CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/12/13 00:19:37 Modified files: regress/lib/libcrypto/x509/rfc3779: rfc3779.c Log message: rfc3779: remove redundant const. This is already included in the typedef (yuck) and makes some Windows compilers unhappy.
CVS: cvs.openbsd.org: xenocara
CVSROOT:/cvs Module name:xenocara Changes by: matth...@cvs.openbsd.org2023/12/13 00:04:30 Modified files: xserver/randr : Tag: OPENBSD_7_4 rrproperty.c rrproviderproperty.c Log message: randr: avoid integer truncation in length check of ProcRRChange*Property CVE-2023-6478
CVS: cvs.openbsd.org: xenocara
CVSROOT:/cvs Module name:xenocara Changes by: matth...@cvs.openbsd.org2023/12/13 00:04:00 Modified files: xserver/Xi : Tag: OPENBSD_7_4 exevents.c xserver/dix: Tag: OPENBSD_7_4 devices.c Log message: Xi: allocate enough XkbActions for our buttons CVE-2023-6377
CVS: cvs.openbsd.org: xenocara
CVSROOT:/cvs Module name:xenocara Changes by: matth...@cvs.openbsd.org2023/12/12 23:54:52 Modified files: xserver/randr : Tag: OPENBSD_7_3 rrproperty.c rrproviderproperty.c Log message: randr: avoid integer truncation in length check of ProcRRChange*Property CVE-2023-6478
CVS: cvs.openbsd.org: xenocara
CVSROOT:/cvs Module name:xenocara Changes by: matth...@cvs.openbsd.org2023/12/12 23:50:41 Modified files: xserver/Xi : Tag: OPENBSD_7_3 exevents.c xserver/dix: Tag: OPENBSD_7_3 devices.c Log message: Xi: allocate enough XkbActions for our buttons CVE-2023-6377
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2023/12/12 23:39:10 Modified files: share/man/man9 : ktrace.9 syscall.9 Log message: no more syscall.2;
CVS: cvs.openbsd.org: xenocara
CVSROOT:/cvs Module name:xenocara Changes by: matth...@cvs.openbsd.org2023/12/12 23:34:18 Modified files: xserver/Xi : exevents.c Log message: The previous fix from X.Org was incorrect. This fixes it. Xi: allocate enough XkbActions for our buttons CVE-2023-6377
CVS: cvs.openbsd.org: xenocara
CVSROOT:/cvs Module name:xenocara Changes by: matth...@cvs.openbsd.org2023/12/12 23:21:57 Modified files: xserver/randr : rrproperty.c rrproviderproperty.c Log message: randr: avoid integer truncation in length check of ProcRRChange*Property CVE-2023-6478
CVS: cvs.openbsd.org: xenocara
CVSROOT:/cvs Module name:xenocara Changes by: matth...@cvs.openbsd.org2023/12/12 23:20:16 Modified files: xserver/Xi : exevents.c xserver/dix: devices.c Log message: Xi: allocate enough XkbActions for our buttons CVE-2023-6377
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/12/12 23:00:28 Modified files: regress/lib/libssl/tlsext: tlsexttest.c Log message: tlsexttest: \178 isn't a valid octal escape sequence
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/12/12 22:59:50 Modified files: regress/lib/libcrypto/x509: constraints.c Log message: constraints: \178 isn't a valid octal escape sequence
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/12/12 22:57:37 Modified files: regress/lib/libcrypto/x509: x509_asn1.c Log message: x509_asn1: avoid lookup table that makes some compilers whine
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2023/12/12 20:28:19 Modified files: usr.bin/ssh: sshconnect2.c Log message: when invoking KnownHostsCommand to determine the order of host key algorithms to request, ensure that the hostname passed to the command is decorated with the port number for ports other than 22. This matches the behaviour of KnownHostsCommand when invoked to look up the actual host key. bz3643, ok dtucker@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2023/12/12 19:42:36 Removed files: lib/libc/sys : syscall.2 Log message: actually remove it, pointed out by jsg
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2023/12/12 19:31:15 Modified files: sys/arch/mips64/mips64: trap.c Log message: another syscall(2) removal chunk got lost
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2023/12/12 17:37:42 Modified files: lib/libutil: imsg_init.3 Log message: filedescriptor -> file descriptor
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2023/12/12 16:43:35 Modified files: sys/arch/arm64/arm64: syscall.c sys/arch/sparc64/sparc64: trap.c Log message: two syscall(2) removal chunks got lost
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2023/12/12 15:00:43 Modified files: usr.bin/ftp: main.c Log message: Make -o less special, drop -o '' support, always use last value ftp(1) says -o is about a single file/URL, but option handling takes the empty string as "reset previous -o value", which makes little sense, is undocumented and counter-intuitively works as if no -o was specified. OK millert
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/12/12 13:18:39 Modified files: usr.sbin/snmpd : trap.c Log message: The OID inside snmpTrapOID is of type NOTIFICATION-TYPE, which does not have a zero appended. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mart...@cvs.openbsd.org 2023/12/12 13:15:49 Modified files: usr.sbin/snmpd : application_internal.c Log message: Do a bitter cleanup after the config defined objects on shutdown. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2023/12/12 10:43:10 Modified files: sys/kern : kern_pledge.c Log message: put pinsyscalls(2) into the "always" group
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2023/12/12 10:39:14 Modified files: libexec/ld.so : syscall.h Log message: repair type for 2nd arg of read(2)
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2023/12/12 08:54:18 Modified files: usr.sbin/rpki-client: io.c Log message: io_read_buf() abused the ibuf internal rpos which is no longer allowed. This is now just a simple wrapper around ibuf_get(). OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2023/12/12 08:52:58 Modified files: sbin/iked : imsg_util.c Log message: ibuf_getdata() abuses the rpos from the ibuf. This is no longer allowed and breaks because ibuf_seek() now uses rpos itself. Now this is just ibuf_get_ibuf() with an extra allocation done. OK tobhe@ tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2023/12/12 08:50:39 Modified files: distrib/sets/lists/base: mi distrib/sets/lists/comp: mi Log message: Sync
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2023/12/12 08:49:21 Modified files: lib/libutil: Makefile imsg_init.3 Added files: lib/libutil: ibuf_add.3 Log message: Move ibuf API from imsg_init.3 to ibuf_add.3 Document all new functions added and adjust examples in imsg_init.3 to follow the new way of handling messages. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2023/12/12 08:47:41 Modified files: lib/libutil: Symbols.map imsg-buffer.c imsg.c imsg.h shlib_version Log message: Extend imsg and ibuf API with useful getter methods For ibufs: - various getters for ibufs (ibuf_get* and ibuf_skip) - additional ibuf set/add functions that don't alter byte order - ibuf_truncate and ibuf_rewind - ibuf_from_buffer and ibuf_from_ibuf to populate a reader ibuf - a getter for the msgbuf queuelen For imsg: - various getters for imsg (especially imsg_get_data() which can be used in most cases as a simple one call api with all error checks). All the imsg.hdr fields can also be accessed by getters. - The imsg data is now actually an ibuf but the old imsg.data pointer is kept for now to not break every imsg application. - Introduce imsg_forward to simply forward a message from one channel to an other (used in the control socket code). Since this requires a major bump take the oportunity to also cleanup some function signatures to use size_t for length fields. Also internal data structures are removed from the public header. With and OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2023/12/12 08:44:00 Modified files: libexec/ld.so : loader.c Log message: To avoid kbind(2) becoming a powerful gadget, it is called inline to a function. Therefore we cannot create a precise pinsyscall label. Instead create a duplicate entry (using inline asm) to force the kernel's pinsyscall code to skip validation, rather than labelling it illegal. kbind(2) remains safe because it self-protects by checking its calling address. ok kettenis
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2023/12/12 08:41:47 Modified files: distrib/sets/lists/base: mi Log message: sync
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2023/12/12 08:41:24 Modified files: lib/libc : shlib_version Log message: crank libc major because syscall(2) was removed
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2023/12/12 08:38:15 Modified files: distrib/sets/lists/comp: mi Log message: sync
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2023/12/12 08:32:59 Modified files: sys/sys: syscall.h syscallargs.h sys/kern : init_sysent.c syscalls.c Log message: sync
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2023/12/12 08:30:56 Modified files: sys/kern : kern_ktrace.c syscalls.master sys/sys: ktrace.h syscall_mi.h usr.bin/kdump : kdump.c include: unistd.h lib/libc : Symbols.list lib/libc/hidden: unistd.h lib/libc/sys : Makefile.inc syscall.2 sys/arch/alpha/alpha: trap.c sys/arch/amd64/amd64: locore.S trap.c sys/arch/arm/arm: syscall.c sys/arch/arm64/arm64: syscall.c sys/arch/hppa/hppa: trap.c sys/arch/i386/i386: trap.c sys/arch/m88k/m88k: trap.c sys/arch/mips64/mips64: trap.c sys/arch/powerpc/powerpc: trap.c sys/arch/powerpc64/powerpc64: syscall.c sys/arch/riscv64/riscv64: syscall.c sys/arch/sh/sh : trap.c sys/arch/sparc64/sparc64: trap.c Log message: remove support for syscall(2) -- the "indirection system call" because it is a dangerous alternative entry point for all system calls, and thus incompatible with the precision system call entry point scheme we are heading towards. This has been a 3-year mission: First perl needed a code-generated wrapper to fake syscall(2) as a giant switch table, then all the ports were cleaned with relatively minor fixes, except for "go". "go" required two fixes -- 1) a framework issue with old library versions, and 2) like perl, a fake syscall(2) wrapper to handle ioctl(2) and sysctl(2) because "syscall(SYS_ioctl" occurs all over the place in the "go" ecosystem because the "go developers" are plan9-loving unix-hating folk who tried to build an ecosystem without allowing "ioctl". ok kettenis, jsing, afresh1, sthen
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: m...@cvs.openbsd.org2023/12/12 05:38:52 Modified files: sys/net: if_pflow.c Log message: slyle(9) fix. No functional changes.