svn commit: r302385 - in stable/10/contrib/expat: . doc examples lib tests tests/benchmark xmlwf
Author: delphij Date: Thu Jul 7 04:59:58 2016 New Revision: 302385 URL: https://svnweb.freebsd.org/changeset/base/302385 Log: MFC r302305: MFV r302260: expat 2.2.0. Added: stable/10/contrib/expat/configure.ac - copied unchanged from r302305, head/contrib/expat/configure.ac stable/10/contrib/expat/doc/xmlwf.xml - copied unchanged from r302305, head/contrib/expat/doc/xmlwf.xml Deleted: stable/10/contrib/expat/configure.in stable/10/contrib/expat/doc/xmlwf.sgml Modified: stable/10/contrib/expat/COPYING stable/10/contrib/expat/Changes stable/10/contrib/expat/MANIFEST stable/10/contrib/expat/Makefile.in stable/10/contrib/expat/README stable/10/contrib/expat/doc/expat.png (contents, props changed) stable/10/contrib/expat/doc/reference.html stable/10/contrib/expat/doc/xmlwf.1 stable/10/contrib/expat/examples/elements.c stable/10/contrib/expat/examples/outline.c stable/10/contrib/expat/expat_config.h.in stable/10/contrib/expat/lib/expat.h stable/10/contrib/expat/lib/expat_external.h stable/10/contrib/expat/lib/internal.h stable/10/contrib/expat/lib/xmlparse.c stable/10/contrib/expat/lib/xmlrole.c stable/10/contrib/expat/lib/xmltok.c stable/10/contrib/expat/lib/xmltok.h stable/10/contrib/expat/lib/xmltok_impl.c stable/10/contrib/expat/tests/benchmark/README.txt stable/10/contrib/expat/tests/chardata.c stable/10/contrib/expat/tests/minicheck.c stable/10/contrib/expat/tests/minicheck.h stable/10/contrib/expat/tests/runtests.c stable/10/contrib/expat/tests/xmltest.sh stable/10/contrib/expat/xmlwf/codepage.c stable/10/contrib/expat/xmlwf/readfilemap.c stable/10/contrib/expat/xmlwf/unixfilemap.c stable/10/contrib/expat/xmlwf/xmlfile.c stable/10/contrib/expat/xmlwf/xmlwf.c Directory Properties: stable/10/ (props changed) Modified: stable/10/contrib/expat/COPYING == --- stable/10/contrib/expat/COPYING Thu Jul 7 03:39:18 2016 (r302384) +++ stable/10/contrib/expat/COPYING Thu Jul 7 04:59:58 2016 (r302385) @@ -1,6 +1,5 @@ -Copyright (c) 1998, 1999, 2000 Thai Open Source Software Center Ltd - and Clark Cooper -Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006 Expat maintainers. +Copyright (c) 1998-2000 Thai Open Source Software Center Ltd and Clark Cooper +Copyright (c) 2001-2016 Expat maintainers Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the Modified: stable/10/contrib/expat/Changes == --- stable/10/contrib/expat/Changes Thu Jul 7 03:39:18 2016 (r302384) +++ stable/10/contrib/expat/Changes Thu Jul 7 04:59:58 2016 (r302385) @@ -1,3 +1,67 @@ +Release 2.2.0 Tue June 21 2016 +Security fixes: +#537 CVE-2016-0718 -- Fix crash on malformed input + CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 / + CVE-2015-2716 introduced with Expat 2.1.1 +#499 CVE-2016-5300 -- Use more entropy for hash initialization + than the original fix to CVE-2012-0876 +#519 CVE-2012-6702 -- Resolve troublesome internal call to srand + that was introduced with Expat 2.1.0 + when addressing CVE-2012-0876 (issue #496) + +Bug fixes: + Fix uninitialized reads of size 1 +(e.g. in little2_updatePosition) + Fix detection of UTF-8 character boundaries + +Other changes: +#532 Fix compilation for Visual Studio 2010 (keyword "C99") + Autotools: Resolve use of "$<" to better support bmake + Autotools: Add QA script "qa.sh" (and make target "qa") + Autotools: Respect CXXFLAGS if given + Autotools: Fix "make run-xmltest" + Autotools: Have "make run-xmltest" check for expected output + p90 CMake: Fix static build (BUILD_shared=OFF) on Windows +#536 CMake: Add soversion, support -DNO_SONAME=yes to bypass +#323 CMake: Add suffix "d" to differentiate debug from release + CMake: Define WIN32 with CMake on Windows + Annotate memory allocators for GCC + Address all currently known compile warnings + Make sure that API symbols remain visible despite +-fvisibility=hidden + Remove executable flag from source files + Resolve COMPILED_FROM_DSP in favor of WIN32 + +Special thanks to: +Björn Lindahl +Christian Heimes +Cristian Rodríguez +Daniel Krügler +Gustavo Grieco +
svn commit: r302383 - stable/10/contrib/ipfilter/tools
Author: cy Date: Thu Jul 7 02:23:52 2016 New Revision: 302383 URL: https://svnweb.freebsd.org/changeset/base/302383 Log: MFC r302296: Remove dead code. Modified: stable/10/contrib/ipfilter/tools/ipf.c Directory Properties: stable/10/ (props changed) Modified: stable/10/contrib/ipfilter/tools/ipf.c == --- stable/10/contrib/ipfilter/tools/ipf.c Wed Jul 6 23:49:19 2016 (r302382) +++ stable/10/contrib/ipfilter/tools/ipf.c Thu Jul 7 02:23:52 2016 (r302383) @@ -410,23 +410,6 @@ static void flushfilter(arg, filter) return; } -#ifdef SIOCIPFFA - if (!strcmp(arg, "u")) { - closedevice(); - /* -* Flush auth rules and packets -*/ - if (opendevice(IPL_AUTH, 1) == -1) - perror("open(IPL_AUTH)"); - else { - if (ioctl(fd, SIOCIPFFA, ) == -1) - ipferror(fd, "ioctl(SIOCIPFFA)"); - } - closedevice(); - return; - } -#endif - if (strchr(arg, 'i') || strchr(arg, 'I')) fl = FR_INQUE; if (strchr(arg, 'o') || strchr(arg, 'O')) ___ svn-src-stable-10@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10 To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"
svn commit: r302377 - in stable/10: lib/libcam sbin/camcontrol sbin/iscontrol sys/cam usr.sbin/camdd usr.sbin/mptutil
Author: truckman Date: Wed Jul 6 17:45:38 2016 New Revision: 302377 URL: https://svnweb.freebsd.org/changeset/base/302377 Log: MFC r300547 Fix multiple Coverity Out-of-bounds access false postive issues in CAM The currently used idiom for clearing the part of a ccb after its header generates one or two Coverity errors for each time it is used. All instances generate an Out-of-bounds access (ARRAY_VS_SINGLETON) error because of the treatment of the header as a two element array, with a pointer to the non-existent second element being passed as the starting address to bzero(). Some instances also alsp generate Out-of-bounds access (OVERRUN) errors, probably because the space being cleared is larger than the sizeofstruct ccb_hdr). In addition, this idiom is difficult for humans to understand and it is error prone. The user has to chose the proper struct ccb_* type (which does not appear in the surrounding code) for the sizeof() in the length calculation. I found several instances where the length was incorrect, which could cause either an actual out of bounds write, or incompletely clear the ccb. A better way is to write the code to clear the ccb itself starting at sizeof(ccb_hdr) bytes from the start of the ccb, and calculate the length based on the specific type of struct ccb_* being cleared as specified by the union ccb member being used. The latter can normally be seen in the nearby code. This is friendlier for Coverity and other static analysis tools because they will see that the intent is to clear the trailing part of the ccb. Wrap all of the boilerplate code in a convenient macro that only requires a pointer to the desired union ccb member (or a pointer to the union ccb itself) as an argument. Reported by: Coverity CID: 1007578, 1008684, 1009724, 1009773, 1011304, 1011306 CID: 1011307, 1011308, 1011309, 1011310, 1011311, 1011312 CID: 1011313, 1011314, 1011315, 1011316, 1011317, 1011318 CID: 1011319, 1011320, 1011321, 1011322, 1011324, 1011325 CID: 1011326, 1011327, 1011328, 1011329, 1011330, 1011374 CID: 1011390, 1011391, 1011392, 1011393, 1011394, 1011395 CID: 1011396, 1011397, 1011398, 1011399, 1011400, 1011401 CID: 1011402, 1011403, 1011404, 1011405, 1011406, 1011408 CID: 1011409, 1011410, 1011411, 1011412, 1011413, 1011414 CID: 1017461, 1018387, 1086860, 1086874, 1194257, 1229897 CID: 1229968, 1306229, 1306234, 1331282, 1331283, 1331294 CID: 1331295, 1331535, 1331536, 1331539, 1331540, 1341623 CID: 1341624, 1341637, 1341638, 1355264, 1355324 Reviewed by: scottl, ken, delphij, imp MFH: 1 month Differential Revision:https://reviews.freebsd.org/D6496 Modified: stable/10/lib/libcam/camlib.c stable/10/sbin/camcontrol/attrib.c stable/10/sbin/camcontrol/camcontrol.c stable/10/sbin/camcontrol/fwdownload.c stable/10/sbin/camcontrol/persist.c stable/10/sbin/iscontrol/fsm.c stable/10/sys/cam/cam_ccb.h stable/10/usr.sbin/camdd/camdd.c stable/10/usr.sbin/mptutil/mpt_cam.c Directory Properties: stable/10/ (props changed) Modified: stable/10/lib/libcam/camlib.c == --- stable/10/lib/libcam/camlib.c Wed Jul 6 17:42:09 2016 (r302376) +++ stable/10/lib/libcam/camlib.c Wed Jul 6 17:45:38 2016 (r302377) @@ -619,7 +619,7 @@ cam_real_open_device(const char *path, i /* * Zero the payload, the kernel does look at the flags. */ - bzero(&(_h)[1], sizeof(struct ccb_trans_settings)); + CCB_CLEAR_ALL_EXCEPT_HDR(); /* * Get transfer settings for this device. Modified: stable/10/sbin/camcontrol/attrib.c == --- stable/10/sbin/camcontrol/attrib.c Wed Jul 6 17:42:09 2016 (r302376) +++ stable/10/sbin/camcontrol/attrib.c Wed Jul 6 17:45:38 2016 (r302377) @@ -137,8 +137,7 @@ scsiattrib(struct cam_device *device, in goto bailout; } - bzero(&(>ccb_h)[1], - sizeof(union ccb) - sizeof(struct ccb_hdr)); + CCB_CLEAR_ALL_EXCEPT_HDR(>csio); STAILQ_INIT(_attr_list); Modified: stable/10/sbin/camcontrol/camcontrol.c == --- stable/10/sbin/camcontrol/camcontrol.c Wed Jul 6 17:42:09 2016 (r302376) +++ stable/10/sbin/camcontrol/camcontrol.c Wed Jul 6 17:45:38 2016 (r302377) @@ -838,8 +838,7 @@ scsiinquiry(struct cam_device *device, i } /* cam_getccb cleans up the header, caller has to zero the payload */ - bzero(&(>ccb_h)[1], - sizeof(struct ccb_scsiio) - sizeof(struct ccb_hdr)); + CCB_CLEAR_ALL_EXCEPT_HDR(>csio);