allow conditionally disabling the building of certain user space
programs in the 'base' set.
There is not enough consensus that this is the right way and a few
people had strong objections, see source-changes-d@.
right value if they're called before _start. This is true of bash where
it provides its own getenv.
Part of port-hppa/56118: sporadic app crashes in HPPA -current
NetBSD-SA2016-006 included an incomplete fix for CVE-2016-6253,
a local privilege escalation vulnerability in mail.local(8).
mail.local(8) attempts to open(2) a user's existing mailbox file
to append to it. If that call fails, mail.local(8) will then issue
a second open(2) call to create the file (O_CREAT).
An attacker had the opportunity to create the file in question (as
a symlink, or link to some other file) in between these two open(2) calls.
Fix this by using O_EXCL in the 2nd open call, if the file exists when
that one happens, something is going wrong, so just abort. Also, only
attempt that 2nd open if the reason the first failed was that the file
did not exist (this doesn't fix the issue, but it potentially saves
some cycles).
Thanks to Jan Schaumann for bringing this to our attention.
These are basic CAS-based locking primitives needing release and
acquire semantics, nothing fancy here -- except the membar_sync parts
which are questionable but not relevant to the present audit.
support for indirect functions was added. This fixes {init,fini}_array support
on hppa where each member of the array is (already) a plabel.
Discussed with joerg.
4 files changed, 29 insertions(+), 39 deletions(-)
: ----------------------------------------------------------------------
This (apparently very old!) workaround to ensure that DTR stays down long
enough to be detected is now handled by serial drivers themselves. For
console devices (framebuffer, serial console, etc) this was an unnecessary
2 second penalty that we have all been paying since the beginning of time.
mostly from sunil@nimmagadda.net in PR#55830, though i moved the
member into the main http structure, so that it doesn't trigger
sslinfo being allocated via command line without the rest of the
ssl being setup (which then leads to crashes.)
The use of membar_enter is to separate atomic r/m/w on a lock from
the body of the critical section so two different critical sections
happen in order:
body of previous critical section;
exit critical section:
membar_exit();
atomic_r/m/w(lock stuff);
enter critical section:
atomic_r/m/w(lock stuff);
membar_enter();
body of next critical section;
_rtld_shared_enter does this, but it _also_ issued an extraneous
membar_enter before the atomic_r/m/w part, which doesn't impose any
semantically important order but may cost some performance.
The additional ':' after 'main.c' had no effect on the compilation since
the suffix is removed when computing the list of object files. The ':'
excluded main.c from the dependency computation and from lint.
By defining CPPFLAGS instead of CFLAGS, the default "-O2" steps in
again, and the proper flags are passed to lint, which did not work
before at all because it could not find an included file.
The second of the '$$?' was spelled only '$?'. At the time where this
shell expression was evaluated, it had already been overwritten by the
preceding command '['.