dump: better handling of large filesystems

2020-09-28 Thread Otto Moerbeek
Hi, this fixes an overwrite of spcl.c_addr. Taken form FreeBSD. See https://marc.info/?l=openbsd-misc&m=160018252418088&w=2 -Otto Index: tape.c === RCS file: /cvs/src/sbin/dump/tape.c,v retrieving revision 1.45 diff -u -p

random canary bytes for malloc

2020-09-28 Thread Otto Moerbeek
Hi, until now, canary bytes (used by the C olption) were the same as the bytes used to junk (0xfd). This means that certain overwrites are not detected, like setting the high bit. This makes the byte value used to write canaries random. I do not want to complicate the code to handle all combina

[PATCH netcat] UDP server with -k sends data to most recent client

2020-09-28 Thread Duncan Roe
This allows e.g. a sequence of clients to have 2-way conversations. Prior to this, server standard input was effectively discarded. -k -l -u -v reports each time a message comes from a different client than that from which the previous message came. Signed-off-by: Duncan Roe --- usr.bin/nc/net

[PATCH] : Add safety to nitems(): check that argument is an array

2020-09-28 Thread Alejandro Colomar
'nitems()' calculates the length of an array in number of items. It is safe: if a pointer is passed to the macro (or function, in C++), the compilation is broken due to: - In >= C11: _Static_assert() - In C89, C99: Negative anonymous bitfield - In C++: The template requires an array This patch

Garbage fix for USB_GET_FULL_DESC

2020-09-28 Thread Martin Pieuchot
Copy with uiomove(9) the correct size of the descriptor and not a random value from the stack. This is Coverity CID 1497167. As I understand it there's no security impact as the size is always caped by `ufd_size' however the returned descriptor might be corrupted and this can explain why userland