Re: ssh: use getservbyname(3) for port numbers

2018-10-04 Thread Theo de Raadt
Darren Tucker  wrote:

> On Sun, 2 Sep 2018 at 03:16, Theo de Raadt  wrote:
> >
> > > Is there a reason ssh doesn't consult services(5) for port numbers?
> >
> > I think I know why but I'm not going to speak about those dark days.
> 
> I would be fine with adding this.  I am not sure what the reasoning
> behind it was (reduce NIS lookups back in the day?)

Yes I think that is the reason it was done.

naddy, that is an ok deraadt



Re: ssh: use getservbyname(3) for port numbers

2018-10-04 Thread Darren Tucker
On Sun, 2 Sep 2018 at 03:16, Theo de Raadt  wrote:
>
> > Is there a reason ssh doesn't consult services(5) for port numbers?
>
> I think I know why but I'm not going to speak about those dark days.

I would be fine with adding this.  I am not sure what the reasoning
behind it was (reduce NIS lookups back in the day?)

-- 
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.



odd condition/test in PF lexer

2018-10-04 Thread Alexandr Nedvedicky
Hello,

a static analyzer we use for Oracle Solaris recently discovered odd
if () test/condition in yylex() here sbin/pfctl/parse.y:

5279 } else if (c == '\\') {
5280 if ((next = lgetc(quotec)) == EOF)
5281 return (0);
5282 if (next == quotec || c == ' ' || c == '\t')
5283 c = next;
5284 else if (next == '\n') {
5285 file->lineno++;
5286 continue;
5287 } else
5288 lungetc(next);

The analyzer thinks the condition at line 5282 should be changed to

5282 if (next == quotec)

because earlier line at 5279 grants the variable c holds backslash,
therefore it can't contain space or tab. The simple change is tempting,
but let's check the history first. That particular line has been
introduced 10+ years ago with commit message as follows:

in the lex... even inside quotes, a \ followed by space or tab should
expand to space or tab, and a \ followed by newline should be ignored
(as a line continuation).  compatible with the needs of hoststated
(which has the most strict quoted string requirements), and ifstated
(where one commonly does line continuations in strings).

Comment above makes me thinking the intended change looks as follows:

5282 if (next == quotec || next == ' ' || next == '\t')

Patch below fixes all yylex() functions I could find using simple

find ./ -name "parse.y"

OK?

thanks and
regards
sashan

8<---8<---8<--8<
diff --git a/sbin/iked/parse.y b/sbin/iked/parse.y
index 112049cdc6a..e3bb32d838e 100644
--- a/sbin/iked/parse.y
+++ b/sbin/iked/parse.y
@@ -1385,7 +1385,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
-   if (next == quotec || c == ' ' || c == '\t')
+   if (next == quotec || next == ' ' ||
+   next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/sbin/ipsecctl/parse.y b/sbin/ipsecctl/parse.y
index 4b8f84704cc..cb1cb0a488b 100644
--- a/sbin/ipsecctl/parse.y
+++ b/sbin/ipsecctl/parse.y
@@ -1182,7 +1182,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
-   if (next == quotec || c == ' ' || c == '\t')
+   if (next == quotec || next == ' ' ||
+   next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
index 0791c9c01d7..69fddacd214 100644
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y
@@ -5279,7 +5279,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
-   if (next == quotec || c == ' ' || c == '\t')
+   if (next == quotec || next == ' ' ||
+   next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/acme-client/parse.y b/usr.sbin/acme-client/parse.y
index bcc8325506a..feffaaee7a0 100644
--- a/usr.sbin/acme-client/parse.y
+++ b/usr.sbin/acme-client/parse.y
@@ -604,7 +604,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return 0;
-   if (next == quotec || c == ' ' || c == '\t')
+   if (next == quotec || next == ' ' ||
+   next == '\t')
c = next;
else if (next == '\n') {
file->lineno++;
diff --git a/usr.sbin/bgpd/parse.y b/usr.sbin/bgpd/parse.y
index 9e2359f31a3..4d9ccc944eb 100644
--- a/usr.sbin/bgpd/parse.y
+++ b/usr.sbin/bgpd/parse.y
@@ -3106,7 +3106,8 @@ top:
} else if (c == '\\') {
if ((next = lgetc(quotec)) == EOF)
return (0);
-   if (next == quotec || c == ' ' || c == '\t')
+   if (next == quotec || next

Re: Garbage-collect the __statement() macro

2018-10-04 Thread Theo de Raadt
It is API/ABI.

But I approve of removing the poison.

Christian Weisgerber  wrote:

> The sys/arch/*/include/endian.h headers were the only place in the
> whole source tree that used __statement(), and they did so to mark
> statement expressions, which are a GNU extension.
> 
> With this single consumer gone, we can garbage-collect the __statement()
> macro itself.  I don't think this usage will come back.
> 
> OK?
> 
> Index: sys/sys/cdefs.h
> ===
> RCS file: /cvs/src/sys/sys/cdefs.h,v
> retrieving revision 1.41
> diff -u -p -r1.41 cdefs.h
> --- sys/sys/cdefs.h   14 Apr 2017 07:22:02 -  1.41
> +++ sys/sys/cdefs.h   2 Oct 2018 20:54:53 -
> @@ -223,12 +223,6 @@
>  #define  __extension__
>  #endif
>  
> -#if __GNUC_PREREQ__(2, 8) || defined(__PCC__)
> -#define __statement(x)   __extension__(x)
> -#else
> -#define __statement(x)   (x)
> -#endif
> -
>  #if __GNUC_PREREQ__(3, 0)
>  #define  __malloc__attribute__((__malloc__))
>  #else
> -- 
> Christian "naddy" Weisgerber  na...@mips.inka.de
> 



Re: do not join node information multicast group

2018-10-04 Thread Klemens Nanni
OK kn



Re: do not join node information multicast group

2018-10-04 Thread Alexander Bluhm
On Thu, Oct 04, 2018 at 08:13:03PM +0200, Florian Obser wrote:
> Benno removed code to answer ICMP queries over 4 years ago.
> Aham Brahmasmi (aham.brahmasmi AT gmx.com) points out
> that we still joine the group though.
> 
> OK?

OK bluhm@

> diff --git in6.c in6.c
> index c09ab1dcd0a..5297c0a1249 100644
> --- in6.c
> +++ in6.c
> @@ -808,19 +808,6 @@ in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq 
> *ifra,
>   goto cleanup;
>   LIST_INSERT_HEAD(&ia6->ia6_memberships, imm, i6mm_chain);
>  
> - /*
> -  * join node information group address
> -  */
> - if (in6_nigroup(ifp, hostname, hostnamelen, &mltaddr) == 0) {
> - imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error);
> - if (!imm) {
> - /* XXX not very fatal, go on... */
> - } else {
> - LIST_INSERT_HEAD(&ia6->ia6_memberships,
> - imm, i6mm_chain);
> - }
> - }
> -
>   /*
>* join interface-local all-nodes address.
>* (ff01::1%ifN, and ff01::%ifN/32)
> diff --git in6_ifattach.c in6_ifattach.c
> index 2f8463e3a47..b6e67a5eee7 100644
> --- in6_ifattach.c
> +++ in6_ifattach.c
> @@ -428,57 +428,6 @@ in6_ifattach_loopback(struct ifnet *ifp)
>   return (in6_update_ifa(ifp, &ifra, NULL));
>  }
>  
> -/*
> - * compute NI group address, based on the current hostname setting.
> - * see draft-ietf-ipngwg-icmp-name-lookup-* (04 and later).
> - *
> - * when ifp == NULL, the caller is responsible for filling scopeid.
> - */
> -int
> -in6_nigroup(struct ifnet *ifp, const char *name, int namelen,
> -struct sockaddr_in6 *sa6)
> -{
> - const char *p;
> - u_int8_t *q;
> - SHA2_CTX ctx;
> - u_int8_t digest[SHA512_DIGEST_LENGTH];
> - u_int8_t l;
> - u_int8_t n[64]; /* a single label must not exceed 63 chars */
> -
> - if (!namelen || !name)
> - return -1;
> -
> - p = name;
> - while (p && *p && *p != '.' && p - name < namelen)
> - p++;
> - if (p - name > sizeof(n) - 1)
> - return -1;  /* label too long */
> - l = p - name;
> - strncpy((char *)n, name, l);
> - n[(int)l] = '\0';
> - for (q = n; *q; q++) {
> - if ('A' <= *q && *q <= 'Z')
> - *q = *q - 'A' + 'a';
> - }
> -
> - /* generate 8 bytes of pseudo-random value. */
> - SHA512Init(&ctx);
> - SHA512Update(&ctx, &l, sizeof(l));
> - SHA512Update(&ctx, n, l);
> - SHA512Final(digest, &ctx);
> -
> - bzero(sa6, sizeof(*sa6));
> - sa6->sin6_family = AF_INET6;
> - sa6->sin6_len = sizeof(*sa6);
> - sa6->sin6_addr.s6_addr16[0] = htons(0xff02);
> - sa6->sin6_addr.s6_addr16[1] = htons(ifp->if_index);
> - sa6->sin6_addr.s6_addr8[11] = 2;
> - memcpy(&sa6->sin6_addr.s6_addr32[3], digest,
> - sizeof(sa6->sin6_addr.s6_addr32[3]));
> -
> - return 0;
> -}
> -
>  /*
>   * XXX multiple loopback interface needs more care.  for instance,
>   * nodelocal address needs to be configured onto only one of them.
> diff --git in6_ifattach.h in6_ifattach.h
> index 0f54b457de9..525cc365ffe 100644
> --- in6_ifattach.h
> +++ in6_ifattach.h
> @@ -36,7 +36,6 @@
>  #ifdef _KERNEL
>  int in6_ifattach(struct ifnet *);
>  void in6_ifdetach(struct ifnet *);
> -int in6_nigroup(struct ifnet *, const char *, int, struct sockaddr_in6 *);
>  int in6_ifattach_linklocal(struct ifnet *, struct in6_addr *);
>  void in6_soiiupdate(struct ifnet *);
>  #endif /* _KERNEL */
> 
> 
> -- 
> I'm not entirely sure you are real.



Re: pf: honor quick on anchor rules

2018-10-04 Thread Klemens Nanni
I just committed the fix, thanks.



Garbage-collect the __statement() macro

2018-10-04 Thread Christian Weisgerber
The sys/arch/*/include/endian.h headers were the only place in the
whole source tree that used __statement(), and they did so to mark
statement expressions, which are a GNU extension.

With this single consumer gone, we can garbage-collect the __statement()
macro itself.  I don't think this usage will come back.

OK?

Index: sys/sys/cdefs.h
===
RCS file: /cvs/src/sys/sys/cdefs.h,v
retrieving revision 1.41
diff -u -p -r1.41 cdefs.h
--- sys/sys/cdefs.h 14 Apr 2017 07:22:02 -  1.41
+++ sys/sys/cdefs.h 2 Oct 2018 20:54:53 -
@@ -223,12 +223,6 @@
 #define__extension__
 #endif
 
-#if __GNUC_PREREQ__(2, 8) || defined(__PCC__)
-#define __statement(x) __extension__(x)
-#else
-#define __statement(x) (x)
-#endif
-
 #if __GNUC_PREREQ__(3, 0)
 #define__malloc__attribute__((__malloc__))
 #else
-- 
Christian "naddy" Weisgerber  na...@mips.inka.de



do not join node information multicast group

2018-10-04 Thread Florian Obser
Benno removed code to answer ICMP queries over 4 years ago.
Aham Brahmasmi (aham.brahmasmi AT gmx.com) points out
that we still joine the group though.

OK?

diff --git in6.c in6.c
index c09ab1dcd0a..5297c0a1249 100644
--- in6.c
+++ in6.c
@@ -808,19 +808,6 @@ in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq 
*ifra,
goto cleanup;
LIST_INSERT_HEAD(&ia6->ia6_memberships, imm, i6mm_chain);
 
-   /*
-* join node information group address
-*/
-   if (in6_nigroup(ifp, hostname, hostnamelen, &mltaddr) == 0) {
-   imm = in6_joingroup(ifp, &mltaddr.sin6_addr, &error);
-   if (!imm) {
-   /* XXX not very fatal, go on... */
-   } else {
-   LIST_INSERT_HEAD(&ia6->ia6_memberships,
-   imm, i6mm_chain);
-   }
-   }
-
/*
 * join interface-local all-nodes address.
 * (ff01::1%ifN, and ff01::%ifN/32)
diff --git in6_ifattach.c in6_ifattach.c
index 2f8463e3a47..b6e67a5eee7 100644
--- in6_ifattach.c
+++ in6_ifattach.c
@@ -428,57 +428,6 @@ in6_ifattach_loopback(struct ifnet *ifp)
return (in6_update_ifa(ifp, &ifra, NULL));
 }
 
-/*
- * compute NI group address, based on the current hostname setting.
- * see draft-ietf-ipngwg-icmp-name-lookup-* (04 and later).
- *
- * when ifp == NULL, the caller is responsible for filling scopeid.
- */
-int
-in6_nigroup(struct ifnet *ifp, const char *name, int namelen,
-struct sockaddr_in6 *sa6)
-{
-   const char *p;
-   u_int8_t *q;
-   SHA2_CTX ctx;
-   u_int8_t digest[SHA512_DIGEST_LENGTH];
-   u_int8_t l;
-   u_int8_t n[64]; /* a single label must not exceed 63 chars */
-
-   if (!namelen || !name)
-   return -1;
-
-   p = name;
-   while (p && *p && *p != '.' && p - name < namelen)
-   p++;
-   if (p - name > sizeof(n) - 1)
-   return -1;  /* label too long */
-   l = p - name;
-   strncpy((char *)n, name, l);
-   n[(int)l] = '\0';
-   for (q = n; *q; q++) {
-   if ('A' <= *q && *q <= 'Z')
-   *q = *q - 'A' + 'a';
-   }
-
-   /* generate 8 bytes of pseudo-random value. */
-   SHA512Init(&ctx);
-   SHA512Update(&ctx, &l, sizeof(l));
-   SHA512Update(&ctx, n, l);
-   SHA512Final(digest, &ctx);
-
-   bzero(sa6, sizeof(*sa6));
-   sa6->sin6_family = AF_INET6;
-   sa6->sin6_len = sizeof(*sa6);
-   sa6->sin6_addr.s6_addr16[0] = htons(0xff02);
-   sa6->sin6_addr.s6_addr16[1] = htons(ifp->if_index);
-   sa6->sin6_addr.s6_addr8[11] = 2;
-   memcpy(&sa6->sin6_addr.s6_addr32[3], digest,
-   sizeof(sa6->sin6_addr.s6_addr32[3]));
-
-   return 0;
-}
-
 /*
  * XXX multiple loopback interface needs more care.  for instance,
  * nodelocal address needs to be configured onto only one of them.
diff --git in6_ifattach.h in6_ifattach.h
index 0f54b457de9..525cc365ffe 100644
--- in6_ifattach.h
+++ in6_ifattach.h
@@ -36,7 +36,6 @@
 #ifdef _KERNEL
 int in6_ifattach(struct ifnet *);
 void in6_ifdetach(struct ifnet *);
-int in6_nigroup(struct ifnet *, const char *, int, struct sockaddr_in6 *);
 int in6_ifattach_linklocal(struct ifnet *, struct in6_addr *);
 void in6_soiiupdate(struct ifnet *);
 #endif /* _KERNEL */


-- 
I'm not entirely sure you are real.



Re: [vi] moving by sentences is inconsistent

2018-10-04 Thread Theo de Raadt
Could be defacto standardized.  You need to compare the past.

Your finger memory has surely discovered this fairly recently.  Messing
with older people's finger memory is a very dangerous proposition.

So go do the work of discovering where there are divergences, and where/
when they occured.

Nils Reuße  wrote:

> Hi,
> 
> there is a flaw in base vi when moving by sentences, going forward is not
> equal to going backward.  Here's what man vi says:
> 
>   [count] (
>   [count] )
> Move count sentences backward or forward, respectively.  A
> sentence is an area of text that begins with the first nonblank
> character following the previous sentence, paragraph, or section
> boundary and continues until the next period, exclamation mark,
> or question mark character, followed by any number of closing
> parentheses, brackets, double or single quote characters,
> followed by either an end-of-line or two whitespace characters.
>  ^^
> Groups of empty lines (or lines containing only whitespace
> characters) are treated as a single sentence.
> 
> Going forward a sentence follows this rule, but going backwards stops at
> a single space before a punctuation mark.
> 
> Here's an example:
> 
> A sentence.  A sentence containing !, ? and .  A third sentence!
> )) )
> ((  (  (
> 
> When the double spaces are condensed to one, the whole line is regarded as
> one large sentence going forward, but the same pattern as above is shown when
> going backwards.
> 
> 
> With skippable characters, it is even more different:
> 
> A sentence.  A sentence containing [!'], '?' and .  A third sentence!
> ))  )
> (( ( (  (
> 
> Again, with single spaces, the whole line is regarded as one going forwards,
> and the same behavior as above is shown when going backwards.
> 
> 
> Now, before doing any work, is there even any interest in fixing this, i.e. 
> that moving for- and backwards produce the same results?  If so, which 
> behavior 
> is desired?
> 
> -- Nils
> 



Re: pf: honor quick on anchor rules

2018-10-04 Thread Alexandr Nedvedicky
Hi Klemens,




> > > Do i misread the manpage somehow?
> > No, this is a bug.
> Allow me a bit of rubber ducking to explain this bug and ease review:
> 
> The kernel evaluates the ruleset pretty much like we read it: Down to
> bottom until quick appears or an error occurs in which case we stop
> evaluating. That is, packets are tested against each rule which yields
> either of OK, QUICK, FAIL.
> 
> `anchor quick' means "evaluate the rules inside but stop after that".
> According to the procedure explained above, an anchor rule's test status
> is the result of its contained ruleset:
> 
> sys/net/pf.c
> 3130  rv = pf_match_rule(ctx, &r->anchor->ruleset);
> 
> While this approach is valid for other type of rules, it overwrites the
> anchor rule's *own* QUICK test result such that it has no effect at all.
> To fix this, simply pass it along except when there was an error so we
> do not clobber it (and make the same mistake again).
> 
> 
> Feedback? OK?

thank you for cleaning up the mess I did create long time ago.
I agree with your change.

OK sashan



Re: lldb: build and install

2018-10-04 Thread Mark Kettenis
> Date: Wed, 3 Oct 2018 15:34:44 +0200 (CEST)
> From: Mark Kettenis 
> 
> > So I'd go ahead and commit tomorrow or so if there are no further
> > objections.
> 
> Building on armv7 and arm64 right now.  Will take a while...

Builds fine on armv7 and arm64.  I can inspect core dumps on armv7,
but on arm64 things don't work.  I'll see if I can figure out why...

Anyway, I think you can go ahead with this.



patch for PPPoE peers sending MPLS config

2018-10-04 Thread detha

Hi,

I have a 6.3-STABLE connecting to an ISP using PPPoE. ISP replaced the 
router on their end with some latest MikroTik, and things stopped working.


Problem appeared to be that the other end sent both an IPCP Conf.Request 
and an MPLSCP Conf.Request, when OpenBSD saw the MPLSCP it did not 
recognize it, and terminated the session.


Attached a patch (against 6.3 stable) to ignore MPLSCP, which made 
things work again.


detha

Index: sys/net/if_spppsubr.c
===
RCS file: /cvs/src/sys/net/if_spppsubr.c,v
retrieving revision 1.174
diff -u -p -r1.174 if_spppsubr.c
--- sys/net/if_spppsubr.c	19 Feb 2018 08:59:52 -	1.174
+++ sys/net/if_spppsubr.c	4 Oct 2018 10:39:12 -
@@ -107,6 +107,7 @@
 #define PPP_PAP		0xc023		/* Password Authentication Protocol */
 #define PPP_CHAP	0xc223		/* Challenge-Handshake Auth Protocol */
 #define PPP_IPCP	0x8021		/* Internet Protocol Control Protocol */
+#define PPP_MPLSCP	0x8281		/* MPLS Control Protocol */
 #define PPP_IPV6CP	0x8057		/* IPv6 Control Protocol */
 
 #define CONF_REQ	1		/* PPP configure request */
@@ -496,6 +497,14 @@ sppp_input(struct ifnet *ifp, struct mbu
 		case PPP_IPCP:
 			if (sp->pp_phase == PHASE_NETWORK)
 sppp_cp_input(&ipcp, sp, m);
+			m_freem (m);
+			return;
+		case PPP_MPLSCP:
+			if (debug)
+log(LOG_DEBUG,
+SPP_FMT "MPLSCP, ignoring\n",
+SPP_ARGS(ifp)
+);
 			m_freem (m);
 			return;
 		case PPP_IP:


wdc polling lead to unclean fs and panics

2018-10-04 Thread Moritz Buhl
Hi,

when rebooting a PowerBook G4, the kernel sometimes paniced while
detaching the disk.
Additionallly, during boot it was noted that / is not clean.
The following patch special cases polling to not return early anymore
and adds polling to all previous elements in the queue.
Please tell me if this is not the right way to address the problem.

Thanks,
mbuhl

Index: dev/ic/wdc.c
===
RCS file: /cvs/src/sys/dev/ic/wdc.c,v
retrieving revision 1.134
diff -u -p -r1.134 wdc.c
--- dev/ic/wdc.c30 Dec 2017 23:08:29 -  1.134
+++ dev/ic/wdc.c2 Oct 2018 14:01:04 -
@@ -888,7 +888,8 @@ wdcstart(struct channel_softc *chp)
/* adjust chp, in case we have a shared queue */
chp = xfer->chp;
 
-   if ((chp->ch_flags & WDCF_ACTIVE) != 0 ) {
+   if ((chp->ch_flags & WDCF_ACTIVE) != 0 &&
+   (xfer->c_flags & C_POLL) == 0) {
return; /* channel already active */
}
 #ifdef DIAGNOSTIC
@@ -1905,6 +1906,7 @@ wdccommandshort(struct channel_softc *ch
 void
 wdc_exec_xfer(struct channel_softc *chp, struct wdc_xfer *xfer)
 {
+   struct wdc_xfer *iter;
WDCDEBUG_PRINT(("wdc_exec_xfer %p flags 0x%x channel %d drive %d\n",
xfer, xfer->c_flags, chp->channel, xfer->drive), DEBUG_XFERS);
 
@@ -1918,7 +1920,8 @@ wdc_exec_xfer(struct channel_softc *chp,
 */
if ((xfer->c_flags & C_POLL) != 0 &&
!TAILQ_EMPTY(&chp->ch_queue->sc_xfer)) {
-   TAILQ_INIT(&chp->ch_queue->sc_xfer);
+   TAILQ_FOREACH(iter, &chp->ch_queue->sc_xfer, c_xferchain) 
+   iter->c_flags |= C_POLL;
}
/* insert at the end of command list */
TAILQ_INSERT_TAIL(&chp->ch_queue->sc_xfer,xfer , c_xferchain);



Re: update magic file for qcow

2018-10-04 Thread Nicholas Marriott
This looks OK and is probably the easiest thing to do.

Note that string/b does not have the same meaning for us because in
original file some eejit decided to change "b" to "w" and then use "b"
to mean something else, but I think it is harmless here.

They have split this out into a "virtual" file which looks fine, and
extended "msdos" which I think is alright too although it might need
some tweaks. So bringing those both in would be an option instead.





On Wed, Oct 03, 2018 at 08:37:10PM -0700, Carlos Cardenas wrote:
> Attached is patch from netbsd for updated qcow definitions.
> 
> Comments? Ok?
> 
> +--+
> Carlos

> Index: msdos
> ===
> RCS file: /home/los/cvs/src/usr.bin/file/magdir/msdos,v
> retrieving revision 1.6
> diff -u -p -r1.6 msdos
> --- msdos 29 Jan 2016 11:50:40 -  1.6
> +++ msdos 3 Oct 2018 05:25:21 -
> @@ -641,43 +641,77 @@
>  #
>  # Qemu Emulator Images
>  # Lines written by Friedrich Schwittay (f.schwit...@yousable.de)
> -# Made by reading sources and doing trial and error on existing
> -# qcow files
> -0   string  QFI Qemu Image, Format: Qcow
> +# Updated by Adam Buchbinder (adam.buchbin...@gmail.com)
> +# Made by reading sources, reading documentation, and doing trial and error
> +# on existing QCOW files
> +0string/bQFI\xFB QEMU QCOW Image
>  
>  # Uncomment the following line to display Magic (only used for debugging
>  # this magic number)
> -#>0 string  x   , Magic: %s
> +#>0  string/bx   , Magic: %s
>  
> -# There are currently 2 Versions: "1" and "2"
> -# I do not use Version 2 and therefore branch here
> -# but can assure: it works (tested on both versions)
> -# Also my Qemu 0.9.0 which uses this Version 2 refuses
> -# to start in its bios
> ->0x04   belong  2   , Version: 2
> ->0x04   belong  1   , Version: 1
> +# There are currently 2 Versions: "1" and "2".
> +# http://www.gnome.org/~markmc/qcow-image-format-version-1.html
> +>4   belong  1   (v1)
>  
> -# Using the existence of the Backing File Offset to Branch or not
> +# Using the existence of the Backing File Offset to determine whether
>  # to read Backing File Information
> ->>0xcbelong  >0  , Backing File( Offset: %lu
> ->>>(0xc.L)   string >\0 , Path: %s
> -
> -# Didn't get the trick here how qemu stores the "Size" at this Position
> -# There is actually something stored but nothing makes sense
> -# The header in the sources talks about it
> -#>>>16   lelong  x   , Size: %lu
> +>>12 belong   >0  \b, has backing file (
> +# Note that this isn't a null-terminated string; the length is actually
> +# (16.L). Assuming a null-terminated string happens to work usually, but it
> +# may spew junk until it reaches a \0 in some cases.
> +>>>(12.L) string >\0 \bpath %s
>  
>  # Modification time of the Backing File
>  # Really useful if you want to know if your backing
>  # file is still usable together with this image
> ->>>20bedate x   , Mtime: %s )
> +20   bedate >0   \b, mtime %s)
> +20   default x   \b)
> +
> +# Size is stored in bytes in a big-endian u64.
> +>>24 bequad  x\b, %lld bytes
>  
> -# Don't know how to calculate in Magicfiles
> -# Also: this Information is not reliably
> -#   stored in image-files
> ->>24 lelong  x   , Disk Size could be: %d * 256 bytes
> +# 1 for AES encryption, 0 for none.
> +>>36 belong  1   \b, AES-encrypted
>  
> -0string  QEVMQEMU's suspend to disk image
> +# http://www.gnome.org/~markmc/qcow-image-format.html
> +>4   belong  2   (v2)
> +# Using the existence of the Backing File Offset to determine whether
> +# to read Backing File Information
> +>>8  bequad  >0   \b, has backing file
> +# Note that this isn't a null-terminated string; the length is actually
> +# (16.L). Assuming a null-terminated string happens to work usually, but it
> +# may spew junk until it reaches a \0 in some cases. Also, since there's no
> +# .Q modifier, we just use the bottom four bytes as an offset. Note that if
> +# the file is over 4G, and the backing file path is stored after the first 
> 4G,
> +# the wrong filename will be printed. (This should be (8.Q), when that syntax
> +# is introduced.)
> +>>>(12.L) string >\0 (path %s)
> +>>24 bequad  x   \b, %lld bytes
> +>>32 belong  1   \b, AES-encrypted
> +
> +>4   belong  3   (v3)
> +# Using the existence of the Backing File Offset to determine whether
> +# to read Backing File Information
> +>>8  bequad  >0   \b, has backing file
> +# Note that this isn't a null-terminated string; the length is actually
> +# (16.L). Assuming a null-terminated string happens to work usually, but it
> +# may spew junk until it reaches a \0 in some cases. Also, since there's no
> +# .Q modifier, we just use the bottom four bytes as an offset. Not

Re: csh: memory leak in setDolp()

2018-10-04 Thread Michael Mikonos
BTW the leak happens when a pattern in variable modifier s///
is not found.

 $ set a="test"
 $ echo $a:s/badpattern//
 test

Any objections if I commit this?

On Thu, Sep 20, 2018 at 12:30:05PM +0800, Michael Mikonos wrote:
> Hello,
> 
> In setDolp() pointers cp and dp initially point to the same
> copied string, but later dp can become NULL if Strstr() finds
> no match. The copied string is not freed in this case.
> NetBSD added this fix in their dol.c revision 1.23 (2006).
> OK?
> 
> - Michael
> 
>  
> Index: dol.c
> ===
> RCS file: /cvs/src/bin/csh/dol.c,v
> retrieving revision 1.24
> diff -u -p -u -r1.24 dol.c
> --- dol.c 18 Sep 2018 06:56:09 -  1.24
> +++ dol.c 20 Sep 2018 04:14:37 -
> @@ -766,8 +766,10 @@ setDolp(Char *cp)
>   addla(dp);
>   free(dp);
>  }
> -else
> +else {
>   addla(cp);
> + free(cp);
> +}
>  
>  dolp = STRNULL;
>  if (seterr)