openbsd/src
1
0
Fork 0
mirror of https://github.com/openbsd/src.git synced 2026-06-18 07:13:36 +02:00
Code Activity

Commit Graph

  • 25d4b1a857 sync deraadt 2026-05-15 19:23:10 +00:00
  • d74df432a3 After ifconfig qwz0 down followed by ifconfig qwz0 up, the second up would fail with SIOCSIFFLAGS: Resource temporarily unavailable, and after the first failure the device could not be brought up at all until reboot. The same symptom appeared when changing nwid while the interface was up (which internally does down+up). mglocker 2026-05-15 19:02:12 +00:00
  • 52e5aa71cf Xr qwz deraadt 2026-05-15 15:59:45 +00:00
  • f27bcf431e Add qwz(4) man page. mglocker 2026-05-15 15:55:45 +00:00
  • 942dcce546 bump datasize to 2176M for the build class in prep for llvm22 robert 2026-05-15 15:31:32 +00:00
  • 5c88c315fd remove commented-out unused namei structure fields not used for a long time ok beck deraadt 2026-05-15 15:26:35 +00:00
  • f8a50308c9 Fix signed integer overflow in repetition count renaud 2026-05-15 14:24:44 +00:00
  • bb05e5515c relayd: allow explicit paths for certificates, keys and OCSP staples rsadowski 2026-05-15 13:57:24 +00:00
  • bc45653046 incorrect test for error deraadt 2026-05-15 13:56:16 +00:00
  • 29015066fd remove -Wno-uninitialized, no warnings seen with gcc4 or clang ok dlg@ jsg 2026-05-15 12:25:04 +00:00
  • 450386e668 frag6_input(): must always decrement counter when dropping fragment sashan 2026-05-15 09:42:46 +00:00
  • bcab7b1625 correct mdoc macro ordering jsg 2026-05-15 04:55:45 +00:00
  • 3a78a8aa26 remove tab at end of line jsg 2026-05-15 04:47:23 +00:00
  • 8e47d2e8b1 Insist on opening only regular files. (On OpenBSD, the directory case is handled by the kernel, but I want to stop other weird stuff) ok millert, dgl deraadt 2026-05-15 01:28:28 +00:00
  • 0e67b3de4b Make __pledge_open(2) of /etc/localtime and /usr/share/zoneinfo much more strict. If /etc/localtime is a symbolic link, allow one translation which must land cleanly in /usr/share/zoneinfo (.. is checked for) otherwise error with EACCES. In /usr/share/zoneinfo, do not allow symbolic links and error with ELOOP. Alfredo Ortega observed the non-strict handling, but agrees no specific exploitability exists. Changing this took almost a month with many discarded prototypes. ok beck dgl deraadt 2026-05-15 00:39:21 +00:00
  • 7de45d7417 If the main process receives an oversized passwd or group entry message from the ldap client process, discard it rather than overflowing the struct idm_req on the stack. jmatthew 2026-05-14 23:30:55 +00:00
  • 42dace0dca Rework the re-evaluation of a prefix if PREFIX_FLAG_FILTERED changed. claudio 2026-05-14 18:47:32 +00:00
  • 3e6d065e20 Enable qwz(4) for amd64 and arm64 RAMDISK. mglocker 2026-05-14 16:22:31 +00:00
  • 52e845de55 Enable qwz(4) for amd64 and arm64 GENERIC. mglocker 2026-05-14 16:20:27 +00:00
  • 296b4ef39b Get qwz(4) in to an initial working state (assoc/rx/tx). mglocker 2026-05-14 16:17:20 +00:00
  • 9f6962b18e Transplant the EL2 virtual timer interrupt into the ACPI device tree if it is provided in the GTDT table. Based on a diff from Marc Zyngier. kettenis 2026-05-14 12:26:58 +00:00
  • 968aaf5f90 If either tcp_md5_set() or pfkey_establish() fail then also fail the ongoing connect. claudio 2026-05-14 12:26:44 +00:00
  • adeebfb536 regen kettenis 2026-05-14 12:24:22 +00:00
  • 8929254707 Add "interrupt-names" property to the timer node. kettenis 2026-05-14 12:23:30 +00:00
  • 1154592b83 In log_evpnaddr() the labellen for EVPN_ROUTE_TYPE_2 can either be 3 or 6. claudio 2026-05-14 11:32:52 +00:00
  • 0d274ac1c7 Sync cert.pem with mozilla roots; quite a few CA certificates were either removed or distrusted for web so are removed here. ok tb@ sthen 2026-05-14 11:00:10 +00:00
  • 2d1e55dd45 dhcpleased: Make sure to use VIS_NL with stravis() dgl 2026-05-14 06:09:50 +00:00
  • 184d3020b1 dhcpleased: Change rdns_count to size_t dgl 2026-05-14 06:04:08 +00:00
  • e1870fcb19 dhcpleased: Validate size of imsg_dhcp.len dgl 2026-05-14 05:53:13 +00:00
  • e9f2703751 dhcpleased: Ensure imsg is zeroed in send_routes_withdraw. dgl 2026-05-14 05:40:57 +00:00
  • 290bb83e25 mitigate AMD Zen-2 operation cache corruption jsg 2026-05-14 01:39:38 +00:00
  • 86898828a4 Limit the maximum value of shminfo.shmseg to prevent `size' overflow in sys_shmat(). The default value of 128 is safe, but overflow could happen on 32 bits machine while the value of shminfo.shmseg was raised too high. mvs 2026-05-13 21:05:23 +00:00
  • df213ff76c Add const void *data to attr_optadd() claudio 2026-05-13 18:50:09 +00:00
  • adef1dd91f Add the extended message capability to the if statement that checks if the peer has anything enabled. Missed when adding ext_msg support. claudio 2026-05-13 15:51:49 +00:00
  • ed5454cb43 Introduce ch_ext a struct holding the table an meta data pointers for the extendible hash. claudio 2026-05-13 15:19:07 +00:00
  • 77e7bd64d5 In the disklabel check for specific fields with value 0, and return early before trying to check for a byte-swapped label. This avoids a /0 in the byte-swapped partition check. ok krw, also discussed with krw deraadt 2026-05-13 15:14:51 +00:00
  • b2bba96bba Fix heap buffer overread in compile_delimited() renaud 2026-05-13 15:12:54 +00:00
  • 5585cfd7a0 Do not fatal in pt_fill() instead return an error object that can never exist. claudio 2026-05-13 15:12:14 +00:00
  • 9f9eafeabd strict localtime / zoneinfo __pledge_open() behaviours coming soon deraadt 2026-05-13 14:45:38 +00:00
  • 7ef9c5a333 The ktrace signal structure ktr_psig needs to be zero'd before filling in for providing to userland. from Stuart Thomas deraadt 2026-05-13 14:18:20 +00:00
  • c587bd0da4 Link-local addresses for nexthops also need to check scope_id. claudio 2026-05-13 14:06:24 +00:00
  • 26144a9b12 Return error on unhandled imsg types in the adj-rib-out case. claudio 2026-05-13 14:01:29 +00:00
  • 4b6a313270 Add missing pfkey_remove() calls in error paths for RTR socket establishment. claudio 2026-05-13 13:49:55 +00:00
  • 08e3032d16 Fix a couple of bugs in tty_draw_line: do not loop forever if orphan padding appears, or if a wide character is trimmed at the right of the region. Much help with testing from qingliu at alauda dot io in GitHub issue 5024. nicm 2026-05-13 13:12:23 +00:00
  • 9bae5dc35e avoid calling free() on an uninitialised pointer from an error path ok sashan@ henning@ jsg 2026-05-13 12:07:10 +00:00
  • 64f9c4f872 Update supported features for Foot, from Meriel Luna Mittelbach in GutHub issue 5079. nicm 2026-05-13 10:24:57 +00:00
  • 693b99e8f0 Add missing memcpy calls for auth_key_in / out in merge_auth_conf() claudio 2026-05-13 09:25:11 +00:00
  • 6aa7681852 Error handling the double reallocarray in ch_table_resize() is tricky. claudio 2026-05-13 08:57:39 +00:00
  • b2811ee9f2 Do not crash if set progress bar with no pane, from Dane Jensen. nicm 2026-05-13 08:25:05 +00:00
  • db0e41b4c9 use nowake for sleep wait channel instead of an uninitialised stack variable jsg 2026-05-13 06:24:20 +00:00
  • f425d76311 avoid validating bad cipher or mac lists in config files / commandline arguments as valid. djm 2026-05-13 05:58:58 +00:00
  • 2641a72f32 fix hard-to-reach NULL deref during pubkey auth djm 2026-05-13 05:11:02 +00:00
  • 046e903479 rpki-client: fix incomplete strncmp() check tb 2026-05-13 04:38:42 +00:00
  • e4048c139e Fix bad sizes in certain graceful restart imsgs. claudio 2026-05-12 20:27:31 +00:00
  • 104c674285 Update libexpat to version 2.8.1. bluhm 2026-05-12 19:16:16 +00:00
  • 45b0498dd7 getservice() needs to return the port in host byte order but getservbyname() returns the value in network byte order. Add some ntohs() for those poor little endian systems. claudio 2026-05-12 16:03:14 +00:00
  • 44680a3df8 ibuf_set_maxsize() need to ensure that the invariants are upheld by checking also that wpos and size are not bigger then the new max. claudio 2026-05-12 16:01:15 +00:00
  • a9d2f8a3b2 check_sym: do not run output commands twice naddy 2026-05-12 15:14:41 +00:00
  • 95317e4bbb Add a guarded .note.GNU-stack section to crypto assembly files. jsing 2026-05-12 15:07:30 +00:00
  • 8d2ac6290b Fix buglet introduced in 1.85; from clang -Wsometimes-uninitialized via jsg@ miod 2026-05-12 14:49:35 +00:00
  • f3d22318ec Fix double-close on header-step failure renaud 2026-05-12 14:00:24 +00:00
  • 7bfd65388e sync deraadt 2026-05-12 13:22:59 +00:00
  • 5e6d4834f2 Dropbear recently added a -Q option; use it to query KEX if available. dtucker 2026-05-12 13:02:40 +00:00
  • 81ff968f5f Make pane offsets signed, needed for floating panes. nicm 2026-05-12 12:05:41 +00:00
  • 29b719f236 Turn off the "is this a paste" guessing if the terminal supports bracket pasting instead, GitHub issue 5031. nicm 2026-05-12 10:28:09 +00:00
  • 5415fe387d Check FIONREAD for all panes not just piped panes, fixes issues with tests, GitHub issue 4807. nicm 2026-05-12 09:37:25 +00:00
  • ac50d6fb3c revert last KASSERT(x != 0) to prevent division by zero just after doesn't help anything, division by 0 blows up nicely by itself with a very clear message. excessive comments and things like useless KASSERTs just make it much harder to follow the actual code. ok sashan henning 2026-05-12 09:34:00 +00:00
  • 92944b0c23 Fix infinite loop due to underflow when redrawing scrollbar, from Pavel Lavrukhin in GitHub issue 4932. nicm 2026-05-12 09:32:49 +00:00
  • 56e3e05f93 Fix control mode teardown ordering for queued pane output, GitHub issue 5064 from Aaron Campbell. nicm 2026-05-12 09:27:28 +00:00
  • 6094ca7ea8 Introduce MAX_ADDPATH_COUNT (set to 100) and use this as the maximum for the add-path send plus and max arguments. claudio 2026-05-12 09:12:49 +00:00
  • 9f06b4d0de make sure the command is set to config when writing config register bits jsg 2026-05-12 08:54:08 +00:00
  • 6002e71c72 Fix signed overflow in ieee80211_40mhz_valid_secondary_below(). The secondary_chan variable should be uint8_t instead of int8_t, matching ieee80211_40mhz_valid_secondary_above(). kevlo 2026-05-12 01:39:42 +00:00
  • cd8e329751 Update libexpat to version 2.8.0 bluhm 2026-05-11 22:41:23 +00:00
  • febc1864b3 usr.sbin/httpd: widen server flags to 64-bit integers kirill 2026-05-11 22:33:10 +00:00
  • 369ac04692 In merge_peers() also set local_bgpid for cloned peers, not only regular peers and templates. claudio 2026-05-11 20:33:39 +00:00
  • 47daa359d3 regen kettenis 2026-05-11 20:17:17 +00:00
  • 9444197c92 Add RK3576. kettenis 2026-05-11 20:16:46 +00:00
  • e75184ca9f Add CONTEXT section that documents when it is safe to call each bus_dma API function. kettenis 2026-05-11 19:44:17 +00:00
  • fc1b4f56fe Impose the same MAX_ASPA_SPAS_COUNT limit onto the merged APSA sets that are sent to the RDE. claudio 2026-05-11 18:46:43 +00:00
  • 2011f94b76 In merge_aspa_set() do the MAX_ASPA_SPAS_COUNT check the same way it is done in the rest of the code and by doing so fix a harmless off by one error. claudio 2026-05-11 18:41:06 +00:00
  • 955e2d57b5 For clarity, improve the __pledge_open documentation deraadt 2026-05-11 13:08:52 +00:00
  • 5932f6b5f9 switch loop condition from pointer to integer arithmetic naddy 2026-05-11 12:58:52 +00:00
  • 0517f5731d Track the number of elements in the array instead of the highest possible bit. claudio 2026-05-11 12:14:38 +00:00
  • 94baf1f2e7 Improve error checking of received packets. kettenis 2026-05-11 10:25:52 +00:00
  • 9c5367037e move bpf for outgoing packets later in the transmit path. dlg 2026-05-11 06:41:29 +00:00
  • 65040e2d47 sys/param.h includes machine/param.h, no need to include both jsg 2026-05-11 06:24:47 +00:00
  • f5469ce0cf sys/mutex.h includes machine/mutex.h, no need to include both jsg 2026-05-11 06:13:54 +00:00
  • 2948bb8c66 sys/exec.h includes machine/exec.h, no need to include both jsg 2026-05-11 06:09:45 +00:00
  • 59ecda1f93 Almost 26 years ago, when sti(4) was rewritten as an MI driver, some of the pci-related defines for the "bus support" field in the rom information were incorrectly defined. This was not noticed as there was no pci attachment for sti devices yet. miod 2026-05-10 15:57:38 +00:00
  • bf258236f7 rsa_padding_test: %i -> %d tb 2026-05-10 14:08:02 +00:00
  • 3e8b0da386 Slightly adjust BUGS section for X509_addr_add_range() tb 2026-05-10 10:35:20 +00:00
  • 0c63cf0b55 usr.sbin/httpd: inherit gzip-static in locations kirill 2026-05-10 10:02:04 +00:00
  • c1b303c820 While technically allowed, shared libraries without PT_LOAD segments don't really make any sense. Bail out early to avoid the bits of code that assume that we have a PT_LOAD sagment. This avoids a NULL pointer dereference on i386 (which uses library_mquery.c) or bogus mmap calls on other architectures (which use library.c). kettenis 2026-05-10 09:10:02 +00:00
  • 12d23b4faa Initialize ih_intrpin for regular (non-vector) MSI interrupts as well. Fixes regular MSIs on the SpacemiT K1 SoC. kettenis 2026-05-10 08:47:22 +00:00
  • e7eed89148 openssl s_socket: do not fail accept on reverse DNS lookup failure kenjiro 2026-05-10 03:26:07 +00:00
  • 3013aa3344 libc: declare _hwcap and related variables as hidden naddy 2026-05-09 19:39:14 +00:00
  • e291ae3995 The regression fix in rev. 1.271 was still incomplete. schwarze 2026-05-09 19:02:53 +00:00
  • 33e6d7cf80 Add kernel support for the vector extension on riscv64. jsing 2026-05-09 17:38:50 +00:00
  • c044176a43 openssl crl: make verify failure result in "app" failure tb 2026-05-09 14:28:18 +00:00
  • b78e33bdcf openssl ecparam: make EC_GROUP_check() failure result in "app" failure tb 2026-05-09 14:24:58 +00:00