| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
for the C library call, which is a wrapper that passes it by reference
to the kernel.
|
|
|
|
|
| |
Pointed-Out-By: swallace
Person-With-Commit-Privs-By-Whom-It-Should-Have-Been-Committed: swallace
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
Vulnerable: all programs that use setlocale(LC_COLLATE),
setlocale(LC_CTYPE), or setlocale(LC_ALL). The only setuid/setgid
binary i've found for this is w(1).
Should go into 2.2.
|
| |
|
|
|
|
|
|
|
|
| |
reader will know that this information does apply to FreeBSD also.
Closes PR# 1618.
This can go into 2.2.
|
| |
|
|
|
|
| |
that purpose instead of space below the stack.
|
|
|
|
|
| |
every call. The damage was sometimes limited by other routines using
and freeing stack slots that should have been empty to being with.
|
|
|
|
|
|
| |
not yet implemented is protected by a define (BSD4_4_LITE)
that should be removed when this call is supported by the
kernel.
|
|
|
|
| |
Pointed out by: wollman, bde
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I've added an installation from optical disk drive facility.
This enables FreeBSD to be installed from an optical disk, which
may be formatted in "super floppy" style or sliced into MSDOS-FS
and UFS partitions.
Note: ncr.c should be reviewed by Stefan Esser <se@freebsd.org>
and cd.c by Joerg Wunsch <joerg@freebsd.org> before bringing this
into 2.2.
Submitted-By: Shunsuke Akiyama <akiyama@kme.mei.co.jp>
|
|
|
|
|
|
|
|
| |
it.
Closes PR # bin/2196: Bug in src/libc/gen/gettty...
Submitted by: davidn@blaze.net.au (David Nugent)
|
|
|
|
|
|
| |
local variable use.
Found by: actually using ascii2addr() :-/
|
| |
|
| |
|
|
|
|
|
|
| |
in lots of unrelated junk from <net/if.h> and <net/if_ether.h>. These
functions still aren't prototyped anywhere (but should be in
<net/ethernet.h>---got that, Bill?).
|
|
|
|
|
|
| |
changes that were lost.
Pointed out by: bde
|
|
|
|
| |
Submitted by: Daniel O'Callaghan" <danny@panda.hilink.com.au>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and he said:
The 3rd agrument is new; looks like it was part of the upgrade to
a new BIND with some IPv6 support. The third argument here should be
AF_INET. In order for it to be anything else, I'd have to add new
NIS functions to support IPv6 lookups. I don't even know what those
look like yet.
So there ya go, add AF_INET as the 3rd argument to the call.
Submitted-by: wpaul
|
|
|
|
|
| |
have simply been passed as arrays. In some cases, casts had even
been added to remove the warnings generated by such misuse! Aieee!
|
|
|
|
|
| |
Everyone please call ParaSoft today and say "I will buy 57 copies of
Insure++ tomorrow, but first I want a FreeBSD version." :-)
|
|
|
|
|
|
|
| |
copy of insure++, too bad the runtime only works for BSD/OS. :-(
Maybe they'll be so impressed by my initial 15 entry bug report for it
that they'll take the FreeBSD version more seriously. :-) :-)
|
|
|
|
| |
when buildkey is expecting a char *.
|
|
|
|
|
| |
RTFM'ing. Either both the header files and the man pages are wrong
or this code is, and I'll take the majority decision. :-)
|
|
|
|
| |
Found-By: insight's "insure++" tool.
|
|
|
|
|
|
| |
access. Closes PR# 1712.
Submitted by: Kent Vander Velden
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NIS map which is present on SunOS NIS servers with the SunOS C2 security
hack^Woption installed. I'm convinced that the C2 security option restricts
access to the passwd.adjunct.byname map in the same way that I restrict
access to the master.passwd.{byname,buid} maps (checking for reserved ports),
which means that we should be able to handle passwd.adjunct.byname map
correctly.
If _havemaster() doesn't find a master.passwd.byname map, it will now
test for a passwd.adjunct.byname map before defaulting back to the
standard non-shadowed passwd.{byname,byuid} maps. If _pw_breakout_yp()
sees that the adjunct map was found and the password from the standard
maps starts with ##, it will try to grab the correct password field
from the adjunct map. As with the master.passwd maps, this only happens
if the caller is root, so the shadowing feature is preserved; non-root
users just get back ##username as the encrypted password.
Note that all we do is grab the second field from the passwd.adjunct.byname
entry, which is designated to be the real encrypted password. There are
other auditing fields in the entry but they aren't of much use to us.
Also switched back to using yp_order() to probe for the maps (instead
of yp_first()). The original problem with yp_order() was that it barfed
with NIS+ servers in YP compat mode since they don't support the
YPPROC_ORDER procedure. This condition is handled a bit more gracefully
in yplib now: we can detect the error and just punt on the probing.
|
|
|
|
|
|
| |
use ``is expected to conform to'' phrase, not ``conforms to''
Pointed out by: Bruce->NIST-PCTS
|
|
|
|
|
|
|
| |
domain names and not host names.
Pointed out by: bde
Obtained from: NetBSD
|
| |
|
|
|
|
|
|
| |
Since locale reading code not resistent against stack overflowing or
similar intruder attacks, don't allow PATH_LOCALE env variable action
for s-bit programs (non-standard locale path setting)
|
|
|
|
| |
Optimize/improve recently added locale restoration on failure
|
|
|
|
| |
don't treat empty encoding as C encoding
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
strdup() it to prevent unsetenv() or setenv() effects. Check its length to
not allow user to overflow internal locale buffer. Move PATH_LOCALE
handling code into one place.
POSIX: make better stub for LC_MONETARY & LC_NUMERIC, now it check
locale directory existance instead of refusing all non-C non-POSIX
locales. POSIX treats empty locale env variable as unset variable
while our old code treats it as "C" locale, fix it. Implement previous locale
restoring, if locale setting fails. Old code assumes success if some
of LC_ALL subset is successed even other fails, POSIX treats it as
failure with previous locale restoring, fix it.
Remove unneccessary length checking in currentlocale()
|
|
|
|
| |
Cannidate for: 2.2
|
| |
|
|
|
|
|
| |
us to finally phase out the 8K shared version of liby in favor of the
600-byte static one, as was done years ago for libl/libfl.
|
|
|
|
|
|
|
| |
attempted to exec the components of $PATH and it usually set errno
to the wrong value.
Found by: NIST PCTS
|
|
|
|
|
|
|
|
| |
Garbage in `eacces' caused the wrong errno to be set for non-EACCES errors.
Garbage in `etxtbsy' caused a semi-random retry strategy for ETXTBSY errors.
Found by: NIST-PCTS. gcc -Wall reported the problem, but -Wall is not
enabled for libc.
|
|
|
|
| |
(lack of sleep)
|
|
|
|
|
| |
connection at the end of operation, so it not leave opened
file without a reason.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
FTP error return code because
1) They return NULL, it means that ftpErrno can't be used because
it takes file pointer
2) They don't have FILE-type argument as f.e. ftpGet/ftpPut to use
it for ftpErrno instead.
For that functions I add yet one int* type argument to store
FTP error return code. It is impossible to add some global variable
for that reason, because user can have multiply FTP connections
opened at the same time.
So, interface changed, major number bumped.
Userland changes will follows.
Minor bugfixes, the code:
Forget to close file in few places, when failure occurse
Forget to NULL cached host name, multiply free is possible
|
|
|
|
|
|
| |
at the same time, so add new con_state to avoid QUIT recursion
Still should go to 2.2
|
|
|
|
|
|
|
|
| |
send QUIT to closed connection.
2) Preserve login failure code, don't overwrite it with ftp_close
code
Should go to 2.2
|
| |
|
|
|
|
|
| |
Parameters for pthread_getspecific() call changed.
pthread_keycreate() renamed to pthread_key_create().
|
| |
|