summaryrefslogtreecommitdiffstats
path: root/lib/libc/rpc
Commit message (Collapse)AuthorAgeFilesLines
* MFC r320494: Fix double free by reverting r300385 and r300624 which wasdelphij2017-07-031-3/+1
| | | | false positive reported by cppcheck.
* MFC r320216: Fix use-after-free introduced in r300388.delphij2017-06-251-1/+2
| | | | | | | | | | | In r300388, endnetconfig() was called on nc_handle which would release the associated netconfig structure, which means tmpnconf->nc_netid would be a use-after-free. Solve this by doing endnetconfig() in return paths instead. Reported by: jemalloc via kevlo Reviewed by: cem, ngie (earlier version)
* MFC r319369:delphij2017-06-063-12/+22
| | | | | | | | | | | | | * limit size of buffers to RPC_MAXDATASIZE * don't leak memory * be more picky about bad parameters From: https://raw.githubusercontent.com/guidovranken/rpcbomb/master/libtirpc_patch.txt https://github.com/guidovranken/rpcbomb/blob/master/rpcbind_patch.txt via NetBSD.
* MFC r317660, r317710brooks2017-05-151-4/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | r317660: Support clnt_raw's use of FD_SETSIZE as a fake file descriptor. Accomplish this by allocating space for it in __svc_xports and allowing it to be registered. The failure to allocate space was causing an out-of-bounds read in svc_getreq_common(). The failure to register caused PR 211804. The bug was found with CHERI bounds checking. PR: 211804 Obtained from: CheriBSD Sponsored by: DARPA, AFRL Reviewed by: ngie Differential Revision: https://reviews.freebsd.org/D10528 r317710: Remove expected failure now that it was fixed in r317660. PR: 211804 Reviewed by: ngie Obtained from: CheriBSD Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D10576
* MFC r264196:ngie2016-12-032-2/+5
| | | | | | | r264196 (by theraven): Move definitions out of rpc_com so that the linker doesn't complain about multiple definitions.
* MFC r296133:ngie2016-12-032-3/+3
| | | | | | | | | | | r296133 (by pfg): RPC: update the getrpcbyname() definition to include a const qualifier. Add const qualifier making getrpcbyname() and getrpcbyname_r() prototypes match those used in latest Sun RPC code (TI-RPC 2.3). Obtained from: NetBSD
* MFC r301734:ngie2016-12-031-1/+1
| | | | | | r301734 (by kevlo): Fix the rpcb_getaddr() definition to match its declaration.
* MFC r296404:ngie2016-12-031-8/+8
| | | | | | | | r296404 (by pfg): Stray tabs and spaces. No functional change.
* MFC r287353:ngie2016-12-031-1/+1
| | | | | | | | r287353 (by rodrigc): Use unsigned variable. Eliminates gcc 4.9 compiler warning.
* MFC r296386:ngie2016-12-031-16/+20
| | | | | | | | | | | r296386 (by pfg): Work around aliasing issues detected in modern GCC. Avoid casting gymnastics that lead to pointer aliasing by introducing an inline function as done in NetBSD (but without #if0'd WIP code). Obtained from: NetBSD (CVS Rev. 1.24, 1.25)
* MFC r278039:ngie2016-12-031-0/+1
| | | | | | | | r278039 (by pfg): Resource leak CID: 1016703
* MFC r288017:ngie2016-12-031-69/+31
| | | | | | | | r288017 (by rodrigc): Use ANSI C prototypes. Eliminates gcc 4.9 warnings.
* MFC r288995:ngie2016-12-032-4/+4
| | | | | | | r288995 (by rodrigc): Use proper function prototypes. Eliminates -Wstrict-prototypes warning
* MFC r287347:ngie2016-12-031-21/+7
| | | | | | | | r287347 (by rodrigc): Use ANSI C prototypes. Eliminates gcc 4.9 warnings.
* MFC r301754,r301769:ngie2016-12-034-26/+26
| | | | | | | | | | | | | | | | | | r301754 (by pfg): libc/rpc: Make use of some xdr_* macros. xdr_rpcprog and xdr_rpcvers were broken in older versions of FreeBSD but were fixed in r296394. Give them some use hoping they help make the code somewhat more readable. r301769 (by pfg): libc/rpc: Make use of some xdr_* macros. (part 2) xdr_rpcproc, xdr_rpcprog and xdr_rpcvers were broken in older versions of FreeBSD but fixed in r296394. Give them some use hoping they help make the code somewhat more readable.
* MFC r278041:ngie2016-12-031-1/+1
| | | | | | | | | | | | r278041 (by pfg): rpc: Uninitialized pointer read Initialize *xprt to avoid exposing a random value in cleanup_svc_vc_create. CID: 1018723 Phabric: D1749
* MFC r287341,r287342,r287348:ngie2016-12-0316-399/+184
| | | | | | | | | | | | | | | | | | r287341 (by rodrigc): Use ANSI C prototypes. Eliminates gcc 4.9 warnings. r287342 (by rodrigc): Mark unused parameters to reduce gcc 4.9 warnings. r287348 (by rodrigc): Use correct function prototype for signal handler. Eliminates gcc 4.9 warning.
* MFC r288113:ngie2016-12-0335-409/+235
| | | | | | r288113 (by rodrigc): Use ANSI C prototypes. Eliminates -Wold-style-definition warnings.
* MFC r297790:ngie2016-12-034-13/+13
| | | | | | | | | | | r297790 (by pfg): libc: replace 0 with NULL for pointers. While here also cleanup some surrounding code; particularly drop some malloc() casts. Found with devel/coccinelle.
* MFC r287350:ngie2016-12-035-12/+12
| | | | | | | | r287350 (by rodrigc): Use ANSI C prototypes. Eliminates gcc 4.9 warnings.
* MFC r303889:pfg2016-09-081-1/+1
| | | | | | | | libc/rpc: replace comma with semicolon when pertinent. Uses of commas instead of a semicolons can easily go undetected. The comma can serve as a statement separator but this shouldn't be abused when statements are meant to be standalone.
* MFC r301704:ngie2016-06-111-1/+1
| | | | Test for strchr(3) returning NULL, not 0
* MFC r300624:ngie2016-06-081-2/+3
| | | | | | | | | | | | Fix up r300385 I accidentally glossed over the fact that tmp is manipulated via strchr, so if we tried to free `tmp` after r300385, it would have crashed. Create a separate pointer (tmp2) to track the original allocation of `tmp`, and free `tmp2` if `p->nc_lookups` can't be malloced CID: 1356026
* MFC r300385:ngie2016-06-081-0/+1
| | | | Don't leak `tmp` if `p->nc_lookups` can't be malloced
* MFC r300386:ngie2016-06-081-1/+3
| | | | | | | Don't leak `handle` if svc_tp_create(..) succeeds and allocating a new struct xlist object fails CID: 978277
* MFC r300387,r300388,r300389:ngie2016-06-083-12/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | r300387: getnetid(..): consistently fclose fd at the end of the function This mutes a false positive with cppcheck, but also helps eliminate future potential issues with this variable r300388: Call endnetconfig on nc_handle sooner to avoid leaking nc_handle if tmpnconf was NULL This would theoretically happen if the netconfig protocol family and protocol semantics were never matched. CID: 978179 r300389: nis_rpcent: don't leak resultbuf from yp_first(..)/yp_next(..) If the buffer couldn't be adequately resized to accomodate an additional "\n", it would leak resultbuf by breaking from the loop early CID: 1016702
* MFC r300620,r300621:ngie2016-06-081-1/+2
| | | | | | | | | | | | | | | | | | | | | r300620: Use reallocf instead of malloc to fix leak with outbuf_pmap The previous code overwrote outbuf_pmap's memory with malloc once per loop iteration, which leaked its memory; use reallocf instead to ensure that memory is properly free'd each loop iteration. Add a outbuf_pmap = NULL in the failure case to avoid a double-free at the bottom of the function. CID: 1038776 r300621: Remove redundant NULLing of outbuf_pmap If reallocf ever failed, outbuf_pmap would already be NULL
* MFC r296095:pfg2016-03-271-1/+1
| | | | | | | | rpc: fix failure to clear string by passing the wrong size to memset. Noted by NetBSD's PR/21014 Obtained from: NetBSD (CVS Rev. 1.24, 1.25)
* MFC r293715:ngie2016-01-191-2/+2
| | | | | | | | | | Fix a mismerge from NetBSD in r162194 with `xdr_rpcb_entry_list_ptr(..)` This fixes the potential NULL pointer dereference properly, and also fixes memory leaks encountered in the process of iterating through `*rp`. Found by: Valgrind Submitted by: Miles Ohlrich <miles.ohlrich@isilon.com>
* MFC r293705:ngie2016-01-181-2/+2
| | | | | | | | | Similar to r293704, fix theoretical leak of netconfig(3) resources in __rpcbind_is_up(..) if getnetconfig(3) is partly successful in allocating resources, but not completely successful by moving the endnetconfig(3) call up before we return from the function if nconf == NULL. Submitted by: Miles Ohlrich <miles.ohlrich@isilon.com>
* MFC r293704:ngie2016-01-181-1/+1
| | | | | | | | | | | | Fix theoretical leak of netconfig(3) resources in svcunix_create(..) In the event that the getconfig(3) call in svcunix_create is partly successful, some of the netconfig(3) resources allocated might be leaked if the call returns NULL as endnetconfig(3) wasn't called explicitly in that case. Ensure that the resources are fully cleaned up by going to the `done` label, which will call endnetconfig(3) for us. Submitted by: Miles Ohlrich <miles.ohlrich@isilon.com>
* MFC r292047: RPC: populate local address for rendezvous transporter.stas2016-01-081-2/+16
|
* MFC r278932:ngie2015-12-012-4/+1
| | | | | | | | | | | r278932 (by pfg): libc: clean some set-but-not-used errors. These were found by gcc 5.0 on Dragonfly BSD, however I made no attempt to silence the false positives. Obtained from: DragonFly (cf515c3a6f3a8964ad592e524442bc628f8ed63b)
* MFC r290253:ngie2015-11-1610-49/+25
| | | | | | | Remove unnecessary `if (x)` tests before calling `free(x)`; free(3) already employs this check Sponsored by: EMC / Isilon Storage Division
* MFC r258580:hrs2014-10-091-335/+0
| | | | | | | | | | | | | | | | | | | | | Replace Sun RPC license in TI-RPC library with a 3-clause BSD license, with the explicit permission of Sun Microsystems in 2009. MFC r258581, 258582: Replace Sun Industry Standards Source License for Sun RPC code with a 3-clause BSD license as specified by Oracle America, Inc. in 2010. This license change was approved by Wim Coekaerts, Senior Vice President, Linux and Virtualization at Oracle Corporation. MFC r259117, 259118: Replace Sun RPC license with a 3-clause BSD license. This license change was approved in 2010 by Wim Coekaerts, Senior Vice President, Linux and Virtualization at Oracle Corporation. MFC r259417: Replace Sun RPC license for TI-RPC library with a 3-clause BSD license, with the explicit permission of Sun Microsystems in 2009. The code in question in this file was copied from lib/libc/rpc/pmap_getport.c.
* MFC: r265238, r265240brueffer2014-05-161-8/+6
| | | | | | | Properly free resources in case of error. CID: 1007032 Found with: Coverity Prevent(tm)
* MFC r258578, r258580, r258581 (by hrs):mav2014-01-2253-1422/+1353
| | | | | Replace Sun RPC license in TI-RPC library with a 3-clause BSD license with the explicit permissions.
* Assign the len field of the netbuf structure to the current length ofkevlo2013-03-011-1/+1
| | | | | | a sockaddr. Obtained from: NetBSD
* rpc: convert all uid and gid variables to u_int.pfg2012-10-044-7/+8
| | | | | | | | | | | After further discussion, instead of pretending to use uid_t and gid_t as upstream Solaris and linux try to, we are better using u_int, which is in fact what the code can handle and best approaches the range of values used by uid and gid. Discussed with: bde Reviewed by: bde
* rpc: convert all uid and gid variables of the type uid_t and gid_t.pfg2012-10-031-3/+3
| | | | | | | | | | The previous change (based on Solaris) doesn't work properly either as the casting only has the effect of quieting the compiler. Move back to the previous solution but adjust the sizeof() type in xdr_array(). This should mostly work (by accident). Reported by: bde
* rpc: convert all uid and gid variables of the type uid_t and gid_t.pfg2012-10-031-5/+5
| | | | | | | | | | | | | | As part of the previous commit, uses of xdr_int() were replaced with xdr_u_int(). This has undesired effects as the second argument doesn't match exactly uid_t or gid_t. It also breaks assumptions in the size of the provided types. To work around those issues we revert back to the use of xdr_int() but provide proper casting so the behaviour doesn't change. While here fix a style issue in the affected lines. Reported by: bde
* libtirpc: be sure to free cl_netid and cl_tppfg2012-10-021-0/+4
| | | | | | | | | | | | | When creating a client with clnt_tli_create, it uses strdup to copy strings for these fields if nconf is passed in. clnt_dg_destroy frees these strings already. Make sure clnt_vc_destroy frees them in the same way. This change matches the reference (OpenSolaris) implementation. Tested by: David Wolfskill Obtained from: Bull GNU/Linux NFSv4 Project (libtirpc) MFC after: 2 weeks
* Fix __rpc_getconfippfg2012-10-021-2/+4
| | | | | | | | | | | | | | __rpc_getconfip is supposed to return the first netconf entry supporting tcp or udp, respectively. The code will currently return the *last* entry, plus it will leak memory when there is more than one such entry. This change matches the reference (OpenSolaris) implementation. Tested by: David Wolfskill Obtained from: Bull GNU/linux NFSv4 Project (libtirpc) MFC after: 1 week
* RPC: Convert all uid and gid variables of the type uid_t and gid_t.pfg2012-10-024-11/+9
| | | | | | | | This matches what upstream (OpenSolaris) does. Tested by: David Wolfskill Obtained from: Bull GNU/Linux NFSv4 project (libtirpc) MFC after: 3 days
* Complete revert of r239963:pfg2012-09-278-41/+19
| | | | | | | | | | | | | | | The attempt to merge changes from the linux libtirpc caused rpc.lockd to exit after startup under unclear conditions. After many hours of selective experiments and inconsistent results the conclusion is that it's better to just revert everything and restart in a future time with a much smaller subset of the changes. ____ MFC after: 3 days Reported by: David Wolfskill Tested by: David Wolfskill
* Partial revert of r239963:pfg2012-09-241-4/+0
| | | | | | | | | | | | | | | | | The following change caused rpc.lockd to exit after startup: ____ libtirpc: be sure to free cl_netid and cl_tp When creating a client with clnt_tli_create, it uses strdup to copy strings for these fields if nconf is passed in. clnt_dg_destroy frees these strings already. Make sure clnt_vc_destroy frees them in the same way. ____ MFC after: 3 days Reported by: David Wolfskill Tested by: David Wolfskill
* Rework all non-contributed files that use `struct timezone'.ed2012-09-012-2/+2
| | | | | | | | | | | | | | This structure is not part of POSIX. According to POSIX, gettimeofday() has the following prototype: int gettimeofday(struct timeval *restrict tp, void *restrict tzp); Also, POSIX states that gettimeofday() shall return 0 (as long as tzp is not used). Remove dead error handling code. Also use NULL for a nul-pointer instead of integer 0. While there, change all pieces of code that only use tv_sec to use time(3), as this provides less overhead.
* Bring some changes from Bull's NFSv4 libtirpc implementation.pfg2012-09-019-19/+45
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We especifically ignored the glibc compatibility changes but this should help interaction with Solaris and Linux. ____ Fixed infinite loop in svc_run() author Steve Dickson Tue, 10 Jun 2008 12:35:52 -0500 (13:35 -0400) Fixed infinite loop in svc_run() ____ __rpc_taddr2uaddr_af() assumes the netbuf to always have a non-zero data. This is a bad assumption and can lead to a seg-fault. This patch adds a check for zero length and returns NULL when found. author Steve Dickson Mon, 27 Oct 2008 11:46:54 -0500 (12:46 -0400) ____ Changed clnt_spcreateerror() to return clearer and more concise error messages. author Steve Dickson Thu, 20 Nov 2008 08:55:31 -0500 (08:55 -0500) ____ Converted all uid and gid variables of the type uid_t and gid_t. author Steve Dickson Wed, 28 Jan 2009 12:44:46 -0500 (12:44 -0500) ____ libtirpc: set r_netid and r_owner in __rpcb_findaddr_timed These fields in the rpcbind GETADDR call are being passed uninitialized to CLNT_CALL. In the case of x86_64 at least, this usually leads to a segfault. On x86, it sometimes causes segfaults and other times causes garbage to be sent on the wire. rpcbind generally ignores the r_owner field for calls that come in over the wire, so it really doesn't matter what we send in that slot. We just need to send something. The reference implementation from Sun seems to send a blank string. Have ours follow suit. author Jeff Layton Fri, 13 Mar 2009 11:44:16 -0500 (12:44 -0400) ____ libtirpc: be sure to free cl_netid and cl_tp When creating a client with clnt_tli_create, it uses strdup to copy strings for these fields if nconf is passed in. clnt_dg_destroy frees these strings already. Make sure clnt_vc_destroy frees them in the same way. author Jeff Layton Fri, 13 Mar 2009 11:47:36 -0500 (12:47 -0400) Obtained from: Bull GNU/Linux NFSv4 Project MFC after: 3 weeks
* Jump to the failed label instead of doing cleanup ourselves.brueffer2012-07-151-2/+1
| | | | | Obtained from: DragonFly BSD MFC after: 2 weeks
* General mdoc(7) and typo fixes.gjb2012-05-111-2/+2
| | | | | | PR: 167734 Submitted by: Nobuyuki Koganemaru (kogane!jp.freebsd.org) MFC after: 3 days
OpenPOWER on IntegriCloud