Merge FreeBSD 2024-08-09 #2248
Merged
Merge FreeBSD 2024-08-09 #2248
+2,141
−2,016
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
fsn_included should only be considered, if first_frag_seen is true. Also, fix the resetting of the control structure, if stream queues are flushed. This fixes a bug where a legitimate message sequence was incorrectly classified as illegitimate. Thanks to Victor Boivie for reporting the issue on the userland stack. MFC after: 3 days
These were accidentally lost when moving recvmmsg and sendmmsg back from libc to libsys. Reported by: Mark Millard <marklmi@yahoo.com> Reviewed by: brooks, imp Fixes: 29d079c libsys: move __libsys_interposer consumers Differential Revision: https://reviews.freebsd.org/D46200
This was a style regression I missed when merging an earlier commit. Fixes: 169641f imgact_elf: Add const to a few struct image_params pointers Sponsored by: AFRL, DARPA
MFC after: 3 days
We only need to check kenv for DEBUG_SH once. We also need to export DEBUG_SH to be useful. Sponsored by: Juniper Networks, Inc. Reviewed by: imp Differential Revision: https://reviews.freebsd.org/D46219
Describe how to switch the TCP stack on all endpoints in the LISTEN state. Reviewed by: concussious.bugzilla_runbox.com MFC after: 1 week Sponsored by: Netflix, Inc. Differential Revision: https://reviews.freebsd.org/D46218
Address comment provided by bcr. MFC after: 1 week Sponsored by: Netflix, Inc.
PR: 280566 Reviewed by: dougm
Fix the collision of TF2_IPSEC_TSO and TF2_NO_ISS_CHECK Fixes: 646c28e ("tcp: improve SEG.ACK validation") MFC after: 1 week Sponsored by: Netflix, Inc.
The default was true and it is consistent to inherit the TCP function block from the listener as most of the other parameters. Reviewed by: Peter Lei, cc Sponsored by: Netflix, Inc. Differential Revision: https://reviews.freebsd.org/D46141
Like any other parameter, the CC algorithm should be inherited from the listener. Reviewed by: cc Sponsored by: Netflix, Inc. Differential Revision: https://reviews.freebsd.org/D46143
This patch makes gstat to show latency in microseconds if actual latency
is less than 1ms. It affects only "ms/r" and "ms/w" columns.
Before patch:
L(q) ops/s r/s kBps ms/r w/s kBps ms/w %busy Name
0 922 0 0 0.0 922 35809 0.0 2.8| nda0
0 928 2 34 0.1 926 35809 0.0 3.1| nda1
After patch:
L(q) ops/s r/s kBps ms/r w/s kBps ms/w %busy Name
0 496 1 31 0.156 495 16020 0.040 1.5| nda0
0 492 0 0 0.000 492 16020 0.042 1.5| nda1
Reviewed by: imp
MFC after: 3 days
Sponsored by: Postgres Professional
Differential Revision: https://reviews.freebsd.org/D41999
This fixes a number of clang 19 warnings:
sys/contrib/dev/ath/ath_hal/ar9300/ar9300_eeprom.c:709:25: error: comparison of different enumeration types ('HAL_BOOL' and 'HAL_FREQ_BAND') [-Werror,-Wenum-compare]
709 | freq_array[i] = FBIN2FREQ(p_freq_bin[i], is_2ghz);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sys/contrib/dev/ath/ath_hal/ar9300/ar9300eep.h:148:11: note: expanded from macro 'FBIN2FREQ'
148 | (((y) == HAL_FREQ_BAND_2GHZ) ? (2300 + x) : (4800 + 5 * x))
| ~~~ ^ ~~~~~~~~~~~~~~~~~~
sys/contrib/dev/ath/ath_hal/ar9300/ar9300_eeprom.c:745:25: error: comparison of different enumeration types ('HAL_BOOL' and 'HAL_FREQ_BAND') [-Werror,-Wenum-compare]
745 | freq_array[i] = FBIN2FREQ(p_freq_bin[i], is_2ghz);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sys/contrib/dev/ath/ath_hal/ar9300/ar9300eep.h:148:11: note: expanded from macro 'FBIN2FREQ'
148 | (((y) == HAL_FREQ_BAND_2GHZ) ? (2300 + x) : (4800 + 5 * x))
| ~~~ ^ ~~~~~~~~~~~~~~~~~~
sys/contrib/dev/ath/ath_hal/ar9300/ar9300_eeprom.c:781:25: error: comparison of different enumeration types ('HAL_BOOL' and 'HAL_FREQ_BAND') [-Werror,-Wenum-compare]
781 | freq_array[i] = FBIN2FREQ(p_freq_bin[i], is_2ghz);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sys/contrib/dev/ath/ath_hal/ar9300/ar9300eep.h:148:11: note: expanded from macro 'FBIN2FREQ'
148 | (((y) == HAL_FREQ_BAND_2GHZ) ? (2300 + x) : (4800 + 5 * x))
| ~~~ ^ ~~~~~~~~~~~~~~~~~~
The `FBIN2FREQ()` and `FREQ2FBIN()` macros in `ar9300eep.h` are invoked
in most places around the `ath_hal` code with a (effectively) boolean
second argument, corresponding to "is this 2GHz?". But in the code that
is warned about, the value `HAL_FREQ_BAND_2GHZ` is of a different
non-boolean type, `HAL_FREQ_BAND`.
Update the `FBIN2FREQ()` and `FREQ2FBIN()` macros to interpret the
second argument as boolean value, and rename the macro parameter names
to better describe their meaning.
Reviewed by: adrian, bz
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D46201
Ensure that pmap_init() properly initialized pagesizes[]. In part, we are making this change to document the requirement that the non-zero elements of pagesizes[] must be in ascending order. Reviewed by: kib, markj
Rewrite vm_pageout_cluster to eliminate redundant variables and duplicated code. Remove tests on pindex to check for object boundary conditions, since the page_next and page_prev functions return NULL at the object boundaries. Fix an alignment error that could happen if pindex is aligned, and the first of vm_pageout_page_count flushable pages, and the page at pindex-1 is also flushable. Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D46217
This unlocks a mutex in an error path, that would otherwise remain locked and potentially cause a deadlock later on. Reported by: Coverity Scan CID: 1521334 Reviewed by: corvink, markj MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D45401
Update the ddb printing of t_flags and t_flags2 to the current state of definitions in tcp_var.h. Reviewed by: cc MFC after: 1 week Sponsored by: Netflix, Inc. Differential Revision: https://reviews.freebsd.org/D46222
Improve wording and also fix the constants' names. Sponsored by: The FreeBSD Foundation MFC after: 2 days Reviewed by: dev_submerge.ch Differential Revision: https://reviews.freebsd.org/D46220
1. Remove toepcb from the toep_list on active open failure. 2. Purge the wr_list for an L2T entry on an adpater stop. Fixes: c1c5248 cxgbe/t4_tom: Implement uld_stop and uld_restart for ULD_TOM. MFC after: 2 weeks Sponsored by: Chelsio Communications
PR: 280631 Fixes: acb4cb3 (non-debug builds) Sponsored by: The FreeBSD Foundation
Reviewed by: alc, kib, markj Differential Revision: https://reviews.freebsd.org/D46198
The recently introduced M_NEVERFREED flag is not meant to be used for regular malloc requests. Enforce this by checking for M_NEVERFREED in malloc_dbg. Reviewed by: alc, kib, markj Differential Revision: https://reviews.freebsd.org/D46199
When the kernel is compiled with options RATELIMIT, the mlx5en driver cannot detach. It gets stuck waiting for all kernel users of its rates to drop to zero before finally calling ether_ifdetach. The tcp ratelimit code has an eventhandler for ifnet departure which causes rates to be released. However, this is called as an ifnet departure eventhandler, which is invoked as part of ifdetach(), via either_ifdetach(). This means that the tcp ratelimit code holds down many hw rates when the mlx5en driver is waiting for the rate count to go to 0. Thus devctl detach will deadlock on mlx5 with this stack: mi_switch+0xcf sleepq_timedwait+0x2f _sleep+0x1a3 pause_sbt+0x77 mlx5e_destroy_ifp+0xaf mlx5_remove_device+0xa7 mlx5_unregister_device+0x78 mlx5_unload_one+0x10a remove_one+0x1e linux_pci_detach_device+0x36 linux_pci_detach+0x24 device_detach+0x180 devctl2_ioctl+0x3dc devfs_ioctl+0xbb vn_ioctl+0xca devfs_ioctl_f+0x1e kern_ioctl+0x1c3 sys_ioctl+0x10a To fix this, provide an explicit API for a driver to call the tcp ratelimit code telling it to detach itself from an ifnet. This allows the mlx5 driver to unload cleanly. I considered adding an ifnet pre-departure eventhandler. However, that would need to be invoked by the driver, so a simple function call seemed better. The mlx5en driver has been updated to call this function. Reviewed by: kib, rrs Differential Revision: https://reviews.freebsd.org/D46221 Sponsored by: Netflix
As of e67975d ("Fix 'calendar -a' in several ways."), `calendar -a` will now fork off a new process for each user and do all of its own processing in the user's own context. As a side-effect, calendar(1) started calling setlogin(2) in each of the forked processes and inadvertently hijacked the login name for the session it was running under, which was typically not a fresh session but rather that of whatever cron/periodic run spawned it. Thus, daily and security e-mails started coming from completely arbitrary user. We could create a new session, but it appears that nothing calendar(1) does really needs the login name to be clobbered; opt to just avoid the setlogin(2) call entirely rather than incur the overhead of a new session for each process. PR: 280418 Reviewed by: des, olce Fixes: e67975d ("Fix 'calendar -a' in several ways.") Differential Revision: https://reviews.freebsd.org/D46095
The qlnxe driver always sets the NIC's rx mac address to the card's default MAC, ignoring any MAC address set via ifconfig. PR: 278085 MFC after: 1 week
[libc++] Fix failures with GCC 14 (#92663)
Fixes #91831
Reviewed by: dim
Differential Revision: https://reviews.freebsd.org/D46003
Remove the outer grep and depend on the greps in clean_dep instead. Reviewed by: brooks, imp Obtained from: CheriBSD Sponsored by: AFRL, DARPA Differential Revision: https://reviews.freebsd.org/D46103
Add a reference in 'man 4 ng_one2many' to lagg(4) since its functionality is so similar.
Using the algorithms from https://doi.org/10.1145/3342195.3387533. For the first part, consider all range lock requests as exclusive. Reviewed by: markj, Olivier Certner <olce.freebsd@certner.fr> Tested by: pho Sponsored by: The FreeBSD Foundation Differential revision: https://reviews.freebsd.org/D41787
Reviewed by: markj, Olivier Certner <olce.freebsd@certner.fr> Tested by: pho Sponsored by: The FreeBSD Foundation Differential revision: https://reviews.freebsd.org/D41787
When the gdb stub is configured to pause guest execution upon boot (i.e., the "w" flag is passed to -G), vCPUs end up suspended in two senses: first, suspended by the GDB stub (marked in the vcpus_suspended set), and suspended by the kernel (because fbsdrun_addcpu() suspends APs before spawning their vCPU threads). When the guest is resumed by the debugger, vCPUs are unsuspended in both senses, but this is not correct for APs. Hack around this problem by re-suspending vCPUs after the debugger resumes guest execution, if they were suspended beforehand. Reviewed by: corvink, jhb MFC after: 2 weeks Sponsored by: Innovate UK Differential Revision: https://reviews.freebsd.org/D46196
disable hdmi_audio_infoframe_pack_for_dp function for now as it depends on not imported yet drm sources and is not used by drm-kmod. Reviewed by: manu Sponsored by: Serenity CyberSecurity, LLC Differential Revision: https://reviews.freebsd.org/D46224
…r setting of DRAINING failed Noted by: markj Tested by: dougm, pho (previous version) Reviewed by: markj (previous version), dougm Fixes: 9ef425e Sponsored by: The FreeBSD Foundation
They are functionally equivalent, but the updated form mirrors the tests in sys/net/ethernet.h and avoids confusion. Reviewed by: kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D21037
TCP_BBR_POLICER_DETECT will be removed by an upcoming commit. Reviewed by: rrs Sponsored by: Netflix, Inc. Differential Revision: https://reviews.freebsd.org/D46244
In pipe_build_write_buffer we increment uio_iov but did not update uio_iovcnt. This would not cause an OOB read (thanks to to uio_resid) but is inconsistent and could be an issue if other code changes are made in the future. Reported by: Synacktiv Reviewed by: jhb, markj, brooks Sponsored by: The Alpha-Omega Project Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D45999
Push the #ifdefs down into the function body instead of defining functions conditionally for ease of readability. These aren't critical paths, so one extra branch in the !PCI_IOV case is not a big deal. Requested by: jrtc27 Differential Revision: https://reviews.freebsd.org/D45877
Fixes: 971c9f5 ("pci: Narrow the scope of recently-added PCI_IOV #ifdefs")
When reserving a block with the same size of a RAM segement, we can end up with an empty RAM segmenet. Avoid that by removing this empty segment from the E820 table. Reviewed by: jhb, markj (older version) MFC after: 1 week Sponsored by: Beckhoff Automation GmbH & Co. KG Differential Revision: https://reviews.freebsd.org/D45480
There is a new feature that came in with the last sync to the rack stack that should not have been released. It is untested and may not well work. It currently is off by default, which is good but it is best to remove it until such time that it can be vetted and tuned to actually work :) This change removes just the experimental feature for now. It can make a appearance in the future when it is proofed out. Reviewed by: tuexen Differential Revision:https://reviews.freebsd.org/D45410
Initialize V_ts_offset_secret for each vnet, not only for the default vnet, since it is vnet specific. Reviewed by: Peter Lei MFC after: 3 days Sponsored by: Netflix, Inc. Differential Revision: https://reviews.freebsd.org/D46246
acl_copyin did not validate the return value of acl_copy_oldacl_into_acl which could lead to uninitialized acl structure memory reads. Reported by: Synacktiv Reviewed by: markj, emaste Sponsored by: The Alpha-Omega Project Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D46125
The system-wide warning makes sense in multi-user environments, but shutdown(8) may be used on systems or in scenarios where there's nobody to warn and wall(1) just introduces unnecessary complexity and overhead to the shutdown process. Add an option to suppress the warning entirely for those contexts that want to do so, which are anticipated to mainly be in appliance or single-user desktop-style systems. Reviewed by: des Reviewed by: allanjude, imp (earlier version) Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D46216
A last minute change moved this from -W to -q; fix the sorting in a few places to reflect that. Fixes: 6c7ec63 ("shutdown: add a -q(uiet) flag to suppress [...]") Sponsored by: Klara, Inc.
The maximum cluster number was calculated based on the number of data cluters that fit in the givem partition size and the size of the FAT area. This limit did not take into account that the highest 10 cluster numbers are reserved and must not be used for files. PR: 280347 MFC after: 3 days Reported by: pho@FreeBSD.org
Introduce a new function, add_timeout_timespec(), to use timespec structs to handle timeouts. Make add_timeout() into a wrapper for the latter function to retain compatibility with the rest of the codebase. No functional change intended. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard <icattard@FreeBSD.org> MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: freebsd/freebsd-src#1368
Use the new add_timeout_timespec() API to handle timeouts for state_selecting within dhclient.c. No functional change intended. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard <icattard@FreeBSD.org> MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: freebsd/freebsd-src#1368
Change the use of time() to clock_gettime() to have millisecond-accurate rather than second-accurate timeouts. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard <icattard@FreeBSD.org> MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: freebsd/freebsd-src#1368
Make arp_timeout available to dhclient.c, set the default timeout to 250 ms, and provide a new command-line argument, 'n' for setting the timeout to 0. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard <icattard@FreeBSD.org> MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: freebsd/freebsd-src#1368
Document new n flag for disabling ARP resolution within dhclient. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard <icattard@FreeBSD.org> MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: freebsd/freebsd-src#1368
Introduce a new rc.conf option to not wait for ARP resolution within dhclient. This is plausible on many modern networks where it is possible to trust the DHCP server to know whether an IP address is available. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard <icattard@FreeBSD.org> MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: freebsd/freebsd-src#1368
Add new dhclient_arpwait option to rc.conf.5, with information about what it does, and cases in which it could be disabled. Sponsored by: Google LLC (GSoC 2024) Signed-off-by: Isaac Cilia Attard <icattard@FreeBSD.org> MFC after: 10 days Reviwed by: cperciva, brooks, Tom Hukins, Alexander Ziaee Pull Request: freebsd/freebsd-src#1368
The DHCP server in EC2 knows exactly which system should be using which IP address (and in fact EC2 has source IP filtering on by default) so there's no point ARPing an address before using it. The preceding commits (changing the ARP wait time from 2 s to 250 ms) and this one (eliminating the wait entirely in EC2) reduce the time required for a newly launched FreeBSD/EC2 instance to launch by 2 seconds. Discussed with: icattard MFC after: 10 days Sponsored by: Amazon
bsdjhb
force-pushed
the
merge-freebsd-20240809
branch
from
6cc4ea8 to
59a0db1
Compare
bsdjhb
pushed a commit
to bsdjhb/cheribsd
that referenced
this pull request
Jan 28, 2025
Security fixes: CTSRD-CHERI#2158 rpm: calculate huge header sizes correctly CTSRD-CHERI#2160 util: fix out of boundary access in mktemp functions CTSRD-CHERI#2168 uu: stop processing if lines are too long CTSRD-CHERI#2174 lzop: prevent integer overflow CTSRD-CHERI#2172 rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696) CTSRD-CHERI#2175 unzip: unify EOF handling CTSRD-CHERI#2179 rar4: fix out of boundary access with large files CTSRD-CHERI#2203 rar4: fix OOB access with unicode filenames CTSRD-CHERI#2210 rar4: add boundary checks to rgb filter CTSRD-CHERI#2248 rar4: fix OOB in delta filter CTSRD-CHERI#2249 rar4: fix OOB in audio filter CTSRD-CHERI#2256 fix multiple vulnerabilities identified by SAST CTSRD-CHERI#2258 cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing CTSRD-CHERI#2265 rar5: clear 'data ready' cache on window buffer reallocs CTSRD-CHERI#2269 rar4: fix CVE-2024-26256 (CVE-2024-26256) Important bugfixes: CTSRD-CHERI#2150 xar: fix another infinite loop and expat error handling CTSRD-CHERI#2173 shar: check strdup return value CTSRD-CHERI#2161 lha: fix integer truncation on 32-bit systems CTSRD-CHERI#2245 7zip: fix issue when skipping first file in 7zip archive that is a multiple of 65536 bytes CTSRD-CHERI#2259 rar5: don't try to read rediculously long names CTSRD-CHERI#2290 ar: fix archive entries having no type Obtained from: libarchive Vendor commit: 12ecf8418ab3595d66cdea1abadcea8b6a9d288b CVE: CVE-2024-20696, CVE-2024-26256
bsdjhb
pushed a commit
to bsdjhb/cheribsd
that referenced
this pull request
Jan 28, 2025
Libarchive 3.7.7 Security fixes: CTSRD-CHERI#2158 rpm: calculate huge header sizes correctly CTSRD-CHERI#2160 util: fix out of boundary access in mktemp functions CTSRD-CHERI#2168 uu: stop processing if lines are too long CTSRD-CHERI#2174 lzop: prevent integer overflow CTSRD-CHERI#2172 rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696) CTSRD-CHERI#2175 unzip: unify EOF handling CTSRD-CHERI#2179 rar4: fix out of boundary access with large files CTSRD-CHERI#2203 rar4: fix OOB access with unicode filenames CTSRD-CHERI#2210 rar4: add boundary checks to rgb filter CTSRD-CHERI#2248 rar4: fix OOB in delta filter CTSRD-CHERI#2249 rar4: fix OOB in audio filter CTSRD-CHERI#2256 fix multiple vulnerabilities identified by SAST CTSRD-CHERI#2258 cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing CTSRD-CHERI#2265 rar5: clear 'data ready' cache on window buffer reallocs CTSRD-CHERI#2269 rar4: fix CVE-2024-26256 (CVE-2024-26256) #2330 iso: be more cautious about parsing ISO-9660 timestamps #2343 tar: clean up linkpath between entries #2364 tar: don't crash on truncated tar archives #2366 gzip: prevent a hang when processing a malformed gzip inside a gzip #2377 tar: fix two leaks in tar header parsing Important bugfixes: CTSRD-CHERI#2096 rar5: report encrypted entries CTSRD-CHERI#2150 xar: fix another infinite loop and expat error handling CTSRD-CHERI#2173 shar: check strdup return value CTSRD-CHERI#2161 lha: fix integer truncation on 32-bit systems #2338 tar: fix memory leaks when processing symlinks or parsing pax headers CTSRD-CHERI#2245 7zip: fix issue when skipping first file in 7zip archive that is a multiple of 65536 bytes CTSRD-CHERI#2252 7-zip: read/write symlink paths as UTF-8 CTSRD-CHERI#2259 rar5: don't try to read rediculously long names CTSRD-CHERI#2290 ar: fix archive entries having no type #2360 tar: fix truncation of entry pathnames in specific archives CVE: CVE-2024-20696, CVE-2024-26256 PR: 282047 (exp-run) MFC after: 1 week
bsdjhb
pushed a commit
to bsdjhb/cheribsd
that referenced
this pull request
Jan 28, 2025
Libarchive 3.7.7 Security fixes: CTSRD-CHERI#2158 rpm: calculate huge header sizes correctly CTSRD-CHERI#2160 util: fix out of boundary access in mktemp functions CTSRD-CHERI#2168 uu: stop processing if lines are too long CTSRD-CHERI#2174 lzop: prevent integer overflow CTSRD-CHERI#2172 rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696) CTSRD-CHERI#2175 unzip: unify EOF handling CTSRD-CHERI#2179 rar4: fix out of boundary access with large files CTSRD-CHERI#2203 rar4: fix OOB access with unicode filenames CTSRD-CHERI#2210 rar4: add boundary checks to rgb filter CTSRD-CHERI#2248 rar4: fix OOB in delta filter CTSRD-CHERI#2249 rar4: fix OOB in audio filter CTSRD-CHERI#2256 fix multiple vulnerabilities identified by SAST CTSRD-CHERI#2258 cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing CTSRD-CHERI#2265 rar5: clear 'data ready' cache on window buffer reallocs CTSRD-CHERI#2269 rar4: fix CVE-2024-26256 (CVE-2024-26256) #2330 iso: be more cautious about parsing ISO-9660 timestamps #2343 tar: clean up linkpath between entries #2364 tar: don't crash on truncated tar archives #2366 gzip: prevent a hang when processing a malformed gzip inside a gzip #2377 tar: fix two leaks in tar header parsing Important bugfixes: CTSRD-CHERI#2096 rar5: report encrypted entries CTSRD-CHERI#2150 xar: fix another infinite loop and expat error handling CTSRD-CHERI#2173 shar: check strdup return value CTSRD-CHERI#2161 lha: fix integer truncation on 32-bit systems #2338 tar: fix memory leaks when processing symlinks or parsing pax headers CTSRD-CHERI#2245 7zip: fix issue when skipping first file in 7zip archive that is a multiple of 65536 bytes CTSRD-CHERI#2252 7-zip: read/write symlink paths as UTF-8 CTSRD-CHERI#2259 rar5: don't try to read rediculously long names CTSRD-CHERI#2290 ar: fix archive entries having no type #2360 tar: fix truncation of entry pathnames in specific archives CVE: CVE-2024-20696, CVE-2024-26256 PR: 282047 (exp-run) MFC after: 1 week
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
PR for CI