src - FreeBSD source tree

diff options


context:
space:
mode:

author	Enji Cooper <ngie@FreeBSD.org>	2016-08-29 18:53:36 +0000
committer	Enji Cooper <ngie@FreeBSD.org>	2016-08-29 18:53:36 +0000
commit	2f52412deecdcb41dbdabd8c6edda1bbd19ed39b (patch)
tree	fe0eeb750bc1b8afc8068ea3ccca42c3090deef3 /contrib
parent	6e122b96101bfcb0168c613447c37817d4e02196 (diff)
parent	895897884f1f936e7e6874e9a515a5a3861508a7 (diff)
download	src-2f52412deecdcb41dbdabd8c6edda1bbd19ed39b.tar.gz src-2f52412deecdcb41dbdabd8c6edda1bbd19ed39b.zip

MFhead @ r305013

Notes

Notes: svn path=/projects/netbsd-tests-update-12/; revision=305014

Diffstat (limited to 'contrib')

-rw-r--r--

contrib/ipfilter/opts.h

-rw-r--r--

contrib/libarchive/libarchive/archive_read_support_format_tar.c

-rw-r--r--

contrib/libarchive/libarchive/archive_read_support_format_zip.c

-rw-r--r--

contrib/libarchive/libarchive/archive_write_disk_acl.c

-rw-r--r--

contrib/libarchive/libarchive/archive_write_disk_posix.c

-rw-r--r--

contrib/libarchive/tar/util.c

-rw-r--r--

contrib/ncurses/ncurses/tinfo/lib_baudrate.c

-rwxr-xr-x

contrib/netbsd-tests/usr.bin/dirname/t_dirname.sh

-rw-r--r--

contrib/ofed/libcxgb4/src/qp.c

9 files changed, 67 insertions, 30 deletions

diff --git a/contrib/ipfilter/opts.h b/contrib/ipfilter/opts.h
index 3c8b88b2f037..6e973186756e 100644
--- a/contrib/ipfilter/opts.h
+++ b/contrib/ipfilter/opts.h

@@ -12,7 +12,11 @@

#define __OPTS_H__

#ifndef SOLARIS

-#define SOLARIS (defined(sun) && (defined(__svr4__) || defined(__SVR4)))

+# if defined(sun) && (defined(__svr4__) || defined(__SVR4))

+# define SOLARIS 1

+# else

+# define SOLARIS 0

+# endif

#endif

#define OPT_REMOVE 0x000001

#define OPT_DEBUG 0x000002

diff --git a/contrib/libarchive/libarchive/archive_read_support_format_tar.c b/contrib/libarchive/libarchive/archive_read_support_format_tar.c
index 9a44078b771a..d0ce05a60e4d 100644
--- a/contrib/libarchive/libarchive/archive_read_support_format_tar.c
+++ b/contrib/libarchive/libarchive/archive_read_support_format_tar.c

@@ -1128,8 +1128,15 @@ header_common(struct archive_read *a, struct tar *tar,

if (tar->entry_bytes_remaining < 0) {

tar->entry_bytes_remaining = 0;

archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,

- "Tar entry has negative size?");

- err = ARCHIVE_WARN;

+ "Tar entry has negative size");

+ return (ARCHIVE_FATAL);

+ }

+ if (tar->entry_bytes_remaining == INT64_MAX) {

+ /* Note: tar_atol returns INT64_MAX on overflow */

+ tar->entry_bytes_remaining = 0;

+ archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,

+ "Tar entry size overflow");

+ return (ARCHIVE_FATAL);

}

tar->realsize = tar->entry_bytes_remaining;

archive_entry_set_size(entry, tar->entry_bytes_remaining);

diff --git a/contrib/libarchive/libarchive/archive_read_support_format_zip.c b/contrib/libarchive/libarchive/archive_read_support_format_zip.c
index 2b025cbd12ad..2e5579f1fe73 100644
--- a/contrib/libarchive/libarchive/archive_read_support_format_zip.c
+++ b/contrib/libarchive/libarchive/archive_read_support_format_zip.c

@@ -418,18 +418,30 @@ zip_time(const char *p)

* id1+size1+data1 + id2+size2+data2 ...

* triplets. id and size are 2 bytes each.

-static void

-process_extra(const char *p, size_t extra_length, struct zip_entry* zip_entry)

+static int

+process_extra(struct archive_read *a, const char *p, size_t extra_length, struct zip_entry* zip_entry)

{

unsigned offset = 0;

- while (offset < extra_length - 4) {

+ if (extra_length == 0) {

+ return ARCHIVE_OK;

+ }

+ if (extra_length < 4) {

+ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,

+ "Too-small extra data: Need at least 4 bytes, but only found %d bytes", (int)extra_length);

+ return ARCHIVE_FAILED;

+ }

+ while (offset <= extra_length - 4) {

unsigned short headerid = archive_le16dec(p + offset);

unsigned short datasize = archive_le16dec(p + offset + 2);

offset += 4;

if (offset + datasize > extra_length) {

- break;

+ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,

+ "Extra data overflow: Need %d bytes but only found %d bytes",

+ (int)datasize, (int)(extra_length - offset));

+ return ARCHIVE_FAILED;

}

#ifdef DEBUG

fprintf(stderr, "Header id 0x%04x, length %d\n",

@@ -715,13 +727,13 @@ process_extra(const char *p, size_t extra_length, struct zip_entry* zip_entry)

}

offset += datasize;

}

-#ifdef DEBUG

- if (offset != extra_length)

- {

- fprintf(stderr,

- "Extra data field contents do not match reported size!\n");

+ if (offset != extra_length) {

+ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,

+ "Malformed extra data: Consumed %d bytes of %d bytes",

+ (int)offset, (int)extra_length);

+ return ARCHIVE_FAILED;

}

-#endif

+ return ARCHIVE_OK;

}

@@ -840,7 +852,9 @@ zip_read_local_file_header(struct archive_read *a, struct archive_entry *entry,

return (ARCHIVE_FATAL);

}

- process_extra(h, extra_length, zip_entry);

+ if (ARCHIVE_OK != process_extra(a, h, extra_length, zip_entry)) {

+ return ARCHIVE_FATAL;

+ }

__archive_read_consume(a, extra_length);

/* Work around a bug in Info-Zip: When reading from a pipe, it

@@ -1293,7 +1307,7 @@ zip_read_data_deflate(struct archive_read *a, const void **buff,

&& bytes_avail > zip->entry_bytes_remaining) {

bytes_avail = (ssize_t)zip->entry_bytes_remaining;

}

- if (bytes_avail <= 0) {

+ if (bytes_avail < 0) {

archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,

"Truncated ZIP file body");

return (ARCHIVE_FATAL);

@@ -2691,7 +2705,9 @@ slurp_central_directory(struct archive_read *a, struct zip *zip)

"Truncated ZIP file header");

return ARCHIVE_FATAL;

}

- process_extra(p + filename_length, extra_length, zip_entry);

+ if (ARCHIVE_OK != process_extra(a, p + filename_length, extra_length, zip_entry)) {

+ return ARCHIVE_FATAL;

+ }

* Mac resource fork files are stored under the

diff --git a/contrib/libarchive/libarchive/archive_write_disk_acl.c b/contrib/libarchive/libarchive/archive_write_disk_acl.c
index 54a96696f285..4c61054d18fe 100644
--- a/contrib/libarchive/libarchive/archive_write_disk_acl.c
+++ b/contrib/libarchive/libarchive/archive_write_disk_acl.c

@@ -138,6 +138,7 @@ set_acl(struct archive *a, int fd, const char *name,

acl_permset_t acl_permset;

#ifdef ACL_TYPE_NFS4

acl_flagset_t acl_flagset;

+ int r;

#endif

int ret;

int ae_type, ae_permset, ae_tag, ae_id;

@@ -145,7 +146,7 @@ set_acl(struct archive *a, int fd, const char *name,

gid_t ae_gid;

const char *ae_name;

int entries;

- int i, r;

+ int i;

ret = ARCHIVE_OK;

entries = archive_acl_reset(abstract_acl, ae_requested_type);

diff --git a/contrib/libarchive/libarchive/archive_write_disk_posix.c b/contrib/libarchive/libarchive/archive_write_disk_posix.c
index a60d225f5c0e..14acc2cd210d 100644
--- a/contrib/libarchive/libarchive/archive_write_disk_posix.c
+++ b/contrib/libarchive/libarchive/archive_write_disk_posix.c

@@ -2401,8 +2401,18 @@ check_symlinks(struct archive_write_disk *a)

r = lstat(a->name, &st);

if (r != 0) {

/* We've hit a dir that doesn't exist; stop now. */

- if (errno == ENOENT)

+ if (errno == ENOENT) {

break;

+ } else {

+ /* Note: This effectively disables deep directory

+ * support when security checks are enabled.

+ * Otherwise, very long pathnames that trigger

+ * an error here could evade the sandbox.

+ * TODO: We could do better, but it would probably

+ * require merging the symlink checks with the

+ * deep-directory editing. */

+ return (ARCHIVE_FAILED);

+ }

} else if (S_ISLNK(st.st_mode)) {

if (c == '\0') {

diff --git a/contrib/libarchive/tar/util.c b/contrib/libarchive/tar/util.c
index 9d2aced7bd14..f845600193a0 100644
--- a/contrib/libarchive/tar/util.c
+++ b/contrib/libarchive/tar/util.c

@@ -182,7 +182,7 @@ safe_fprintf(FILE *f, const char *fmt, ...)

}

/* If our output buffer is full, dump it and keep going. */

- if (i > (sizeof(outbuff) - 20)) {

+ if (i > (sizeof(outbuff) - 128)) {

outbuff[i] = '\0';

fprintf(f, "%s", outbuff);

i = 0;

diff --git a/contrib/ncurses/ncurses/tinfo/lib_baudrate.c b/contrib/ncurses/ncurses/tinfo/lib_baudrate.c
index 252d03c593d8..3960053e60c3 100644
--- a/contrib/ncurses/ncurses/tinfo/lib_baudrate.c
+++ b/contrib/ncurses/ncurses/tinfo/lib_baudrate.c

@@ -94,7 +94,7 @@ struct speed {

int sp; /* the actual speed */

};

-#define DATA(number) { B##number, number }

+#define DATA(number) { (NCURSES_OSPEED)B##number, number }

static struct speed const speeds[] =

{

diff --git a/contrib/netbsd-tests/usr.bin/dirname/t_dirname.sh b/contrib/netbsd-tests/usr.bin/dirname/t_dirname.sh
index a3935249f47e..31204045b42e 100755
--- a/contrib/netbsd-tests/usr.bin/dirname/t_dirname.sh
+++ b/contrib/netbsd-tests/usr.bin/dirname/t_dirname.sh

@@ -32,6 +32,9 @@ basic_head()

}

basic_body()

{

+ # Begin FreeBSD

+ atf_tc_expect_fail "dirname //usr//bin doesn't return //usr like it used to; bug # 212193"

+ # End FreeBSD

atf_check -o inline:"/\n" dirname /

atf_check -o inline:"/\n" dirname //

atf_check -o inline:"/usr\n" dirname /usr/bin/

diff --git a/contrib/ofed/libcxgb4/src/qp.c b/contrib/ofed/libcxgb4/src/qp.c
index 71cc49b6e8ff..b0e3def5006c 100644
--- a/contrib/ofed/libcxgb4/src/qp.c
+++ b/contrib/ofed/libcxgb4/src/qp.c

@@ -392,11 +392,9 @@ int c4iw_post_send(struct ibv_qp *ibqp, struct ibv_send_wr *wr,

t4_sq_produce(&qhp->wq, len16);

idx += DIV_ROUND_UP(len16*16, T4_EQ_ENTRY_SIZE);

}

- if (t4_wq_db_enabled(&qhp->wq)) {

- t4_ring_sq_db(&qhp->wq, idx, dev_is_t5(qhp->rhp),

- len16, wqe);

- } else

- ring_kernel_db(qhp, qhp->wq.sq.qid, idx);

+ t4_ring_sq_db(&qhp->wq, idx, dev_is_t5(qhp->rhp),

+ len16, wqe);

qhp->wq.sq.queue[qhp->wq.sq.size].status.host_wq_pidx = \

(qhp->wq.sq.wq_pidx);

pthread_spin_unlock(&qhp->lock);

@@ -458,11 +456,9 @@ int c4iw_post_receive(struct ibv_qp *ibqp, struct ibv_recv_wr *wr,

wr = wr->next;

num_wrs--;

}

- if (t4_wq_db_enabled(&qhp->wq))

- t4_ring_rq_db(&qhp->wq, idx, dev_is_t5(qhp->rhp),

- len16, wqe);

- else

- ring_kernel_db(qhp, qhp->wq.rq.qid, idx);

+ t4_ring_rq_db(&qhp->wq, idx, dev_is_t5(qhp->rhp),

+ len16, wqe);

qhp->wq.rq.queue[qhp->wq.rq.size].status.host_wq_pidx = \

(qhp->wq.rq.wq_pidx);

pthread_spin_unlock(&qhp->lock);