CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/09/18 11:05:50 Modified files: usr.sbin/zic : zic.8 zic.c Log message: zic: cherrypick support for %z in time zone formats This extends the zic input format to add support for %z, which expands to a UTC offset in as-short-as-possible ISO 8601 format. It's intended to better support zones that do not have an established abbreviation already. tzdata2024b and higher require a version of zic that supports the %z format. From upstream tzcode. OK beck@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/08/28 08:32:02 Modified files: regress/usr.bin/sed: Makefile Added files: regress/usr.bin/sed: commandD2.expected commandD2.sed Log message: Add test for for the case where the pattern space is empty but does not start with a NUL character, which might occur after using the D command.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/08/28 08:30:26 Modified files: usr.bin/sed: process.c Log message: Fix the case where the pattern space is empty but does not start with a NUL character, which might occur after using the D command. >From Mohamed Akram
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/08/22 18:58:04 Modified files: usr.sbin/cron : entry.c Log message: cron: use strtonum() and tighter limits on step values Using strtonum() instead of atoi() gives us an extra layer of bounds checking for free while parsing an entry. This is in addition to the existing bounds checking in set_range(). The step value is now limited to the maximum range for an entry. If the field consists of a range, the step must not be larger than the difference between the high and low parts of the range. OK deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/08/22 18:43:34 Modified files: usr.sbin/pppd : main.c Log message: Change SIGCHLD handler to just set a flag. We already call reap_kids() in multiple event loops so there is no need to call waitpid() inside the handler itself. OK denis@ deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/08/19 09:08:21 Modified files: usr.sbin/cron : entry.c Log message: Fix CVE-2024-43688, buffer underflow for very large step values In get_number(), reject values that are so large that they are interpreted as negative numbers. In set_range(), step values smaller than one or larger than the "stop" value are ignored. This prevents bit_nset() from being called with out-of-range values. Bug found by Dave G. of Supernetworks.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/08/03 16:23:32 Modified files: usr.sbin/makefs: cd9660.c Log message: Set system ID field in the PVD to OpenBSD This matches what we use in mkybrid. From Crystal Kolipe.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/08/03 16:00:31 Modified files: usr.bin/skey : skey.c Log message: The maximum count is SKEY_MAX_SEQ + 1 not SKEY_MAX_SEQ - 1. Sequence numbers are in the range [0, SKEY_MAX_SEQ] inclusive. This means the maximum value for the -n option (count) should be SKEY_MAX_SEQ + 1. From Denis Bodor.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/08/03 15:12:16 Modified files: usr.bin/awk: FIXES b.c lib.c main.c Log message: Update awk to the July 28, 2024 version. * Fixed readcsvrec resize segfault when reading csv records longer than 8k. * Rewrite if-else chain in quoted as a switch.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/07/28 13:13:26 Modified files: usr.sbin/pwd_mkdb: pwd_mkdb.c Log message: pwd_mkdb: limit db entries to _PW_BUF_LEN to match libc Otherwise, it is possible to create a passwd(5) entry that is too large for getpwent(3), which ignores database entries larger than _PW_BUF_LEN. This adds a check in db_store() so that we do not store an entry larger than getpwent(3) can read. Callers of pwd_mkdb(8), typically via pw_mkdb(3), already check for failure. In most cases, the checks in chpass(1) will prevent a user from creating an entry that is too large by changing their gecos field. However, it is only when storing the db record that we know the true size. OK deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/07/18 09:38:57 Modified files: lib/libc/sys : link.2 Log message: The source of a link (name1) may not be a directory. POSIX says this is implementation-dependent; OpenBSD does not allow it. OK guenther@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/07/17 14:57:16 Modified files: usr.bin/sed: compile.c defs.h extern.h main.c misc.c process.c Log message: sed: use warn()/err() where appropriate Use warn()/err() instead of sed's homegrown warning()/error() for things other than parser problems. The warning()/error() functions display the file and line number in addition to the error message. This also removes of the COMPILE/FATAL argument to error() since now all calls to error() are for compilation/parsing issues. OK op@ espie@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/07/16 21:05:19 Modified files: usr.bin/sed: main.c Log message: Display an error message for "sed -i" if the file is unwritable Previously, sed would fail silently if it was unable to move the temporary file into place. Also allow "sed -i" on symbolic link--the link will be broken but this matches GNU sed behavior. From espie@ OK op@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/07/14 07:31:50 Modified files: lib/libc/stdio : vfprintf.c Log message: Fix printf(3) signal safety for wide character strings. The %ls (wide char string) support in printf(3) currently uses malloc(3), which violates the promise in in sigaction(2). This makes it use mmap(2) instead. OK deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/06/17 20:11:04 Modified files: usr.bin/make : buf.c compat.c error.c job.c main.c make.c parse.c parsevar.c targ.c targequiv.c var.c varmodifiers.c Log message: Quiet compiler warnings when built with WARNINGS=Yes Most are from functions that take no args but used the old K&R style foo() instead of foo(void). From espie@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/06/17 18:32:22 Modified files: usr.bin/sed: compile.c extern.h main.c process.c Log message: Rename mf_fgets() and cu_fgets() to mf_getline() and cu_getline(). These functions now use getline(), not fgets(). From espie@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/06/04 08:40:46 Modified files: usr.bin/awk: run.c Log message: Avoid unnecessary string traversals in u8_isutf() and substr(). For u8_isutf() the conditionals already ensure that a NUL byte won't match. For substr() we can use the byte offset of 'm' to avoid re-scanning the initial part of the string. From Jonas Bechtel.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/06/02 18:58:04 Modified files: usr.bin/awk: FIXES FIXES.1e README.md awk.h lex.c main.c proto.h Log message: Spelling fixes and removal of unneeded prototypes and extern. >From jsg@ via upstream.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/06/02 18:55:05 Modified files: usr.bin/awk: Makefile b.c lex.c lib.c proto.h run.c tran.c Log message: Build with WARNINGS=Yes and fix resulting warnings.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/05/10 14:28:31 Modified files: bin/pax: options.c Log message: pax: make list file handle line-buffered unless it is stderr. This fixes a problem where the file list output was fully-buffered when used as part of a pipeline. With this change, files are listed as they are extracted in verbose mode. OK deraadt@ guenther@
Re: CVS: cvs.openbsd.org: src
Argh, sorry. I'm not sure how that got missed. - todd
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/05/04 16:59:21 Modified files: usr.bin/awk: FIXES b.c lib.c main.c run.c tran.c Log message: Update awk to the May 4, 2024 version. Fixes a use-after-free bug with ARGV for "delete ARGV".
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/04/28 08:28:02 Modified files: lib/libc/stdio : fvwrite.c Log message: __sfvwrite: allow writing buffers larger than BUFSIZ or st_blksize. This can vastly improve write performance. For unbuffered writes, we now write up to INT_MAX instead of BUFSIZE. For buffered writes, write the largest multiple of the buffer size (which may be st_blksize). >From Apple via enh at google. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/04/25 12:33:53 Modified files: usr.bin/awk: FIXES README.md b.c main.c run.c Log message: Update awk to the Apr 22, 2024 version. * fixed regex engine gototab reallocation issue that was introduced during the Nov 24 rewrite. * fixed use-after-free bug in fnematch due to adjbuf invalidating the pointers to buf.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/04/22 08:20:35 Modified files: usr.bin/newsyslog: newsyslog.c Log message: newsyslog: allow the F flag to be used on its own. Fixes a conditional that lacked a check for 'F' or 'f'. >From Alvar Penning.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/04/12 08:10:28 Modified files: lib/libcurses/tinfo: read_entry.c Log message: Avoid snprintf() of NULL when _nc_get_source() returns NULL. The filename buffer is not actually used in this case but it is safer to set it to the empty string than to leave it uninitialized. OK tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/04/03 20:20:01 Modified files: lib/libc/time : localtime.c Log message: tzset_basic: only call issetugid(2) if TZ has changed If we are just going to return without parsing TZ, there is no need to call issetugid(2) first. We only need to call issetugid(2) the first time TZ is checked or when the value of TZ has changed. Previously, we called issetugid(2) for every call to the functions described by localtime(3). OK deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/04/01 15:09:44 Modified files: libexec/spamd : spamd.c Log message: Advertise SMTPUTF8 and 8BITMIME extensions in EHLO. Fixes potential interoperability issues when the real MTA supports those extensions. From Arnt Gulbrandsen, OK benno@
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: mill...@cvs.openbsd.org 2024/03/31 08:19:22 Modified files: . : mail.html Log message: Update the text about attachments to the current reality. Also expand the off-topic warnings.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/03/28 19:16:30 Modified files: usr.bin/mandoc : main.c Log message: Back out tzset(3) change, it is not effective.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/03/28 19:01:00 Modified files: usr.bin/mandoc : main.c Log message: Call tzset() in main() so we don't need to check TZ repeatedly. This has the greatest impact on makewhatis, which used to make thousands of calls to issetugid(2) via localtime(3) and strftime(3). Inspired by a different diff from miod@. OK miod@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/03/27 08:44:52 Modified files: bin/ls : print.c Log message: printtime: use the Unix epoch if the file's timestamp is invalid Fixes a crash in "ls -l" for files with bogus timestamp values. OK miod@ denis@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/03/25 09:52:39 Modified files: usr.bin/whois : whois.c Log message: whois: use getline(3) instead of fgetln(3) This simplifies the code and fixes a potential out of bounds read. OK op@ mbuhl@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/03/24 13:51:47 Modified files: usr.bin/whois : whois.1 whois.c Log message: whois: remove obsolete handle support Contact handles have been obsolete for some time now. The "!handle" InterNic syntax no longer works and core COCO handle queries seems to only return empty records. OK sthen@ job@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/03/15 20:00:31 Modified files: usr.bin/whois : whois.1 whois.c Log message: whois: trim output after ">>> Last update of WHOIS database:" Currently, whois(1) displays the full output it receives from the server. With this change, any text after a line starting with ">>> Last update of WHOIS database:" is dropped. This trims a lot of useless text that would otherwise cause the data you care about to scroll off the screen. From FreeBSD. OK deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/03/05 09:06:32 Modified files: usr.bin/whois : whois.1 whois.c Log message: whois: use whois.internic.net for -i option Revert revision 1.22 which changed -i to use whois.networksolutions.com. Network Solutions no longer runs InterNic so we must use whois.internic.net for looking up nameserver or registrar records. OK deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/03/03 08:24:46 Modified files: usr.bin/mktemp : mktemp.1 Log message: Clarify which part of the path name is considered for substitution. Also use "name" instead of "file name" is some places since the result could be either a file or a directory. Work done with jmc@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/03/01 16:37:42 Modified files: usr.bin/mktemp : mktemp.1 Log message: Clarify behavior when there is more than one run of Xs. With help from miod@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/03/01 14:50:40 Modified files: usr.bin/mktemp : mktemp.1 mktemp.c Log message: mktemp(1): add suffix support for compatibility with the GNU version It is now possible to use templates where the Xs are not at the end, like "foo.XX.bar". If there are multiple runs of Xs, the last one is used. OK deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/03/01 14:30:40 Modified files: include: stdlib.h lib/libc : Symbols.list shlib_version lib/libc/hidden: stdlib.h lib/libc/stdlib: mkdtemp.c mktemp.3 Log message: Add mkdtemps(3), like mkdtemp(3) but with a suffix. OK deraadt@ tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/02/07 14:24:58 Modified files: share/zoneinfo : Makefile Added files: share/zoneinfo/datfiles: zonenow.tab Log message: Add and install the zonenow.tab file. This is a table where each row stands for a timezone where civil timestamps are predicted to agree from now on.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/02/05 10:07:23 Modified files: share/zoneinfo : leapseconds.awk zishrink.awk share/zoneinfo/datfiles: africa asia australasia etcetera europe leap-seconds.list northamerica southamerica Log message: Update to 2024agtz from https://github.com/JodaOrg/global-tz o Kazakhstan unifies on UTC+5 beginning 2024-03-01. o Palestine springs forward a week later after Ramadan.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/02/02 13:54:27 Modified files: usr.sbin/smtpd : parse.y Log message: Run lmtp deliveries as the recipient user, not SMTPD_USER (_smtpd). This is a backout of revision 1.278. Delivery via lmtp is not limited to running mail.lmtp, it may also be modified by a user's .forward file (if any). OK gilles@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/01/25 09:40:51 Modified files: usr.bin/awk: FIXES b.c main.c run.c Log message: Update awk to the Jan 22, 2024 version.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/01/23 15:28:20 Modified files: share/termtypes: termcap.5 Log message: The 1023-byte entry limit is historical, as is the vi(1) limitation. We ship nvi, not classic vi, so that parst is not relevant. OK deraadt@ jmc@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/01/19 12:45:02 Modified files: lib/libc/hidden: stdlib.h lib/libc/stdlib: Makefile.inc mktemp.c Added files: lib/libc/stdlib: __mktemp4.c mkdtemp.c mkstemp.c Log message: Make our mktemp(3) callback-driven and split into multiple files. Previously, calling any of the mktemp(3) family would pull in lstat(2), open(2) and mkdir(2). Now, only the necessary system calls will be reachable from the binary. OK deraadt@ guenther@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2024/01/19 09:30:28 Modified files: lib/libc/stdio : Makefile.inc lib/libc/stdlib: Makefile.inc Added files: lib/libc/stdlib: mktemp.3 mktemp.c Removed files: lib/libc/stdio : mktemp.3 mktemp.c Log message: Move mktemp.c to stdlib where it belongs. OK deraadt@
Re: CVS: cvs.openbsd.org: src
On Sat, 23 Dec 2023 09:05:54 +0100, Anton Lindqvist wrote: > On Fri, Dec 22, 2023 at 10:12:13AM -0700, Todd C. Miller wrote: > > CVSROOT:/cvs > > Module name:src > > Changes by: mill...@cvs.openbsd.org 2023/12/22 10:12:13 > > > > Modified files: > > regress/usr.bin/xargs: xargs-L.sh > > usr.bin/xargs : xargs.c > > > > Log message: > > xargs: fix parsing of empty fields when "xargs -0" is used. > > Previously, these fields would be skipped. From Hiltjo Posthuma. > > This broke the common `find -print0 | xargs -0` idiom: > > $ mkdir -p /tmp/a > $ find /tmp/a -print0 | xargs -0r rm -r > rm: : No such file or directory Thanks, this should be fixed now. - todd
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/12/23 08:58:58 Modified files: usr.bin/xargs : xargs.c Log message: Suppress a spurious empty arg at EOF w/ "find -0" caused by the last commit.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/12/22 10:12:13 Modified files: regress/usr.bin/xargs: xargs-L.sh usr.bin/xargs : xargs.c Log message: xargs: fix parsing of empty fields when "xargs -0" is used. Previously, these fields would be skipped. From Hiltjo Posthuma.
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: mill...@cvs.openbsd.org 2023/12/20 10:30:01 Modified files: openssh: openbsd.html Log message: Correct the links in the 9.6 section. Reported by Christos Zoulas.
CVS: cvs.openbsd.org: xenocara
CVSROOT:/cvs Module name:xenocara Changes by: mill...@cvs.openbsd.org 2023/12/19 13:31:21 Modified files: app/xterm : Makefile Log message: Substitute "100" for __default_termid__ instead of "vt100". The "vt" prefix is optional for the default terminal ID. Fixes an instance of "vtvt100" in the installed man page. OK matthieu@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/12/01 09:49:16 Added files: regress/usr.sbin/relayd: args-http-chunked-invalid.pl args-http-contentlength-get.pl args-http-contentlength-invalid.pl args-http-invalid-header1.pl args-http-invalid-header2.pl Log message: Add tests to exercise the recent bug fixes.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/12/01 09:48:40 Modified files: usr.sbin/relayd: relay_http.c Log message: relay_read_http: strip out Content-Length if we strip the body too We should not forward Content-Length if the body is not also forwarded.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/11/29 08:35:07 Modified files: usr.sbin/relayd: relay_http.c Log message: relay_read_http: defer header parsing until after line continuation Wait until we have a complete line before parsing the Content-Length, Transfer-Encoding and Host headers. This prevents potential request smuggling attacks. Filtering already happens after header line continuation has been performed. Reported by Ben Kallus. OK claudio@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/11/28 13:54:38 Modified files: usr.bin/awk: FIXES README.md lib.c main.c run.c Log message: Update awk to the Nov 27, 2023 version.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/11/28 11:36:55 Modified files: usr.sbin/relayd: relay_http.c Log message: relay_read_http: tighten up header parsing 1) reject headers with embedded NULs 2) reject headers with invalid characters in the name 3) reject Transfer-Encoding with values other than "chunked" 4) reject chunk values containing non-hex characters 5) reject Content-Length values of "+0" or "-0" 6) reject requests without a ' ' and headers without a ':' Reported by Ben Kallus, OK bluhm@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/11/25 09:31:33 Modified files: usr.bin/awk: FIXES awk.h b.c lex.c main.c run.c Log message: Update awk to the Nov 24, 2023 version.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/11/21 18:01:21 Modified files: usr.bin/awk: FIXES b.c main.c maketab.c proto.h run.c Log message: Update awk to the Nov 20, 2023 version. This includes a rewrite of the fnematch() function as well as a refactoring of the sub and gsub implementation.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/11/17 14:54:20 Modified files: share/zoneinfo : Makefile Log message: Use "mv -f" when moving the output file into place in the obj dir.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/11/17 14:51:37 Modified files: share/zoneinfo : Makefile Added files: share/zoneinfo : leapseconds.awk version ziguard.awk zishrink.awk share/zoneinfo/datfiles: leap-seconds.list Removed files: share/zoneinfo/datfiles: leapseconds Log message: zoneinfo: install tzdata.zi and leap-seconds.list Build and install the tzdata.zi file and build the leapseconds file from leap-seconds.list (installing both versions). Third-party software now expects these files to be installed. OK sthen@ deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/11/16 09:05:13 Modified files: etc/skel : dot.login Log message: Use tset -I for all terminals, not just xterm. Terminal initialization is usually only needed for hardware terminals, which are rare these days, and the initialization strings result in a bunch of extra newlines on pseudo-terminals. OK nicm@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/11/16 09:03:51 Modified files: etc/root : dot.login dot.profile Log message: Use tset -I for all terminals, not just xterm. Terminal initialization is usually only needed for hardware terminals, which are rare these days, and the initialization strings result in a bunch of extra newlines on pseudo-terminals. OK nicm@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/11/15 11:56:53 Modified files: usr.bin/awk: b.c Log message: fnematch: fix a bug that could result in extra chars being pushed back. >From Arnold Robbins. https://github.com/onetrueawk/awk/pull/213
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/11/15 11:48:13 Modified files: usr.bin/awk: b.c Log message: fnematch: fix out-of-bounds access on EOF fnematch() expects to store a NUL byte when EOF is encountered. However, the rewrite broke this assumption because r.len from getrune() is zero on EOF. This results in j becoming negative on EOF, causing an out-of-bounds access. It is simplest to just force r.len to 1 on EOF to copy a single NUL byte--the rune is initialized to zero even for EOF. This also fixes the call to adjbuf(). We cannot use 'k' to determine when we need to expand the buffer now that we are potentially reading more than a single byte at a time. https://github.com/onetrueawk/awk/pull/211
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/11/14 17:52:42 Modified files: regress/usr.bin/grep: Makefile Added files: regress/usr.bin/grep: t28.in Log message: Add regress test for "grep -m" behavior. From Crystal Kolipe.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/11/14 17:50:43 Modified files: usr.bin/grep : grep.1 util.c Log message: procline: only reduce mcount once per line, not once per match. This makes "grep -m" behave like GNU grep (where the -m option originated). From Crystal Kolipe.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/11/08 12:19:10 Modified files: usr.sbin/httpd : httpd.h server.c server_fcgi.c Log message: Avoid a NULL dereference when handling a malformed fastcgi request. Rework the hack to avoid a use-after-free in the fastcgi code. Since server_fcgi() can be called by server_read_httpcontent() we can't set clt_fcgi_error to NULL. Instead, we implement a simple reference count to track when a fastcgi session is in progress to avoid closing the http session prematurely on fastcgi error. Based on a diff from and OK by tb@. Reported by Ben Kallus.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/10/29 08:26:13 Modified files: lib/libc/include: namespace.h Log message: Enable ISO C11 APIs when building libc, even with an older compiler. Otherwise, the prototypes for timespec_get() and aligned_alloc() are not visible. OK guenther@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/10/29 08:23:04 Modified files: sbin/ifconfig : ifconfig.c Log message: Use clock_gettime(), not timespec_get() like other parts of ifconfig. This makes is possible to build the base system with a C99 compiler. OK deraadt@ mvs@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/10/28 16:38:22 Modified files: usr.bin/awk: run.c Log message: substr: fix buffer overflow with utf-8 strings We need to use u8_strlen(), not strlen(), to compute the length. Otherwise, there may be an out of bounds write when writing the NUL terminator to set the length of the substring. https://github.com/onetrueawk/awk/pull/205
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/10/27 18:25:19 Modified files: gnu/usr.bin/gcc/gcc: c-opts.c gnu/usr.bin/gcc/gcc/doc: cppopts.texi invoke.texi gnu/gcc/gcc: c-opts.c gnu/gcc/gcc/doc: cppopts.texi gcc.1 gcc.info invoke.texi share/man/man1 : gcc-local.1 Log message: Back out change to make the default -std=gnu99 for now. There has been some unexpected fallout. Requested by deraadt@.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/10/26 12:46:42 Modified files: gnu/usr.bin/gcc/gcc/doc: cppopts.texi Log message: Fix a typo spotted by miod@.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/10/26 11:33:35 Modified files: gnu/usr.bin/gcc/gcc: c-opts.c gnu/usr.bin/gcc/gcc/doc: cppopts.texi invoke.texi gnu/gcc/gcc: c-opts.c gnu/gcc/gcc/doc: cppopts.texi gcc.1 gcc.info invoke.texi share/man/man1 : gcc-local.1 Log message: Make gnu99 the default for gcc 3.3.6 and 4.2.1, not gnu89. While these versions of gcc don't have full C99 support, it is better than defaulting to C89 when building modern software. OK deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/10/09 14:55:33 Modified files: usr.sbin/smtpd : smtp_session.c Log message: Add Message-Id as needed for messages received on the submission port. Since listener->port is in network byte order we need to compare against htons(587). The fix for this got dropped in the rewrite in revision 1.335.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/10/06 16:31:21 Modified files: usr.bin/awk: b.c Log message: Correctly reset the goto table for a state. We cannot use set_gototab() to reset all the entries for a state, it will leave existing entries as-is. Add a new reset_gototab() function that zeroes the table entries for the specified state. There is no need to reset the goto table immediately after resize_state(), it is already initialized via calloc(). Fixes https://github.com/onetrueawk/awk/issues/199
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/10/06 16:29:24 Modified files: usr.bin/awk: FIXES b.c lib.c main.c run.c Log message: Update awk to Sep 24, 2023 version. fnematch and getrune have been overhauled to solve issues around unicode FS and RS. also fixed gsub null match issue with unicode. big thanks to Arnold Robbins.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/10/06 10:41:02 Modified files: lib/libc/stdio : fvwrite.c putc.c vfprintf.c vfwprintf.c wbuf.c wsetup.c Log message: __swsetup: set error flag and errno on error. Previously, we set errno to EBADF if the cantwrite() macro (which calls __swsetup()) returns true for POSIX compliance. However, we neglected to also set the error flag, __SERR. Rather than set the error flag in all callers of cantwrite(), set both errno and the error flag in __swsetup(). This matches what FreeBSD does and makes it possible to choose a proper errno value for the second error condition in __swsetup(). OK deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/09/27 15:06:33 Modified files: usr.bin/deroff : deroff.c Log message: Use a dynamically-allocated line buffer and resize as needed. Fixes a buffer overflow for lines over 2048 bytes. Problem reported by Crystal Kolipe. OK deraadt@
Re: CVS: cvs.openbsd.org: src
On Thu, 21 Sep 2023 11:19:06 -0600, Todd C. Miller wrote: > CVSROOT: /cvs > Module name: src > Changes by: mill...@cvs.openbsd.org 2023/09/21 11:19:06 > > Modified files: > usr.bin/awk: b.c > > Log message: > Fix a potential out-of-bounds read caused by the big-endian fix. > > We must store a UTF-32 empty string, not UTF-8 empty string, for > an empty CCL. Found running the awk test suite with address sanitizer. Actually, this bug is also present in upstream awk, without the big-endian fix. - todd
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/09/21 11:19:06 Modified files: usr.bin/awk: b.c Log message: Fix a potential out-of-bounds read caused by the big-endian fix. We must store a UTF-32 empty string, not UTF-8 empty string, for an empty CCL. Found running the awk test suite with address sanitizer.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/09/20 10:57:12 Modified files: usr.bin/awk: main.c Log message: Support --version option like upstream awk but don't document it. Upstream awk has supported --version for a long time but does not support -V like our awk does. Both options are supported by gawk.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/09/20 10:49:13 Modified files: usr.bin/awk: run.c Log message: Use awk_mb_cur_max in nawk_convert() instead of MB_CUR_MAX.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/09/18 19:14:05 Modified files: usr.bin/awk: b.c Log message: Compare int value against 0, not '\0', for consistency.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/09/18 17:33:21 Modified files: usr.bin/awk: b.c Log message: Fix a bad cast to char * that causes incorrect results on big endian. Now that awk stores chars as int we need to cast the Node * to int *.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/09/18 13:32:20 Modified files: usr.bin/awk: awk.h b.c main.c run.c Log message: Disable utf-8 for non-multibyte locales, such as C or POSIX. This makes it possible to get the old awk behavior (where chars are bytes) by setting LC_CTYPE to C or POSIX. OK schwarze@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/09/17 08:49:44 Modified files: usr.bin/awk: FIXES README.md awk.1 awk.h b.c lex.c lib.c main.c proto.h run.c tran.c Added files: usr.bin/awk: FIXES.1e LICENSE Log message: Update to the One True Awk, 2nd edition (Sep 12, 2023). This corresponds to the 2nd edition of "The AWK Programming Language" and adds support for UTF-8 and comma-separated value inputs.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/09/10 08:59:00 Modified files: usr.bin/awk: FIXES awkgram.y lex.c lib.c main.c parse.c proto.h Log message: Update awk to Sep 6, 2023 version.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/09/09 12:59:44 Modified files: usr.bin/awk: FIXES lex.c main.c Log message: Update awk to Dec 15, 2022 version. Force hex escapes in strings to be no more than two characters, as they already are in regular expressions. This brings internal consistency, as well as consistency with gawk.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/07/19 15:26:03 Modified files: usr.sbin/cron : entry.c Log message: Fix skipping of white space after the username in /etc/crontab. Only a single white space character was consumed, we should be consuming all white space between fields. This change makes things consistent with how lines without a username are parsed. OK deraadt@ sthen@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/07/13 14:33:30 Modified files: sys/lib/libkern: bcmp.c Log message: bcmp(3) tries to return length, which is a size_t, as an int. Instead, just return 1 if there is a difference, else 0. Fixed by ray@ in 2008 but the libkern version was not synced. OK deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/06/26 12:00:59 Modified files: bin/pax: cpio.c tar.c Log message: pax: truncate times to MAX_TIME_T, not INT_MAX If the mtime in the file header is larger than MAX_TIME_T, trucate it to MAX_TIME_T, not INT_MAX. OK otto@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/06/26 10:58:50 Modified files: bin/pax: tty_subs.c Log message: pax: use safe_print() to display messages which may include file names. Reported by David Leadbeater. OK op@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/06/23 09:06:46 Modified files: usr.bin/vi/ex : ex.c ex_subst.c Log message: Fix a bug in ex's 's' command with the 'c' flag when 'number' is off. The underlining was positioned in the wrong place. This fixes the problem and matches historic ex behavior. OK op@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/06/21 16:22:08 Modified files: bin/ksh: edit.c edit.h emacs.c exec.c sh.h Log message: ksh: escape control chars when displaying file name completions. If there are multiple matches when using autocomplete, the list of matching file names was output as-is. However, for a single match, control characters are escaped before the file name is displayed. This makes the behavior more consistent by escaping control chars in the list of matches too. Discussed with deraadt@, OK op@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/06/13 15:10:41 Modified files: usr.bin/seq: seq.c Log message: Remove debug info inadvertantly left in the last commit.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/06/13 09:36:21 Modified files: usr.sbin/cron : entry.c Log message: Upstream fixes for @yearly, @monthly, @weekly, @daily and @hourly. The bit_nset() macro was being called with the high value one too large for the special strings. There is no security impact due to the layout of the bit strings but this was somewhat lucky. This introduces a set_range() function that performs range checks before calling bit_nset().
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/06/12 14:19:45 Modified files: regress/usr.bin: Makefile Added files: regress/usr.bin/seq: Makefile seqtest.expected seqtest.sh Log message: Simple seq(1) regress. More tests are needed.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/06/12 14:19:14 src/regress/usr.bin/seq Update of /cvs/src/regress/usr.bin/seq In directory cvs.openbsd.org:/tmp/cvs-serv998/seq Log Message: Directory /cvs/src/regress/usr.bin/seq added to the repository
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/06/12 14:15:06 Modified files: usr.bin/seq: seq.c Log message: seq: fix check for rounding error/truncation We need to compare the printable version of the last value displayed, not the floating point representation. Otherwise, we may print the last value twice. OK deraadt@