openbsd/src
1
0
Fork 0
mirror of https://github.com/openbsd/src.git synced 2026-06-18 07:13:36 +02:00
Code Activity

Commit Graph

  • ec76a249f3 DisableForwarding=yes didn't override PermitTunnel=yes djm 2026-05-31 04:47:29 +00:00
  • 9032e60e13 make the transport protocol stricter by disconnecting if the peer sends non-KEX messages during a key re-exchange. djm 2026-05-31 04:44:38 +00:00
  • 0f4d9fd15f stricter validation of the transport state passed from the unprivileged preauth sshd-auth process to the user-privileged postauth sshd-session process. djm 2026-05-31 04:37:56 +00:00
  • 204d162f81 Enforce a maximum size for usernames in agent key use constraints djm 2026-05-31 04:31:04 +00:00
  • a638980104 fix client use-after-free on error path if cipher_init() fails; reported by Qualys Security Advisory Team, ok markus@ djm 2026-05-31 04:24:39 +00:00
  • 713668bf91 flesh out match_pattern() tests, including a new comparison test of the new NFA-based implementation against the original one for all possible combinations of short inputs and patterns constructed from a small dictionary of possibilities. djm 2026-05-31 04:20:58 +00:00
  • 3ec0b86f8a Replace the old recursive match_pattern() with an implementation that uses a NFA for matching. This avoids the exponential worst- case behaviour for the old implementation. djm 2026-05-31 04:19:16 +00:00
  • d9396b5590 Disallow wildcard matching of a TLD specified as a FQDN. jsing 2026-05-30 17:06:09 +00:00
  • 7ba5aa4bbc Add a regress test that matches a wildcard for a TLD specified as a FQDN. jsing 2026-05-30 17:04:48 +00:00
  • 545ae0a970 Improve test failure message. jsing 2026-05-30 16:55:09 +00:00
  • 6568abc091 Return empty ranges if line is below window. nicm 2026-05-30 16:10:13 +00:00
  • a553a88b5f Fix heap buffer overread in column counting loop renaud 2026-05-30 15:18:44 +00:00
  • 984ad87ceb Missed this file from previous. nicm 2026-05-30 11:20:03 +00:00
  • 23c9f3787f Handle ranges for panes which are outside the window to the left. nicm 2026-05-30 11:19:39 +00:00
  • 0a7b23cd6e Add support for version 3 of Apple's AIC interript controller that can be found on M3 and later SoCs. kettenis 2026-05-30 11:17:43 +00:00
  • 6e4b9ba6c3 Do not crash when a pane offset is negative. nicm 2026-05-30 09:48:30 +00:00
  • 3113278320 Check if the range is invalid using start,end rather than length since it will never be negative. nicm 2026-05-30 08:58:29 +00:00
  • 0947281900 Handle sections that specify alignment as 0 when loading an ELF interpreter (i.e. ld.so). Since the smallest possible alignment actually is a the page size just start with that and only increase it if a larger alignment is requested. Also reject interpreters without loadable segments, just like we did for ld.so a few weeks ago. kettenis 2026-05-30 08:54:30 +00:00
  • c936f2c9d0 Correct calculation of start and end. nicm 2026-05-30 08:50:09 +00:00
  • bf30404b9c Validate size of chunks copied to piglet during hibernate unpack mlarkin 2026-05-30 08:06:09 +00:00
  • a0689c9cba Validate sizes against integer overflow when reading chunks in unhibernate mlarkin 2026-05-30 07:53:05 +00:00
  • 1355e2d495 Prevent overread when reading the chunktable in unhibernate mlarkin 2026-05-30 07:24:46 +00:00
  • 921dae32c9 Disable builtins in strlcpytest.c. Otherwise, clang w/ optimizations enabled will treat strlcpy(NULL, ...) as undefined behavior and optimize the invocation away. anton 2026-05-30 05:07:03 +00:00
  • 8e039131b9 rpki-client: rfc 9981 tb 2026-05-30 02:09:04 +00:00
  • 1e1be23b32 Disable kbind() and pinsyscalls() for static binaries at the correct time, which is inside exec_elf_makecmds(). Amusingly, it looks like these protection mechanisms are not needed because other process state protects against kbind use since we completed the switch to static pie. Also any priviledged static binary (which we ship, setuid or daemon) is not going to contain a pinsyscall or kbind slot in the loaded pinsyscalls table, so they cannot perform those. Only synthetic binaries with their own pinsyscalls table could play, but of course they won't run with priviledge.. from Andrew Griffiths at Calif ok kettenis, andrew also approves of this approach deraadt 2026-05-29 23:32:52 +00:00
  • e1776121d8 sync gkoehler 2026-05-29 23:24:34 +00:00
  • 75fa647aa2 But the NVMe controller integrated on Apple silicon (M1, M2, etc.) advertises support for 128-byte submission queue entries but only works with 64-byte entries. So let aplns(4) override the size. kettenis 2026-05-29 21:44:44 +00:00
  • 8beb114a13 Update clzdi2.c to pull in the following commit neede because of a change in clang brought in with the llvm 22 update: kettenis 2026-05-29 19:54:16 +00:00
  • a909ce865e Unbreak and update powerpc retguard for llvm 22 gkoehler 2026-05-29 19:32:41 +00:00
  • b0531f0ba0 And now fix the uvm page fault of OF_getpropstr() the right way. mglocker 2026-05-29 15:54:54 +00:00
  • fe6635b18d Correct offsets for redrawing entire line here too. nicm 2026-05-29 15:51:03 +00:00
  • f6d0e111e5 Fix uvm fault panic introduced by new OF_getpropstr() function. mglocker 2026-05-29 14:12:57 +00:00
  • 0120f5b67b bettertls/verify: resuls -> results tb 2026-05-29 13:21:15 +00:00
  • ce3ddd0a5d sync jca 2026-05-29 12:09:17 +00:00
  • 01dd9eb5f3 revert upstream commit 947b9f55b5f327e14368a48fb6ce10242ea29bf3 robert 2026-05-29 11:53:08 +00:00
  • 8c47df8d06 add SipHash.h from llvm-22.1.6 which is shipped as a third party header robert 2026-05-29 11:52:13 +00:00
  • 1a3f9edb37 sync after updating llvm to 22.1.6 robert 2026-05-29 11:26:43 +00:00
  • fb5f5ea15f update build infrastructure for llvm-21.1.6 robert 2026-05-29 11:18:29 +00:00
  • 4f961aa651 merge lldb-21.1.6 robert 2026-05-29 11:07:21 +00:00
  • 7715a8ca53 import lldb from LLVM-21.1.6 robert 2026-05-29 11:06:49 +00:00
  • a7e9300def merge lld-21.1.6 robert 2026-05-29 11:06:20 +00:00
  • 61e157d395 import lld from LLVM-21.1.6 robert 2026-05-29 11:05:54 +00:00
  • 8b3cbedc09 merge clang-21.1.6 robert 2026-05-29 11:05:26 +00:00
  • d3ce770b47 import clang from LLVM-21.1.6 robert 2026-05-29 11:04:28 +00:00
  • e916227ab7 merge llvm-21.1.6 robert 2026-05-29 11:03:37 +00:00
  • d93fb232b2 import llvm from LLVM-21.1.6 robert 2026-05-29 11:00:35 +00:00
  • 2d3bf90322 Make qwx show the firmware's regulatory domain in debug logs, like iwx does. stsp 2026-05-29 09:52:10 +00:00
  • 3f9a422cb7 Add support for 40MHz channels to qwx. stsp 2026-05-29 09:40:04 +00:00
  • 72c0126504 Make qwx only allocate a new mbuf when a free Rx ring slot is available. stsp 2026-05-29 09:35:29 +00:00
  • 28069cabcf avoid calling bus_dmamap_create() from interrupt context in qwx stsp 2026-05-29 09:32:06 +00:00
  • 90f7da7527 Handle country code events sent by qwx firmware. stsp 2026-05-29 09:30:38 +00:00
  • 42d9a1e328 Use correct X position for redrawing wide characters. nicm 2026-05-29 07:49:01 +00:00
  • 10290f8a84 Note that the workaround for the ambiguous return value can also be used for timegm() job 2026-05-29 06:33:12 +00:00
  • 196122a0f5 free exec_package allocations in check_exec() error paths jsg 2026-05-29 05:34:51 +00:00
  • 87afa879b2 acme-client: use _get0_ instead of _getm_ for const correctness tb 2026-05-29 04:17:55 +00:00
  • cdf9fde269 acme-client: fix timegm(3) invocations tb 2026-05-29 04:12:22 +00:00
  • 92f51e7ecc vmd: Unbreak using images supplied with vmctl -b hshoexer 2026-05-28 20:31:57 +00:00
  • 8563f41508 Replace OF_getprop() to get "compatible" string with OF_getpropstr(). mglocker 2026-05-28 19:03:44 +00:00
  • dab52eb748 Introduce new FDT functions OF_getpropstr() and OF_freepropstr(). mglocker 2026-05-28 18:42:29 +00:00
  • 3136a9f960 unzero'd padding bytes in struct reg and struct fpreg (both machine dependent) leak kernel stack contents. from Andrew Griffiths at Calif deraadt 2026-05-28 17:24:32 +00:00
  • b8c7370936 A privileged guest can program an out-of-layout Virtio 1.x queue_avail address for the vioscsi device and then notify the queue. The host-side vioscsi device process dereferences a pointer derived from the unchecked offset and terminates with SIGSEGV. from Quarkslab ok hshoexer, mlarkin deraadt 2026-05-28 17:14:38 +00:00
  • 6237df7bcd A privileged guest can notify an invalid virtio-scsi queue index. The host-side vioscsi device process uses the guest-controlled value as an array index without a bounds check, interprets adjacent process memory as virtqueue metadata, and terminates with SIGSEGV. from Quarkslab ok hshoexer, mlarkin deraadt 2026-05-28 17:13:17 +00:00
  • b3d0df2d91 Do not call fatalx() on malformed guest-provided descriptor lengths. Reject the request and return without terminating the VM process. from Quarkslab ok hshoexer, mlarkin deraadt 2026-05-28 17:11:39 +00:00
  • 3d33c17faa A privileged guest can notify one invalid virtio-block queue index and terminate the host-side vioblk device process. In the confirmed run, this also caused the VM event thread to exit unexpectedly. from Quarkslab ok hshoexer, mlarkin deraadt 2026-05-28 17:10:44 +00:00
  • 7d1f47b8e7 A privileged guest can make the host-side vioblk backend read a descriptor outside the configured virtqueue descriptor table and interpret the out-of-table entry as a block request descriptor. In the confirmed run, the guest-controlled out-of-table descriptor made vmd(8) read and log a guest-chosen block command value, and the device entered DEVICE_NEEDS_RESET. from Quarkslab ok hshoexer, mlarkin deraadt 2026-05-28 17:09:38 +00:00
  • 25c1c09dc2 with llvm22, -Ttext also requires --image-base to be specified naddy 2026-05-28 16:35:12 +00:00
  • 653ddd2754 add volatile casts to qwx for arm64, as mglocker@ did in qwz stsp 2026-05-28 16:00:22 +00:00
  • 88178cee67 reset qwx command ring "queued" counter when the command ring gets reset stsp 2026-05-28 15:58:15 +00:00
  • d6cd1d52b6 ensure that qwx nq flags are always cleared when switching net80211 state stsp 2026-05-28 15:55:43 +00:00
  • b797722c2f fix number of tx/rx streams set in qwx mac config stsp 2026-05-28 15:54:17 +00:00
  • e422b92cd2 Revert a small part of the earlier adjout_prefix_dump diff. claudio 2026-05-28 14:01:46 +00:00
  • 0eb097dc92 In mrt_dump_entry_mp() improve the length calculation handling and stop using an uint16_t len that could overflow because of MAX_EXT_PKTSIZE. claudio 2026-05-28 13:15:08 +00:00
  • d4af99f6b5 Previous commit introduced a logic bug. claudio 2026-05-28 12:53:55 +00:00
  • 87165baa87 Bump limit for the build user to 2560M for loongson and octeon tb 2026-05-28 12:07:38 +00:00
  • 2f32edf4f8 Swap panes on z-index list as well. nicm 2026-05-28 11:17:35 +00:00
  • 56a24c5209 sbin/ifconfig: document new nwflag uapsd kirill 2026-05-28 10:52:39 +00:00
  • 30e95afee0 sys/iwx: enable uAPSD when supported by AP kirill 2026-05-28 10:51:52 +00:00
  • 003a64f611 sys/ieee80211: add support of uAPSD kirill 2026-05-28 10:50:47 +00:00
  • 4ffcb6ab92 Do not try to use last pane if there isn't one. nicm 2026-05-28 10:45:17 +00:00
  • 890b2d3043 Hide menu options that do not work for floating panes. nicm 2026-05-28 10:34:38 +00:00
  • c8ff91c234 Avoid infinite loop when parsing PFKEY replies hshoexer 2026-05-28 09:54:05 +00:00
  • 83d0de944a Adjust the adjout_prefix_dump walker to operate using the adjout_bid and stop using peer_get() in the walker. claudio 2026-05-28 09:10:22 +00:00
  • 765e3dd91f Ensure rib_dump_abort() only triggers for rib dumps and not for adjout prefix dumps by accident. claudio 2026-05-28 08:57:30 +00:00
  • c3567662a8 The extended nexthop capability only works with 'fib-update no' enfoce this in the parser. claudio 2026-05-28 08:47:09 +00:00
  • 44505f08bf Use the correct ranges when a pane is covered by a popup in tty_draw_pane. nicm 2026-05-28 08:43:57 +00:00
  • 7c837cf8e2 Obscured check should not be true if pane is same size as window. nicm 2026-05-28 07:58:45 +00:00
  • f263261d09 Check visible ranges for collected cell output. nicm 2026-05-28 07:23:52 +00:00
  • 78ae0b70c9 Fix signed integer overflow in column position tracking renaud 2026-05-28 07:01:46 +00:00
  • eaa2c80721 pf(4) currently ignores fragment direction (in vs. out) in pf_frnode_compare() function. sashan 2026-05-28 06:41:24 +00:00
  • 545182717d In rde_attr_missing() make sure the nexthop attribute is present if there is any nlri data. In rde_as4byte_fixup() only run if ATTR_ASPATH is present. claudio 2026-05-28 05:42:14 +00:00
  • 1617c35043 Test all mutually supported algorithms, using dropbear's new -Q option to query its algorithms where possible. dtucker 2026-05-27 23:04:36 +00:00
  • d00f99cd12 Bring in the single-cell redraw parts for floating panes. nicm 2026-05-27 20:57:53 +00:00
  • 3079a4a0a0 Do not adjust end position when removing partial padding, it does not change. nicm 2026-05-27 20:47:23 +00:00
  • a9dc73588c merge changes from unbound 1.25.1, ok florian sthen 2026-05-27 20:40:22 +00:00
  • 2f2d91a890 Check visible ranges when copying screens. nicm 2026-05-27 19:43:46 +00:00
  • cd72e3e34f Add an accessor function needed for floating panes. nicm 2026-05-27 19:36:04 +00:00
  • fe658f293a Add window-pane-status-format options and adjust the default second status line to show panes, also change how window-style is checked now it is a pane option. nicm 2026-05-27 18:57:10 +00:00
  • 15e936debb Floating panes clearing bits. nicm 2026-05-27 16:25:01 +00:00
  • 8d2070f250 use I/O submission queue entry size reported by controller jcs 2026-05-27 15:04:14 +00:00
  • 58ff4898d9 Use the new RELINK feature in bsd.prog.mk to build the relink kits. deraadt 2026-05-27 13:57:26 +00:00