On Wed, 2022-01-26 at 09:18 -0700, Theo de Raadt wrote:
> > However, as things stand interpretation can be broken with the base
> > tools. I can't fix garbage input.
>
> Your proposal builds a mechanism which encourages making decisions based
> upon parsing garbage input.
So let's just focus on
Hi.
This diff makes use of the new libtls signer api to simplify tls privsep.
Eric.
Index: ca.c
===
RCS file: /cvs/src/usr.sbin/smtpd/ca.c,v
retrieving revision 1.40
diff -u -p -r1.40 ca.c
--- ca.c14 Jun 2021 17:58:15 -
Am Sun, Jan 30, 2022 at 11:40:29AM -0800 schrieb Greg Steuck:
> Greg Steuck writes:
>
> >> I notice people keep sending fixes to problems reported by UBSan. I
> >> wanted to join the club, but the trivial thing listed at
> >> https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html doesn't
>
To add a bit more color, the same problem happens with ports clang from
llvm package:
% pkg_info -I llvm
llvm-13.0.0 modular, fast C/C++/ObjC compiler, static analyzer and tools
% cat a.cc; /usr/local/bin/clang++ -fsanitize=undefined a.cc; ./a.out
int main(int argc, char **argv) {
int
Greg Steuck writes:
>> I notice people keep sending fixes to problems reported by UBSan. I
>> wanted to join the club, but the trivial thing listed at
>> https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html doesn't
>> work:
My confusion is easily resolved. People use UBSan in the kernel
> > - sum += in_cksumdata((caddr_t) , sizeof(ipov));
> > + sum += in_cksumdata((caddr_t) + 8, sizeof(ipov) - 8);
>
> I think this would be clearer with a comment.
Sure, added one.
> Please remove the trailing space that some of the changed lines have.
Ok. Updated patch
In tr(1), we have these two global arrays, "string1" and "string2".
I have a few complaints:
1. They are not strings. They are lookup tables. The names are
misleading.
2. The arguments given to tr(1) in argv[] are indeed called "string1"
and "string2". These are the names used in the
A go program that uses pledge("dns") mostly works except for two
incompatibilities with the way golang's dns library works. Otherwise
pledge("rpath") is required.
1. go likes to stat /etc/hosts to check for changes. I think this is
reasonable behavior. Patch below adds a whitelist to the kernel
This change is OK with me.
The mdns.allow stuff should be fixed by go recognizing that it doesn't
exist in OpenBSD, and not attempting the open.
Ted Unangst wrote:
> A go program that uses pledge("dns") mostly works except for two
> incompatibilities with the way golang's dns library works.
In case somebody hits this, here's a resolved issue: -fno-wrapv is
matters for UBSan coverage.
Confusion starts with:
$ uname -srm; cat a.c && clang -fsanitize=undefined a.c -c -o a.o && nm a.o
OpenBSD 7.0 amd64
int main(int argc, char **argv) {
int k = 0x7fff;
k += argc;
return 0;
}
On Sun, Jan 30, 2022 at 04:46:36PM -0800, Greg Steuck wrote:
> In case somebody hits this, here's a resolved issue: -fno-wrapv is
> matters for UBSan coverage.
>
> Confusion starts with:
>
> $ uname -srm; cat a.c && clang -fsanitize=undefined a.c -c -o a.o && nm a.o
> OpenBSD 7.0 amd64
> int
11 matches
Mail list logo