CVS: cvs.openbsd.org: xenocara
CVSROOT:/cvs Module name:xenocara Changes by: matth...@cvs.openbsd.org2022/03/23 00:42:11 Modified files: . : MODULES Log message: remove app/xdm from the list.
CVS: cvs.openbsd.org: xenocara
CVSROOT:/cvs Module name:xenocara Changes by: matth...@cvs.openbsd.org2022/03/23 00:31:26 Modified files: . : MODULES Log message: Add twm(1) to the list of possible removals
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2022/03/22 20:18:22 Modified files: usr.bin/su : su.c Log message: Now that libc setusercontext() handling of setrtable is repaired, su(8) can set LOGIN_SETRTABLE once again. ok millert
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bl...@cvs.openbsd.org 2022/03/22 18:16:07 Modified files: sys/netinet6 : raw_ip6.c Log message: For raw IPv6 packets rip6_input() traverses the loop of all PCBs. >From there it calls sbappendaddr() while holding the raw6 table mutex. This ends in sorwakeup() where we finally grab the kernel lock while holding a mutex. Witness detects this misuse. Use the same solution as for PCB notify. Collect the affected PCBs in a temporary list. The list is protected by exclusive net lock. Reported-by: syzbot+5b2679ee9be0895d2...@syzkaller.appspotmail.com OK claudio@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bl...@cvs.openbsd.org 2022/03/22 16:58:00 Modified files: usr.sbin/syslogd: evbuffer_tls.c Log message: Call tls_close() in libevent TLS wrapper of syslogd when the other side terminates the TLS connection. It results in a proper shutdown and the TLS peer has a chance to detect errors. This is expecially important for the client side. Due to the reduced TLS 1.3 handshake, errors might be undetected and log messages dropped silently. By doing a matching TLS shutdown on his side, the client can receive the error. Instead of checking socket writability and calling tls_close() repeatedly, syslogd calls it only once. As the other side has closed the connection anyway it is our turn to write the shutdown message. Do not care about errors here and avoid complexity. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2022/03/22 14:36:49 Modified files: usr.bin/doas : doas.c parse.y Log message: minor KNF cleanups during a re-read
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bl...@cvs.openbsd.org 2022/03/22 12:27:22 Modified files: sys/netinet6 : raw_ip6.c Log message: Extract the type from the ICMP6 header before looping over Raw IPv6 PCBs. This make mutex and error handling easier. OK claudio@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bl...@cvs.openbsd.org 2022/03/22 12:17:30 Modified files: sys/netinet: raw_ip.c Log message: For raw IP packets rip_input() traverses the loop of all PCBs. From there it calls sbappendaddr() while holding the raw table mutex. This ends in sorwakeup() where we finally grab the kernel lock while holding a mutex. Witness detects this misuse. Use the same solution as for PCB notify. Collect the affected PCBs in a temporary list. The list is protected by exclusive net lock. syzbot+ebe3f03a472fecf5e...@syzkaller.appspotmail.com OK claudio@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bl...@cvs.openbsd.org 2022/03/22 12:02:54 Modified files: sys/netinet: in_pcb.c Log message: Fix whitespace.
Re: CVS: cvs.openbsd.org: src
On 2022-03-21 10:25 -06, Florian Obser wrote: > CVSROOT: /cvs > Module name: src > Changes by: flor...@cvs.openbsd.org 2022/03/21 10:25:47 > > Modified files: > sbin/slaacd: engine.c frontend.c slaacd.h > usr.sbin/slaacctl: slaacctl.c > > Log message: > Prevent crash of unprivileged engine process (pledged stdio). > > The length field of a DNS label in the DNS search list option is an 8 > bit unsigned value. parse_dnssl() treats the search list option as an > array of char, which are signed on most archs. When we read this value > into an int variable it gets sign extended, allowing it to bypass > sanity checks and eventually we pass it as the length to memcpy which > treats it as a huge unsigned value leading to a heap overflow. > > An easy fix would be change the signature of parse_dnssl to > parse_dnssl(uint8_t* data, int datalen). > > However, the DNS search list option is unused and the function fails > to check if the parsed value is a valid domain name. The function is > also getting in the way of future work so it's best to just delete it. > > The problem was found and reported by qualys, thanks! > > OK bluhm > Unfortunately there was a misunderstanding, this problem was found and reported by Francisco Falcon of Quarkslab. I'm very sorry for the misattribution.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2022/03/22 10:29:58 Modified files: sys/scsi : scsiconf.c Log message: Nuke increasingly pointless comment. Shorten a line and compare pointer to NULL instead of 0. No functional change.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: kette...@cvs.openbsd.org2022/03/22 09:38:27 Modified files: distrib/arm64/ramdisk: install.md Log message: Polish the bits that copy the firmware in place on Apple systems a bit more. This mostly adds some checks to make sure that if for some reason the firmware files aren't present on the EFI System Partition the users doesn't see several error messages. ok deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2022/03/22 04:57:08 Modified files: regress/usr.sbin/bgpd/unittests: rde_decide_test.c Log message: Adjust test after the change to TAILQ in struct prefix.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2022/03/22 04:53:08 Modified files: usr.sbin/bgpd : mrt.c rde.c rde.h rde_decide.c rde_peer.c rde_rib.c rde_update.c Log message: Switch from a LIST to TAILQ for the structure to store prefixes on a rib_entry. Mostly mechanical, this simplifies prefix_insert() and prefix_remove() since the redo queue can now just use TAILQ_INSERT_TAIL(). rde_softreconfig_sync_reeval() needs to use TAILQ_CONCAT() to move the list of prefixes over to the local TAILQ_HEAD to reapply them later. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: kette...@cvs.openbsd.org2022/03/22 04:33:50 Modified files: sys/arch/riscv64/stand/efiboot: efiboot.c Log message: Copy the FDT into a larger buffer such that we have space to add additional nodes and properties to it like we do on arm64 and armv7. ok patrick@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: kette...@cvs.openbsd.org2022/03/22 04:32:10 Modified files: sys/arch/armv7/stand/efiboot: efiboot.c Log message: After copying the FDT into a new larger buffer, adjust the FDT size to reflect the size of the new buffer like we do on arm64. ok patrick@
