summaryrefslogtreecommitdiff
path: root/src/lib/libc (follow)
Commit message (Collapse)AuthorAgeFilesLines
* POSIX defines inet_ntoa, not inet_aton.bentley2024-03-061-3/+3
| | | | ok deraadt@ jmc@
* Add mkdtemps(3), like mkdtemp(3) but with a suffix.millert2024-03-012-8/+32
| | | | OK deraadt@ tb@
* make login.conf(5) and crypt_newhash(3) and the underlying codederaadt2024-01-221-2/+2
| | | | | | | | consistant regarding bcrypt,a instead of blowfish,a. "blowfish" is a historical alias which we don't need to document as firmly as "bcrypt". report about difficult manual page discovery from ataraxia937 ok millert
* Make our mktemp(3) callback-driven and split into multiple files.millert2024-01-195-130/+195
| | | | | | Previously, calling any of the mktemp(3) family would pull in lstat(2), open(2) and mkdir(2). Now, only the necessary system calls will be reachable from the binary. OK deraadt@ guenther@
* Move mktemp.c to stdlib where it belongs.millert2024-01-193-4/+582
| | | | OK deraadt@
* A small cleanup of malloc_bytes(), getting rid of a goto and a tinyotto2023-12-191-29/+27
| | | | bit of optimization; ok tb@ asou@
* zap trailing whitespacetb2023-12-041-2/+2
|
* Save backtraces to show in leak dump. Depth of backtrace set byotto2023-12-042-87/+184
| | | | | malloc option D (aka 1), 2, 3 or 4. No performance impact if not used. ok asou@
* KNF plus fixed a few signed vs unsigned compares (that we actuallyotto2023-11-041-22/+33
| | | | not real problems)
* Enable ISO C11 APIs when building libc, even with an older compiler.millert2023-10-291-1/+9
| | | | | Otherwise, the prototypes for timespec_get() and aligned_alloc() are not visible. OK guenther@
* A few micro-optimizations; ok asou@otto2023-10-261-20/+15
|
* correct Va in previous;jmc2023-10-221-2/+3
|
* When option D is active, store callers for all chunks; this avoidsotto2023-10-222-86/+178
| | | | | | | the 0x0 call sites for leak reports. Also display more info on detected write of free chunks: print the info about where the chunk was allocated, and for the preceding chunk as well. ok asou@
* Print waring message when not allocated memory in putleakinfo().asou2023-09-091-2/+20
| | | | ok otto.
* Document that small allocations are initially junked with 0xdf nowotto2023-07-011-3/+3
|
* Recommit "Allow to ask for deeper callers for leak reports usingotto2023-06-302-12/+71
| | | | | | | malloc options" Now only enabled for platforms where it's know to work and written as a inline functions instead of a macro.
* Revert previous, not all platforms allow compilingotto2023-06-232-37/+4
| | | | __builtin_return_address(a) with a != 0.
* Allow to ask for deeper callers for leak reports using malloc options.otto2023-06-222-4/+37
| | | | ok deraadt@
* Add portable version and m88k-specific version lb() function, becauseaoyama2023-06-071-1/+21
| | | | | | unfortunately gcc3 does not have __builtin_clz(). ok miod@ otto@
* More thorough write-afetr-free checks.otto2023-06-042-19/+33
| | | | | | | | | | | | | | | | | | | On free, chunks (the pieces of a pages used for smaller allocations) are junked and then validated after they leave the delayed free list. So after free, a chunk always contains junk bytes. This means that if we start with the right contents for a new page of chunks, we can *validate* instead of *write* junk bytes when (re)-using a chunk. With this, we can detect write-after-free when a chunk is recycled, not justy when a chunk is in the delayed free list. We do a little bit more work on initial allocation of a page of chunks and when re-using (as we validate now even on junk level 1). Also: some extra consistency checks for recallocaray(3) and fixes in error messages to make them more consistent, with man page bits. Plus regress additions.
* Remove malloc interposition, a workaround that was once needed for emacsotto2023-05-271-7/+7
| | | | ok guenther@
* Add PROTO_NORMAL() declarations for the remaining syscalls, to avoidguenther2023-05-181-4/+1
| | | | | | | | future, inadvertant PLT entries. Move the __getcwd and __realpath declarations to hidden/{stdlib,unistd}.h to consolidate and remove duplication. ok tb@ otto@ deraadt@
* As mmap(2) is no longer a LOCK syscall, do away with the extraotto2023-05-101-23/+1
| | | | | unlock-lock dance it serves no real purpose any more. Confirmed by a small performance increase in tests. ok @tb
* remove duplicate includejsg2023-04-211-2/+1
| | | | ok otto@
* remove bad Pp;jmc2023-04-171-3/+2
| | | | (sorry, otto, for not spotting in the updated diff)
* Dump (leak) info using utrace(2) and compile the code always inotto2023-04-162-148/+199
| | | | | except for bootblocks. This way we have built-in leak detecction always (if enable by malloc flags). See man pages for details.
* Introduce variation in location of junked bytes; ok tb@otto2023-04-051-3/+8
|
* Check all chunks in the delayed free list for write-after-free.otto2023-04-012-8/+25
| | | | Should catch more of them and closer (in time) to the WAF. ok tb@
* Last arg is also a pointer, so pass NULL instead of 0; ok deraadt@otto2023-03-251-2/+2
|
* Change malloc chunk sizes to be fine grained.otto2023-03-251-102/+142
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The basic idea is simple: one of the reasons the recent sshd bug is potentially exploitable is that a (erroneously) freed malloc chunk gets re-used in a different role. malloc has power of two chunk sizes and so one page of chunks holds many different types of allocations. Userland malloc has no knowledge of types, we only know about sizes. So I changed that to use finer-grained chunk sizes. This has some performance impact as we need to allocate chunk pages in more cases. Gain it back by allocation chunk_info pages in a bundle, and use less buckets is !malloc option S. The chunk sizes used are 16, 32, 48, 64, 80, 96, 112, 128, 160, 192, 224, 256, 320, 384, 448, 512, 640, 768, 896, 1024, 1280, 1536, 1792, 2048 (and a few more for sparc64 with its 8k sized pages and loongson with its 16k pages). If malloc option S (or rather cache size 0) is used we use strict multiple of 16 sized chunks, to get as many buckets as possible. ssh(d) enabled malloc option S, in general security sensitive programs should. See the find_bucket() and bin_of() functions. Thanks to Tony Finch for pointing me to code to compute nice bucket sizes. ok tb@
* Fix a number of out of bound reads in DNS response parsing.millert2023-03-151-1/+7
| | | | Originally from djm@. OK deraadt@ florian@ bluhm@
* There is no reason to-be-cleared chunks cannot participate in delayedotto2023-02-271-27/+23
| | | | freeing; ok tb@
* Change the way malloc_init() works so that the main data structuresotto2022-12-271-65/+66
| | | | | | | can be made immutable to provide extra protection. Also init pools on-demand: only pools that are actually used are initialized. Tested by many
* spelling fixes; from paul tagliamontejmc2022-12-278-15/+15
| | | | | any changes not taken noted on tech, but chiefly here i did not take the cancelation - cancellation changes;
* tolower(3) guarantees to return its argument unchanged if it's notflorian2022-11-161-10/+3
| | | | | | | uppercase. While here use the correct idiom of casting to unsigned char. OK millert, farewell to ultrix deraadt
* In __cxa_atexit(), there is no need to initialize local pointer beforederaadt2022-10-221-2/+2
| | | | | the lock, when it is correctly initialized after the lock ok otto millert
* put the malloc_readonly struct into the "openbsd.mutable" section, soderaadt2022-10-141-2/+3
| | | | | that the kernel and ld.so will know not to mark it immutable. malloc handles the read/write transitions by itself.
* use Fn rather than Nm for swab(); from josiah frentsosjmc2022-09-281-6/+6
|
* .Li -> .Vt where appropriate;jmc2022-09-1124-106/+103
| | | | | | from josiah frentsos, tweaked by schwarze ok schwarze
* remove unused blowfish inline definesjsg2022-08-281-8/+1
| | | | inline use was removed in 1998
* For putenv(3), return an error if string starts with a '=' character.millert2022-08-082-5/+10
| | | | Both FreeBSD and NetBSD have this behavior. OK deraadt@
* change some 4.4BSD references to earlier releasesjsg2022-08-042-6/+6
| | | | ok schwarze@
* libc string functions were not ported from pwb to v7jsg2022-08-013-15/+9
| | | | | | https://minnie.tuhs.org/pipermail/tuhs/2017-August/011807.html ok schwarze@
* strlen was in v6 libc (s5/perror.c) but not documented till v7jsg2022-07-311-5/+4
| | | | ok schwarze@
* fix indenttb2022-07-311-2/+2
|
* Randomise the rekey interval a little. Previously, the chacha20djm2022-07-311-2/+8
| | | | | | | instance would be rekeyed every 1.6MB. This makes it happen at a random point somewhere in the 1-2MB range. Feedback deraadt@ visa@, ok tb@ visa@
* If a command or interface first appeared in PWB/UNIX, UNIX System III orjsg2022-07-252-6/+10
| | | | | | | | | | | | UNIX System V mention it. Only do so in manual pages with a pre-existing HISTORY section. Prompted by the comparison of System V and BSD commands and interfaces in Sun's "System V Enhancements Overview" document. checked against manuals on bitsavers, TUHS archive and CSRG archive CDs ok jmc@ schwarze@
* To figure our whether a large allocation can be grown into theguenther2022-06-301-12/+2
| | | | | | | | | | | following page(s) we've been first mquery()ing for it, mmapp()ing w/o MAP_FIXED if available, and then munmap()ing if there was a race. Instead, just try it directly with mmap(MAP_FIXED | __MAP_NOREPLACE) tested in snaps for weeks ok deraadt@
* system(3) should ignore SIGINT and SIGQUIT until the shell exits.millert2022-05-211-4/+17
| | | | | | | This got broken when system.c was converted from signal(3) to sigaction(2). Also add SIGINT and SIGQUIT to the set of blocked signals and unblock them in the parent after the signal handlers are installed. Based on a diff from Leon Fischer. OK deraadt@
* Fix typo in last commit.millert2022-04-131-2/+2
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 03:45:12 +0000