar4: fix OOB in delta filter CTSRD-CHERI#2249 rar4: fix OOB in audio filter CTSRD-CHERI#2256 fix multiple vulnerabilities identified by SAST CTSRD-CHERI#2258 cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing CTSRD-CHERI#2265 rar5: clear 'data ready' cache on window buffer reallocs CTSRD-CHERI#2269 rar4: fix CVE-2024-26256 (CVE-2024-26256) Important bugfixes: CTSRD-CHERI#2150 xar: fix another infinite loop and expat error handling CTSRD-CHERI#2173 shar: check strdup return value CTSRD-CHERI#2161 lha: fix integer truncation on 32-bit systems CTSRD-CHERI#2245 7zip: fix issue when skipping first file in 7zip archive that is a multiple of 65536 bytes CTSRD-CHERI#2259 rar5: don't try to read rediculously long names CTSRD-CHERI#2290 ar: fix archive entries having no type Obtained from: libarchive Vendor commit: 12ecf8418ab3595d66cdea1abadcea8b6a9d288b CVE: CVE-2024-20696, CVE-2024-26256
bsdjhb
pushed a commit
to bsdjhb/cheribsd
that referenced
this pull request
Jan 28, 2025
Libarchive 3.7.7 Security fixes: CTSRD-CHERI#2158 rpm: calculate huge header sizes correctly CTSRD-CHERI#2160 util: fix out of boundary access in mktemp functions CTSRD-CHERI#2168 uu: stop processing if lines are too long CTSRD-CHERI#2174 lzop: prevent integer overflow CTSRD-CHERI#2172 rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696) CTSRD-CHERI#2175 unzip: unify EOF handling CTSRD-CHERI#2179 rar4: fix out of boundary access with large files CTSRD-CHERI#2203 rar4: fix OOB access with unicode filenames CTSRD-CHERI#2210 rar4: add boundary checks to rgb filter CTSRD-CHERI#2248 rar4: fix OOB in delta filter CTSRD-CHERI#2249 rar4: fix OOB in audio filter CTSRD-CHERI#2256 fix multiple vulnerabilities identified by SAST CTSRD-CHERI#2258 cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing CTSRD-CHERI#2265 rar5: clear 'data ready' cache on window buffer reallocs CTSRD-CHERI#2269 rar4: fix CVE-2024-26256 (CVE-2024-26256) #2330 iso: be more cautious about parsing ISO-9660 timestamps #2343 tar: clean up linkpath between entries #2364 tar: don't crash on truncated tar archives #2366 gzip: prevent a hang when processing a malformed gzip inside a gzip #2377 tar: fix two leaks in tar header parsing Important bugfixes: CTSRD-CHERI#2096 rar5: report encrypted entries CTSRD-CHERI#2150 xar: fix another infinite loop and expat error handling CTSRD-CHERI#2173 shar: check strdup return value CTSRD-CHERI#2161 lha: fix integer truncation on 32-bit systems #2338 tar: fix memory leaks when processing symlinks or parsing pax headers CTSRD-CHERI#2245 7zip: fix issue when skipping first file in 7zip archive that is a multiple of 65536 bytes CTSRD-CHERI#2252 7-zip: read/write symlink paths as UTF-8 CTSRD-CHERI#2259 rar5: don't try to read rediculously long names CTSRD-CHERI#2290 ar: fix archive entries having no type #2360 tar: fix truncation of entry pathnames in specific archives CVE: CVE-2024-20696, CVE-2024-26256 PR: 282047 (exp-run) MFC after: 1 week
bsdjhb
pushed a commit
to bsdjhb/cheribsd
that referenced
this pull request
Jan 28, 2025
Libarchive 3.7.7 Security fixes: CTSRD-CHERI#2158 rpm: calculate huge header sizes correctly CTSRD-CHERI#2160 util: fix out of boundary access in mktemp functions CTSRD-CHERI#2168 uu: stop processing if lines are too long CTSRD-CHERI#2174 lzop: prevent integer overflow CTSRD-CHERI#2172 rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696) CTSRD-CHERI#2175 unzip: unify EOF handling CTSRD-CHERI#2179 rar4: fix out of boundary access with large files CTSRD-CHERI#2203 rar4: fix OOB access with unicode filenames CTSRD-CHERI#2210 rar4: add boundary checks to rgb filter CTSRD-CHERI#2248 rar4: fix OOB in delta filter CTSRD-CHERI#2249 rar4: fix OOB in audio filter CTSRD-CHERI#2256 fix multiple vulnerabilities identified by SAST CTSRD-CHERI#2258 cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing CTSRD-CHERI#2265 rar5: clear 'data ready' cache on window buffer reallocs CTSRD-CHERI#2269 rar4: fix CVE-2024-26256 (CVE-2024-26256) #2330 iso: be more cautious about parsing ISO-9660 timestamps #2343 tar: clean up linkpath between entries #2364 tar: don't crash on truncated tar archives #2366 gzip: prevent a hang when processing a malformed gzip inside a gzip #2377 tar: fix two leaks in tar header parsing Important bugfixes: CTSRD-CHERI#2096 rar5: report encrypted entries CTSRD-CHERI#2150 xar: fix another infinite loop and expat error handling CTSRD-CHERI#2173 shar: check strdup return value CTSRD-CHERI#2161 lha: fix integer truncation on 32-bit systems #2338 tar: fix memory leaks when processing symlinks or parsing pax headers CTSRD-CHERI#2245 7zip: fix issue when skipping first file in 7zip archive that is a multiple of 65536 bytes CTSRD-CHERI#2252 7-zip: read/write symlink paths as UTF-8 CTSRD-CHERI#2259 rar5: don't try to read rediculously long names CTSRD-CHERI#2290 ar: fix archive entries having no type #2360 tar: fix truncation of entry pathnames in specific archives CVE: CVE-2024-20696, CVE-2024-26256 PR: 282047 (exp-run) MFC after: 1 week
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
PR for CI