bits of hash. Unfortunately due to an implementation bu and the fact that
the return type is unsigned long which is 64 bits in LP64, this can fail
in some cases: "\xff\x0f\x0f\x0f\x0f\x0f\x12". See:
https://maskray.me/blog/2023-04-12-elf-hash-function
From Ed Maste @ FreeBSD:
https://cgit.freebsd.org/src/commit/\
?id=29e3a06510823edbb91667d21f530d3ec778116d
Need to write Unit Tests for this.
This ldscript is not needed and actually makes things worse by putting
everything in one LOAD section, which then needs to have rwx permission.
Remove it so that we get two LOAD sections with better permissions.
Fixes PR 57323.
We only need to ensure that there are no concurrent modifications to
the rtld data structures in flight, since the threads that began
those modifications will not exist in the child and will therefore be
unable to complete them in the child.
A shared lock suffices to ensure there are no such concurrent
modifications in flight; an exclusive lock is not necessary, and can
cause deadlock if fork is executed from a signal handler, which is
explicitly allowed by POSIX (and our own sigaction(2) man page) which
marks fork as async-signal-safe.
PR lib/56979
Usefull when running multiple instances and some for (high traffic)
APIs e.g. to receive log data from appliences - it makes not sense
to duplicate the whole log in the xferlog file (but we can't configure
that at the syslog level due to other httpd instances using that).
(Move initialization of the slc table earlier so it doesn't get
accessed before that happens.)
Calling the crash a DoS or security problem is a bit overwrought; it's
just a bug.
allow conditionally disabling the building of certain user space
programs in the 'base' set.
There is not enough consensus that this is the right way and a few
people had strong objections, see source-changes-d@.
right value if they're called before _start. This is true of bash where
it provides its own getenv.
Part of port-hppa/56118: sporadic app crashes in HPPA -current
NetBSD-SA2016-006 included an incomplete fix for CVE-2016-6253,
a local privilege escalation vulnerability in mail.local(8).
mail.local(8) attempts to open(2) a user's existing mailbox file
to append to it. If that call fails, mail.local(8) will then issue
a second open(2) call to create the file (O_CREAT).
An attacker had the opportunity to create the file in question (as
a symlink, or link to some other file) in between these two open(2) calls.
Fix this by using O_EXCL in the 2nd open call, if the file exists when
that one happens, something is going wrong, so just abort. Also, only
attempt that 2nd open if the reason the first failed was that the file
did not exist (this doesn't fix the issue, but it potentially saves
some cycles).
Thanks to Jan Schaumann for bringing this to our attention.
These are basic CAS-based locking primitives needing release and
acquire semantics, nothing fancy here -- except the membar_sync parts
which are questionable but not relevant to the present audit.
support for indirect functions was added. This fixes {init,fini}_array support
on hppa where each member of the array is (already) a plabel.
Discussed with joerg.
4 files changed, 29 insertions(+), 39 deletions(-)
: ----------------------------------------------------------------------
christos