Re: porting arc4random (was Re: boringssl and such)

2014-06-20 Thread Theo de Raadt
>having just this evening updated Android to the current arc4random >(https://android-review.googlesource.com/#/c/99052/), i was confused >by the single use of explicit_bzero amongst the many calls to memset >in the same file. as for portability, Linux requires MAP_PRIVATE >anywhere you use MAP_ANO

boringssl and such

2014-06-20 Thread Theo de Raadt
Few things to note... I suspect everyone working on LibReSSL is happy to hear the news about BoringSSL. Choice is good!! Their priority is on safety, not on ABI compatibility. Just like us. Over time, I suspect google's version will also become 'reduced API', since they require less legacy app

gcc: warn about overly aligned stack variables

2014-06-20 Thread Matthew Dempsky
GCC supports an "aligned" attribute to specify a minimum alignment for types/objects. However, if an object is allocated on the stack and its alignment exceeds the "preferred stack boundary", then GCC 4.2 silently ignores the alignment. This bit us 4 years ago when the SCSI stack started allocati

sys/msdosfs: possible kernel crash

2014-06-20 Thread Tobias Stoeckmann
Hi, sys/msdosfs is vulnerable to a division by zero when certain FAT file systems are mounted. This happens due to an overflow of an unsigned 8 bit value (sectors per cluster). How to repeat (BEWARE, KERNEL WILL CRASH!!): # dd if=/dev/zero of=nuke.iso bs=1K count=100 # vnconfig vnd0c nuke.iso #

Re: 8 port serial card connections

2014-06-20 Thread Craig R. Skinner
On 2014-06-20 Fri 16:14 PM |, Maurice Janssen wrote: > ># FIXME No. 9 Moxa card port: > >moxa09:dv=/dev/tty10:common: > > > ># FIXME No. 10 Moxa card port: > >moxa10:dv=/dev/tty11:common: > > Try /dev/tty0a and /dev/tty0b > Perfect! Here's a man page diff to sync with lines 1383-1397 of /usr/s

Re: exclude-list in mtree (2)

2014-06-20 Thread Manuel Giraud
Tobias Stoeckmann writes: > On Fri, Jun 20, 2014 at 04:34:19PM +0200, Manuel Giraud wrote: >> +lbuf = NULL; >> +while ((buf = fgetln(fp, &len))) { >> +if (buf[len - 1] == '\n') { >> +if (len == 1) >> +continue; >> +

Re: compare memcmp with 0

2014-06-20 Thread Bob Beck
OMFG.. Ingo you just made my morning. I'm laughing so hard. And I needed the laugh -Bob On Fri, Jun 20, 2014 at 04:54:15PM +0200, Ingo Schwarze wrote: > Hi Theo, > > Theo de Raadt wrote on Thu, Jun 19, 2014 at 09:58:01PM -0600: > > > It could be argued that the bcmp manual page does a poo

Re: exclude-list in mtree (2)

2014-06-20 Thread Tobias Stoeckmann
On Fri, Jun 20, 2014 at 04:34:19PM +0200, Manuel Giraud wrote: > + lbuf = NULL; > + while ((buf = fgetln(fp, &len))) { > + if (buf[len - 1] == '\n') { > + if (len == 1) > + continue; > + buf[len - 1] = '\0'; >

Re: compare memcmp with 0

2014-06-20 Thread Ingo Schwarze
Hi Theo, Theo de Raadt wrote on Thu, Jun 19, 2014 at 09:58:01PM -0600: > It could be argued that the bcmp manual page does a poor job > documenting this. It should use the mandoc blink tag. OK? It's not perfect yet because when you nest blink tags, it already switches back to non-blinking mode

Re: exclude-list in mtree (2)

2014-06-20 Thread Manuel Giraud
Same with patch inline: Index: Makefile === RCS file: /cvs/src/usr.sbin/mtree/Makefile,v retrieving revision 1.9 diff -u -p -r1.9 Makefile --- Makefile15 Apr 2013 06:25:18 - 1.9 +++ Makefile20 Jun 2014 12:45:35 - @

exclude-list in mtree (2)

2014-06-20 Thread Manuel Giraud
Hi, In the previous patch, I forgot to check for excluded files at verification time (duh). I also add the name of the excluded files list into the mtree output so it can be retrieved later (e.g. in /usr/libexec/security). Index: Makefile ==