openbsd/src
1
0
Fork 0
mirror of https://github.com/openbsd/src.git synced 2026-06-18 07:13:36 +02:00
Code Activity
244,966 Commits 1 Branch 0 Tags
f659a34568c4a5fbdf751b27206669f2b1d23a2d
Commit Graph

244966 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
nicm f659a34568 Add -B to new-pane/split-window to block until the command exits, like 
run-shell -b.
 2026-06-09 09:11:05 +00:00
nicm d89bad393c Do not use NULL arguments, bug spotted by Dane Jensen. 2026-06-09 08:11:53 +00:00
robert c6e406052a fix a mismerged patch for defaulting to -mno-relax on OpenBSD; from Brad 2026-06-09 06:41:08 +00:00
tb e39095509a fmt_scaled: add some regress for signed overflow edge cases. 
looks good to claudio, ok djm
 2026-06-09 06:01:28 +00:00
tb fcb5a24fd8 Avoid signed overflow in fmt_scaled 
Adding the scaled fractional part to whole may result in a signed overflow.
Guard against this by adding checks before subtracting or adding.

problem pointed out by a friend of claudio's
fix looks good to claudio, ok djm
 2026-06-09 06:00:13 +00:00
tb 7399bf8369 fmt_scaled: make regress compile again with old gcc 
looks good to claudio
ok djm
 2026-06-09 05:58:51 +00:00
tb a6259270fd ecdh: add error codes for point at infinity/not on curve 
The point at infinity would previously raise EC_R_POINT_AT_INFINITY via
EC_POINT_get_affine_coordinates(). For consistency, also raise an error
for off-curve points.

pointed out by/ok kenjiro
 2026-06-09 05:24:47 +00:00
tb d027729733 Fix strange error check in EC_POINT_get_affine_coordinates 
EC_POINT_is_at_infinity() has a Boolean return nowadays, so drop > 0.

ok jsing kenjiro
 2026-06-09 05:23:30 +00:00
tb ec20d7d79d ssl_kex: exercise an invalid point as well 2026-06-09 05:20:38 +00:00
tb 7b8bc4ba51 ssl_kex: ensure decode_error alert is raised 2026-06-09 05:17:24 +00:00
jsg 0911d52936 switch nfs_getreq() to nfsd_adv() 
from miod@ ok jsg@

This round of commits was prompted by a double-free report
from Andrew Griffiths at Calif.

server nfs request mbuf pointers were stored in two structs:
nmi_mrep in struct nfsm_info
nd_mrep in struct nfsrv_descript
but only set to NULL after m_freem() in nmi_mrep

This problem is avoided by removing the use of struct nfsm_info
in the server paths and passing struct nfsrv_descript to
new versions of the nfsm functions.
 2026-06-09 03:20:01 +00:00
jsg 90b9dafe0f remove use of struct nfsm_info in nfs_serv.c (the non-trivial part) 
with and ok miod@
 2026-06-09 03:14:22 +00:00
jsg 41c7b2bcb8 remove use of struct nfsm_info in nfs_serv.c 
with and ok miod@
 2026-06-09 03:12:46 +00:00
jsg 4399304b9e convert nfs_serv.c from nfsm_mtouio() to nfsd_mtouio() 
with and ok miod@
 2026-06-09 03:11:12 +00:00
jsg 1827201e79 convert nfs_serv.c from nfsm_strsiz() to nfsd_strsiz() 
with and ok miod@
 2026-06-09 03:09:31 +00:00
jsg 5bf60b7bbb convert nfs_socket.c from nfsm_dissect() to nfsd_dissect() 
with and ok miod@
 2026-06-09 03:07:19 +00:00
jsg 129b7361a7 convert nfs_serv.c from nfsm_dissect() to nfsd_dissect() 
with and ok miod@
 2026-06-09 03:05:19 +00:00
jsg f7ff572f3f remove nfsm_info argument from nfsm_srvmtofh1() 
with and ok miod@
 2026-06-09 03:02:07 +00:00
jsg ccdb4fd9cb remove nfsm_info argument from nfsm_reply() 
callers all set info.nmi_mreq = NULL

with and ok miod@
 2026-06-09 03:00:10 +00:00
jsg e3f8116888 make nfsm_srvnamesiz() take an nfsrv_descript argument 
with and ok miod@
 2026-06-09 02:57:57 +00:00
jsg 1d3974cfff make nfsm_srvmtofh2() take an nfsrv_descript argument 
with and ok miod@
 2026-06-09 02:56:44 +00:00
jsg 8320865ccb make nfsm_srvsattr() take an nfsrv_descript argument 
with and ok miod@
 2026-06-09 02:55:17 +00:00
jsg 193aeaf4df add nfsrv_descript versions of nfsm functions 
ok miod@
 2026-06-09 02:52:26 +00:00
jsg 6f935c3293 remove nmi_mb from struct nfsm_info 
ok miod@
 2026-06-09 02:50:21 +00:00
jsg 4d99815467 make nfsm_srvmtofh1() take an mbuf argument 
ok miod@
 2026-06-09 02:47:59 +00:00
jsg 55c7f42fdd make nfsm_srvwcc() take an mbuf argument 
ok miod@
 2026-06-09 02:46:02 +00:00
jsg 3d81f98817 make nfsm_fhtom() take an mbuf argument 
ok miod@
 2026-06-09 02:44:06 +00:00
jsg 5e18eb562e make nfsm_srvpostop_fh() take an mbuf argument 
ok miod@
 2026-06-09 02:42:10 +00:00
jsg 4da49fe8b6 make nfsm_srvpostop_attr() take an mbuf argument 
ok miod@
 2026-06-09 02:40:16 +00:00
jsg 27b0ee1e96 make nfsm_reply() take an mbuf argument 
ok miod@
 2026-06-09 02:38:24 +00:00
jsg 78974ab08b make nfsm_strtom() take an mbuf argument 
ok miod@
 2026-06-09 02:36:29 +00:00
afresh1 1a1b1c7bb8 Upstream patch for buffer overflow in 32-bit perl 
* CVE-2026-8376
    https://lists.security.metacpan.org/cve-announce/msg/40396161/
    Perl versions through 5.43.10 have a heap buffer overflow when
    compiling regular expressions with a repeated fixed string on 32-bit
    builds
 2026-06-09 01:37:55 +00:00
afresh1 21e0b139c0 Upstream patches for IO-Compress perl dist 
* CVE-2026-48961
    https://lists.security.metacpan.org/cve-announce/msg/40434383/
    IO::Compress versions from 2.207 before 2.220 for Perl ship a
    zipdetails CLI tool that crashes with undefined subroutine on
    Info-ZIP Unix Extra Field with 8-byte UID or GID

* CVE-2026-48962
    https://lists.security.metacpan.org/cve-announce/msg/40434385/
    IO::Compress versions before 2.220 for Perl can execute arbitrary
    code in File::GlobMapper via an attacker-controlled output glob

* CVE-2025-15649
    https://lists.security.metacpan.org/cve-announce/msg/40434380/
    IO::Uncompress::Unzip versions before 2.215 for Perl propagate
    uncaught exception when parsing zip header with malformed DOS date

* CVE-2026-48959
    https://lists.security.metacpan.org/cve-announce/msg/40434381/
    IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU
    exhaustion via per-byte read loop in fastForward
 2026-06-09 01:37:30 +00:00
afresh1 38d736fcba Upstream patch for HTTP-Tiny perl dist 
* CVE-2026-7010
    https://lists.security.metacpan.org/cve-announce/msg/39952806/
    HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in
    HTTP request lines or control field header values
 2026-06-09 01:36:51 +00:00
afresh1 170dab4126 Upstream patches for Archive-Tar perl dist 
* CVE-2026-42496
    https://lists.security.metacpan.org/cve-announce/msg/40396459/
    Archive::Tar versions before 3.08 for Perl extract symlinks with
    attacker controlled targets outside the extraction directory

* CVE-2026-42497
    https://lists.security.metacpan.org/cve-announce/msg/40396457/
    Archive::Tar versions before 3.08 for Perl extract hardlinks to
    attacker controlled paths outside the extraction directory

* CVE-2026-9538
    https://lists.security.metacpan.org/cve-announce/msg/40396448/
    Archive::Tar versions before 3.10 for Perl allow memory exhaustion
    via attacker controlled entry size field in tar header
 2026-06-09 01:36:20 +00:00
nicm 6ad0bf9083 Fix mouse events on tiled pane status line - when panes share a border, 
prefer the pane for which the border is the status line. With Dane
Jensen.
 2026-06-08 23:06:21 +00:00
nicm cd1cface29 Fix squash-groups skipping every session, GitHub issue 5180 from Bryce 
Miller.
 2026-06-08 21:46:19 +00:00
nicm fedd2d2215 Allow ACLs to use groups as well as users, GitHub issue 4917. 2026-06-08 21:38:19 +00:00
nicm ae5dadf338 Add a relative time option for time formatting, GitHub issue 5009. 2026-06-08 21:19:52 +00:00
nicm 9f8e030416 Add a -h flag to choose-tree and choose-client to hide the pane 
containing the mode, intended for use with floating panes. From Michael
Grant, GitHub issue 5177.
 2026-06-08 21:01:33 +00:00
nicm 392d7ab2a5 Add -T to new-pane to set the title; GitHub issue 5176 from Michael Grant. 2026-06-08 20:44:57 +00:00
nicm 263cf16fe6 Add display-panes-format to change the top-of-pane text shown with 
display-panes.
 2026-06-08 20:42:39 +00:00
nicm c554569ef9 When entering or leaving the alternate screen, discard any pending 
resizes. Improves flicking with scrollbars and programs that leave and
enter the alternate screen on every WINCH like nano. GitHub issue 4772.

Cvs: ----------------------------------------------------------------------
 2026-06-08 20:41:21 +00:00
nicm 2b95f200f5 Add a -k flag to choose commands to kill the pane when the mode is 
exited (useful with floating panes).
 2026-06-08 20:38:54 +00:00
nicm 33e7968cec Return immediately if the list is empty in mode_tree_key instead of 
crashing, from Bryce Miller in GitHub issue 5170.
 2026-06-08 15:16:21 +00:00
henning d88eaf8f50 when no constraints are configured, do not wait for constraint replies 
openntpd-portable commit 2760aa0, bcook@
 2026-06-08 12:46:17 +00:00
henning 43e61244d4 when creating a peer out of a pool spec ("servers" in cfg), copy 
"trusted" just like weight and everything else
openntpd-portable commit fd6d7d0 by bcook@
 2026-06-08 12:41:51 +00:00
claudio 867bf89e0d Update because printconf missed a hypen. 
-       announce as4byte yes
+       announce as-4byte yes
 2026-06-08 12:29:29 +00:00
claudio 1b70bf5379 announce as-4byte uses a hyphen in the name. Fix printconf to output the 
statement correctly.
 2026-06-08 12:26:45 +00:00
job 38a3416f6c Save the rpkiNotify URI itself in the repository's RRDP state file 
Providing this mapping makes introspection & comparison of RRDP states
across different instances easier.

OK tb@
 2026-06-08 12:12:00 +00:00