summaryrefslogtreecommitdiffstats
path: root/usr.bin
Commit message (Collapse)AuthorAgeFilesLines
* Merge r308330 by bapt:glebius2016-12-062-15/+14
| | | | | | | | | localedef: Fix ctype dump (fixed wide spread errors) See original commit for longer description. Errata Notice: EN-16:21 Approved by: so
* Merge from stable/11 bspatch, portsnap, and libarchive fixes:emaste2016-09-271-75/+153
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | === bspatch === MFS r306213: bspatch Capsicumization, sanity checks, and other improvements r304691: bspatch: apply style(9) Make style changes (and trivial refactoring of open calls) now in order to reduce noise in diffs for future capsicum changes. r304807 (allanjude): Capsicumize bspatch Move all of the fopen() and open() calls to the top of main() Restrict each FD to least privilege (read/seek only, write only, etc) cap_enter(), and make all except the output FD read/seek only. r304821: bspatch: remove output file in the case of error r305486: bspatch: add sanity checks on sizes to avoid integer overflow Note that this introduces an explicit 2GB limit, but this was already implicit in variable and function argument types. This is based on the "non-cryptanalytic attacks against freebsd update components" anonymous gist. Further refinement is planned. r305737: bspatch: remove superfluous newlines from errx strings r305822: bspatch: use #define for header size instead of magic number r306026: bspatch: Remove backwards-compatibility sys/capability.h support bspatch previously included sys/capability.h or sys/capsicum.h based on __FreeBSD_version, as FreeBSD is the upstream for bsdiff and we may see this file incorporated into other third-party software. The Capsicum header is now installed as sys/capsicum.h in stable/10 and FreeBSD 10.3, so we can just use sys/capsicum.h and simplify the logic. With this change, bspatch is identical between head, stable/11 and releng/11.0. === portsnap === MFS r305648 (delphij): MFC r305469: Ensure that we always open only files that is named by explicitly using shell redirections instead of having gzip(1) to decide what file to open. Issue reported in the "non-cryptanalytic attacks against freebsd update components" anonymous gist. === libarchive === MFS r305754 (mm): MFC r305422: Sync libarchive with vendor Vendor issues fixed: PR #777: Multiple bugfixes for setup_acls() This includes a bugfix for a bug that caused ACLs not to be read properly for files and directories inside subdirectories and as a result not being stored or being incorrectly stored in tar archives. MFS r306321 (mm): MFC r305819: Sync libarchive with vendor including important security fixes. Issues fixed (FreeBSD): PR #778: ACL error handling Issue #745: Symlink check prefix optimization is too aggressive Issue #746: Hard links with data can evade sandboxing restrictions This update fixes the vulnerability #3 and vulnerability #4 as reported in "non-cryptanalytic attacks against FreeBSD update components". https://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f Fix for vulnerability #2 has already been merged. Approved by: re (gjb), so (glebius)
* MFC r304519:tuexen2016-08-201-4/+4
| | | | | | | * Use names for SCTP and UDPLite when reporting the input histogram. * Fix the output for scope statistics. Approved by: re (kib)
* MFS r304469:bdrewery2016-08-191-8/+39
| | | | | | | | | | | | | | | | | MFC r303929,r303930,r303931,r303932,r303933: r303929: Fix -S with -b not atomically updating the destination file. r303930: Support -v for -l. r303931: Fix -S with -l not being atomic. r303932: Fix -b failure not restoring flags on the destination file. r303933: Squelch a false-positive Clang static analyzer warning. Approved by: re (gjb)
* MFS r304143:bdrewery2016-08-191-0/+2
| | | | | | | | | | | | | MFC r303934,r303937,r303942: r303934: Support rmdir(2). r303937: Use proper argument length for rmdir(2) for r303934. r303942: Fix sorting in r303934. Approved by: re (gjb)
* MFC: r303685bapt2016-08-151-1/+3
| | | | | | | | | | | | | truss: fix uninitialized trussinfo->curthread in add_threads()/enter_syscall trussinfo->curthread must be initialized before calling enter_syscall(), it is used by t->proc->abi->fetch_args(). Without that truss is segfaulting and the attached program also crash. Submitted by: Nikita Kozlov (nikita@gandi.net) Reviewed by: jhb Approved by: re (gjb) Differential Revision: https://reviews.freebsd.org/D7399
* MFC r303676:dim2016-08-091-1/+1
| | | | | | | | | | | | | | Fix a segfault in bsdgrep when parsing the invalid extended regexps "?" or "+" (these are invalid, because there is no preceding operand). When bsdgrep attempts to emulate GNU grep in discarding and ignoring the invalid ? or + operators, some later logic in tre_compile_fast() goes beyond the end of the buffer, leading to a crash. Fix this by bailing out, and reporting a bad pattern instead. Approved by: re (gjb, kib) Reported by: Steve Kargl
* Merge r303264 and corrections:glebius2016-08-025-132/+132
| | | | | | | The date format for ru_RU.UTF-8 locale has changed some time ago, adjust the ru_RU.UTF-8 calendar files. Approved by: re (kib)
* MFC r303520vangyzen2016-08-011-2/+2
| | | | | | | Fix markup for -j in cpuset(1) synopsis Approved by: re (kib) Sponsored by: Dell Inc.
* MFC r302911:pfg2016-07-252-2/+6
| | | | | | | mail(1): Avoid closing negative file descriptors. CID: 1008105, 1008106 Approved by: re (gjb)
* Fix bspatch heap overflow vulnerability.delphij2016-07-251-0/+4
| | | | | | | Obtained from: Chromium Reported by: Lu Tung-Pin Security: FreeBSD-SA-16:25.bspatch Approved by: re (so@ blanket)
* MFC r302542:delphij2016-07-251-2/+2
| | | | | | Use _PATH_DEVNULL instead of hardcoding. Approved by: re (kib)
* MFC r302904:tuexen2016-07-242-90/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix a bug which results in a core dump when running netstat with the -W option and having a listening SCTP socket. The bug was introduced in r279122 when adding support for libxo. MFC r302907: When calling netstat -Laptcp the local address values are not aligned with the corresponding entry in the table header. r295136 increased the value width from 14 to 32 without the corresponding change to the table header. This commit adds the change to the table header width. MFC r302917: Ensure that the -a, -W, -L options for SCTP behave similar as for TCP. MFC r302928: Address a potential memory leak found a the clang static code analyzer running on the userland stack. MFC r302930: Don't free a data chunk twice. Found by the clang static code analyzer running for the userland stack. MFC r302935: Deal with a portential memory allocation failure, which was reported by the clang static code analyzer. Joint work with rrs@. MFC r302942: Add missing sctps_reasmusrmsgs counter. Joint work with rrs@. MFC r302945: Don't duplicate code for SCTP, just use the ones used for UDP and TCP. This fixes a bug with link local addresses. This will require and upcoming change in the kernel to bring SCTP to the same behaviour as UDP and TCP. MFC r302949: Fix the PR-SCTP behaviour. This is done by rrs@. MFC r302950: Add a constant required by RFC 7496. MFC r303024: netstat and sockstat expect the IPv6 link local addresses to have an embedded scope. So don't recover. MFC r303025: Use correct order of conditions to avoid NULL deref. MFC r303073: Fix a bug in deferred stream reset processing which results in using a length field before it is set. Thanks to Taylor Brandstetter for reporting the issue and providing a fix. Approved by: re (kib)
* MFC r302770:kib2016-07-201-0/+25
| | | | | | Trace timeval parameters to the getitimer(2) and setitimer(2) syscalls. Approved by: re (gjb)
* MFC r302973:pfg2016-07-201-1/+1
| | | | | | | | | | sed(1): Fix off by one introduced in r299211. Detected by running the gsed tests. Submitted by: Mikhail Teterin PR: 195929 Approved by: re (gjb)
* MFC r302511, r302771, r302845:pfg2016-07-172-4/+8
| | | | | | mail(1): check for out of memory conditions when calling calloc(3). Approved by: re (gjb)
* lorder: produce locale-independent symbol orderingemaste2016-07-071-0/+1
| | | | | | | | Found by the Debian reproducible builds effort -- Debian bug 830259. Reported by: Reiner Herrmann <reiner@reiner-h.de> Approved by: re (gjb) Sponsored by: The FreeBSD Foundation
* Fix .../usr.bin/lastcomm/legacy_test:main on i386ngie2016-07-032-56/+56
| | | | | | | | | | | | | The time in the output files was ahead by 3 hours on i386. Fix the incorrect offset. Differential Revision: https://reviews.freebsd.org/D7079 (as part of a larger diff) MFC after: 1 week PR: 210329 Reported by: asomers Approved by: re (gjb) Reviewed by: cem Sponsored by: EMC / Isilon Storage Division
* Output the diffs to standard error when comparing the expected vs thengie2016-07-031-1/+1
| | | | | | | | | | | | | | obtained output from lastcomm instead of just printing out a summary, e.g. "they differed". This will make failures with results more apparent when running kyua debug, kyua report-html, etc. Differential Revision: https://reviews.freebsd.org/D7079 (as part of a larger diff) MFC after: 1 week Approved by: re (gjb) Reviewed by: cem Sponsored by: EMC / Isilon Storage Division
* Skip lastcomm and sa tests on unsupported architecturesasomers2016-06-261-0/+1
| | | | | | | | | | | | | | | | usr.bin/lastcom/tests/Makefile usr.sbin/sa/tests/Makefile Set allow_architectures appropriately. These tests depend on golden files that must be generated for each architecture, and haven't yet been generated for all of them. PR: 210566 PR: 204154 Reviewed by: ngie Approved by: re (gjb) MFC after: 4 weeks Sponsored by: Spectra Logic Corp Differential Revision: https://reviews.freebsd.org/D6960
* This patch fixes two bugs:tuexen2016-06-251-5/+20
| | | | | | | | | | | | | * sctp46, tcp46, and udp46 sockets are displayed as such and not as sctp4 6, tcp4 6, udp4 6. This bug was introduced in http://svnweb.freebsd.org/base?view=revision&revision=187915 * For SCTP sockets, the the -4 and -6 flags are honoured as much as possible. This means IPv4 sockets are handled correctly, IPv6 sockets are displayed as sctp46, since it is currently not possible to distinguish between sctp6 and sctp46. Approved by: re (gjb) MFC after: 1 week
* gcore: Forward pending signals when detaching from the target.markj2016-06-241-3/+13
| | | | | | | | | | | Otherwise gcore's ptrace attach operation can race with delivery of a signal and cause it to be lost. In collaboration with: Suraj Raju <sraju@isilon.com> Reviewed by: bdrewery Approved by: re (gjb, kib) MFC after: 2 weeks Sponsored by: EMC / Isilon Storage Division
* MFV r302003,r302037,r302038,r302056:mm2016-06-225-3/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update libarchive to 3.2.1 (bugfix and security fix release) List of vendor fixes: - fix exploitable heap overflow vulnerability in Rar decompression (vendor issue 719, CVE-2016-4302, TALOS-2016-0154) - fix exploitable stack based buffer overflow vulnebarility in mtree parse_device functionality (vendor PR 715, CVE-2016-4301, TALOS-2016-0153) - fix exploitable heap overflow vulnerability in 7-zip read_SubStreamsInfo (vendor issue 718, CVE-2016-4300, TALOS-2016-152) - fix integer overflow when computing location of volume descriptor (vendor issue 717) - fix buffer overflow when reading a crafred rar archive (vendor issue 521) - fix possible buffer overflow when reading ISO9660 archives on machines where sizeof(int) < sizeof(size_t) (vendor issue 711) - tar and cpio should fail if an input file named on the command line is missing (vendor issue 708) - fix incorrect writing of gnutar filenames that are exactly 512 bytes long (vendor issue 682) - allow tests to be run from paths that are equal or longer than 128 characters (vendor issue 657) - add memory allocation errors in archive_entry_xattr.c (vendor PR 603) - remove dead code in archive_entry_xattr_add_entry() (vendor PR 716) - fix broken decryption of ZIP files (vendor issue 553) - manpage style, typo and description fixes Post-3.2.1 vendor fixes: - fix typo in cpio version reporting (Vendor PR 725, 726) - fix argument range of ctype functions in libarchive_fe/passphrase.c - fix ctype use and avoid empty loop bodies in WARC reader MFC after: 1 week Security: CVE-2016-4300, CVE-2016-4301, CVE-2016-4302 Approved by: re (kib)
* mkimg: bump version to 20151211 after r292082emaste2016-06-171-1/+1
| | | | | | | | | | | mkimg has had a number of functional additions after the last time the version was incremented. Do so now, to r292082's commit date, so that users can determine what is supported. Reviewed by: marcel Approved by: re (gjb) Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D6882
* Add clang-format under WITH_CLANG_EXTRAS.bdrewery2016-06-173-0/+56
| | | | | | | Reviewed by: dim Approved by: re (gjb) Sponsored by: EMC / Isilon Storage Division Differential Revision: https://reviews.freebsd.org/D6856
* ar: enable reproducible output by default when invoked as 'ar -s'emaste2016-06-162-3/+9
| | | | | | | | | | | | | ar output is already deterministic by default for ar -q and ar -r, and when invoked as ranlib. Make ar -s equivalent to ranlib and enable deterministic output by default in that case too. PR: 210330 Reviewed by: bdrewery Approved by: re (gjb) MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D6871
* WITH_META_MODE: Fix rebuilding maketab outside of build-tools.bdrewery2016-06-141-2/+4
| | | | | | | | | | | | | | | The bsd.dep.mk yacc targets rely on only the .c file getting a .meta file. However the previous code here relying on only the .h file meant that it would be generated with a .meta file. r301285 made it so that the .h file is never expected to get a .meta file. To keep this restriction in place add in an extra dependency on the .c file so that it is generated at this time. It's a hack but the best for the patterns we have at the moment for handling build-tools and side-effect-generated files. Reported by: Mark Millard Approved by: re (implicit) Sponsored by: EMC / Isilon Storage Division
* Add myself (mahrens) to calendar.freebsdmahrens2016-06-131-0/+1
| | | | | Approved by: mckusick Approved by: re (gjb)
* Change my given name from "Garrett" to "Ngie"ngie2016-06-131-1/+1
| | | | | | | A legal name change from "Garrett" to "Ngie", as well as a FreeBSD account name change, is pending. Approved by: re (hrs)
* install: When preserving timestamps, also copy the nanoseconds part.jilles2016-06-092-17/+20
| | | | | | Now that we have utimensat in -legacy, install(1) can use it. This is a revert of r299942 which is itself a revert of r299850.
* Add support for truss'ing Linux/x86_64 binaries under amd64.jhb2016-06-092-0/+105
| | | | Prodding by: xmj
* Merge bmake-20160606sjg2016-06-082-4/+7
| | | | o dir.c: extend mtimes cache to others via cached_stat()
* Fix a (false positive?) Argument cannot be negative coverity defect.truckman2016-06-081-5/+2
| | | | | | | | | | | | | | | Rather than guarding close(fd) with an fd >= 0 test and setting fd to -1 when it is closed to avoid a potential double-close, just move the close() call after the conditional "goto make_token". This moves the close() call totally outside the loop to avoid the possibility of calling it twice. This should also prevent a Coverity warning about checking fd for validity after it was previously passed to read(). Reported by: Coverity CID: 1355335 MFC after: 1 week X-MFC with: r299484
* indent(1): Fix typo.pfg2016-06-061-1/+1
| | | | | | | It's typedef, not typdef. Obtained from: OpenBSD (CVS rev. 1.20) MFC after: 3 days
* Use the in-tree sys/elf_common.hbdrewery2016-06-051-0/+13
| | | | This is the same fix as r301471.
* Import bmake-20160604sjg2016-06-051-2/+2
| | | | Performace improvements for meta mode.
* Report negotiated MaxBurstLength and FirstBurstLength in "iscsictl -v"trasz2016-06-051-0/+4
| | | | | | and "ctladm islist -v" outputs. MFC after: 1 month
* Document getent(1)'s ability to enumerate netgroup members.markj2016-06-042-2/+4
| | | | MFC after: 3 days
* DIRDEPS_BUILD: Connect new directories and update dependencies.bdrewery2016-06-033-0/+61
| | | | Sponsored by: EMC / Isilon Storage Division
* Fix two types which resulted in setting the address long wrongtuexen2016-06-021-2/+2
| | | | | | | | for IPv6 addresses. Reported by: pfg@ CID: 1347086 MFC after: 1 week
* sed(1): Fix a mismatch and sync with the OpenBSD's commit.pfg2016-06-011-5/+6
| | | | | | | This was causing some strange behaviour. Reported by: olivier Obtained from: OpenBSD (CVS rev. 1.28)
* mkimg: Indicate that input file pages are unlikely to be reused.markj2016-06-011-0/+3
| | | | | | | | | | | | | | | | | | | | | | | mkimg(1) uses a swap file to back input file chunks. When the output file is being written out, blocks of the swap file are mapped and their contents copied. This causes the backing VM pages to enter the active queue, and when the output file is large relative to system memory (as is generally the case), can result in a shortfall of inactive memory. This causes the pagedaemon to aggressively scan the active queue and swap out process memory in an attempt to meet the shortfall. Because mkimg's input files are typically the intermediate result of some build process, there's no need to push them all through the active queue. Use madvise(2) to indicate that the backing pages may be reclaimed in preference to active pages. In the case of the swap file, these pages will be freed as soon as mkimg exits anyway. When using mkimg on a desktop-class system with large amounts of dirty process memory, this change substantially improves mkimg runtime and reduces swap usage. Reviewed by: marcel MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D6654
* Add "iscsictl -e". Among other things, it makes it possible to performtrasz2016-05-316-10/+94
| | | | | | | | | | | discovery without attaching to the targets ("iscsictl -Ad ... -e off"), and then attach to selected ones ("iscsictl -Mi ... -e on"). PR: 204129 MFC after: 1 month Relnotes: yes Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D6633
* Make iscsictl(8) error messages more consistent.trasz2016-05-311-24/+22
| | | | | MFC after: 1 month Sponsored by: The FreeBSD Foundation
* Fix with external GCC after r300886.bdrewery2016-05-291-1/+10
| | | | | | | | Somehow the /usr/include path got lost in this particular case. Just pass it along from --sysroot as was already done for DIRDEPS_BUILD. Sponsored by: EMC / Isilon Storage Division
* Do libxo cleanup even in case of errors.trasz2016-05-261-2/+3
| | | | | MFC after: 1 month Sponsored by: The FreeBSD Foundation
* Make iscsictl(8) actually report non-zero status on errors. The "failed"trasz2016-05-261-1/+1
| | | | | | | is negative, because the error returned from calls to ioctl(2) is negative. MFC after: 1 month Sponsored by: The FreeBSD Foundation
* Make code compile when basename() is POSIX compliant.ed2016-05-261-1/+6
| | | | | | | | | | In addition to the previous change I made to ar.c, pull in another basename() related fix. This change is similar to the one made to the ELF Toolchain version of ar, with the difference that the ELF Toolchain version lacks error handling for the strdup() call. Reviewed by: emaste Differential Revision: https://reviews.freebsd.org/D6467
* Avoid buffer overflow when copying the input file name and appending .dat.truckman2016-05-261-3/+9
| | | | | | | | Check the return value from fread() to be sure that it was successful. Reported by: Coverity CID: 1006709, 1009452 MFC after: 1 week
* sed: convert sed to use REG_STARTEND more explicitly.pfg2016-05-251-16/+22
| | | | | | | | | | | | | | | Summarizing the findings in the OpenBSD list: This solves a reproduceable issue with very recent Mesa where REG_NOTBOL combined with a match at the begin of the string causes our regex library to treat the word as not begin of word. Thanks to Martijn van Duren and Ingo Schwarze for taking the time to solve this in the least invasive way. PR: 209352, 209387 Taken from: openbsd-tech (Martijn van Duren) MFC after: 1 month
OpenPOWER on IntegriCloud