Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Remove the src-patches dir, wont be used anymore, just committing

patches direct to pcbsd/trueos repo
  • Loading branch information...
commit f7a36b09f30638bcfb23249416a8a98757ced4b3 1 parent 2e97491
@kmoore134 kmoore134 authored
View
18 build-files/src-patches/1-SA-13:01.bind.patch
@@ -1,18 +0,0 @@
-Index: contrib/bind9/bin/named/query.c
-===================================================================
---- contrib/bind9/bin/named/query.c
-+++ contrib/bind9/bin/named/query.c
-@@ -5183,10 +5183,12 @@
- isc_result_t result;
- isc_uint32_t ttl = ISC_UINT32_MAX;
-
-+ dns_rdataset_init(&rdataset);
-+
- result = dns_db_getoriginnode(db, &node);
- if (result != ISC_R_SUCCESS)
- goto cleanup;
-- dns_rdataset_init(&rdataset);
-+
- result = dns_db_findrdataset(db, node, version, dns_rdatatype_soa,
- 0, 0, &rdataset, NULL);
- if (result != ISC_R_SUCCESS)
View
215 build-files/src-patches/1-SA-13:01.libc.patch
@@ -1,215 +0,0 @@
-Index: lib/libc/gen/glob.c
-===================================================================
---- lib/libc/gen/glob.c (revision 246357)
-+++ lib/libc/gen/glob.c (working copy)
-@@ -94,6 +94,25 @@ __FBSDID("$FreeBSD$");
-
- #include "collate.h"
-
-+/*
-+ * glob(3) expansion limits. Stop the expansion if any of these limits
-+ * is reached. This caps the runtime in the face of DoS attacks. See
-+ * also CVE-2010-2632
-+ */
-+#define GLOB_LIMIT_BRACE 128 /* number of brace calls */
-+#define GLOB_LIMIT_PATH 65536 /* number of path elements */
-+#define GLOB_LIMIT_READDIR 16384 /* number of readdirs */
-+#define GLOB_LIMIT_STAT 1024 /* number of stat system calls */
-+#define GLOB_LIMIT_STRING ARG_MAX /* maximum total size for paths */
-+
-+struct glob_limit {
-+ size_t l_brace_cnt;
-+ size_t l_path_lim;
-+ size_t l_readdir_cnt;
-+ size_t l_stat_cnt;
-+ size_t l_string_cnt;
-+};
-+
- #define DOLLAR '$'
- #define DOT '.'
- #define EOS '\0'
-@@ -153,15 +172,18 @@ static const Char *g_strchr(const Char *, wchar_t)
- static Char *g_strcat(Char *, const Char *);
- #endif
- static int g_stat(Char *, struct stat *, glob_t *);
--static int glob0(const Char *, glob_t *, size_t *);
--static int glob1(Char *, glob_t *, size_t *);
--static int glob2(Char *, Char *, Char *, Char *, glob_t *, size_t *);
--static int glob3(Char *, Char *, Char *, Char *, Char *, glob_t *, size_t *);
--static int globextend(const Char *, glob_t *, size_t *);
--static const Char *
-+static int glob0(const Char *, glob_t *, struct glob_limit *);
-+static int glob1(Char *, glob_t *, struct glob_limit *);
-+static int glob2(Char *, Char *, Char *, Char *, glob_t *,
-+ struct glob_limit *);
-+static int glob3(Char *, Char *, Char *, Char *, Char *, glob_t *,
-+ struct glob_limit *);
-+static int globextend(const Char *, glob_t *, struct glob_limit *);
-+static const Char *
- globtilde(const Char *, Char *, size_t, glob_t *);
--static int globexp1(const Char *, glob_t *, size_t *);
--static int globexp2(const Char *, const Char *, glob_t *, int *, size_t *);
-+static int globexp1(const Char *, glob_t *, struct glob_limit *);
-+static int globexp2(const Char *, const Char *, glob_t *, int *,
-+ struct glob_limit *);
- static int match(Char *, Char *, Char *);
- #ifdef DEBUG
- static void qprintf(const char *, Char *);
-@@ -171,8 +193,8 @@ int
- glob(const char * __restrict pattern, int flags,
- int (*errfunc)(const char *, int), glob_t * __restrict pglob)
- {
-+ struct glob_limit limit = { 0, 0, 0, 0, 0 };
- const char *patnext;
-- size_t limit;
- Char *bufnext, *bufend, patbuf[MAXPATHLEN], prot;
- mbstate_t mbs;
- wchar_t wc;
-@@ -186,11 +208,10 @@ glob(const char * __restrict pattern, int flags,
- pglob->gl_offs = 0;
- }
- if (flags & GLOB_LIMIT) {
-- limit = pglob->gl_matchc;
-- if (limit == 0)
-- limit = ARG_MAX;
-- } else
-- limit = 0;
-+ limit.l_path_lim = pglob->gl_matchc;
-+ if (limit.l_path_lim == 0)
-+ limit.l_path_lim = GLOB_LIMIT_PATH;
-+ }
- pglob->gl_flags = flags & ~GLOB_MAGCHAR;
- pglob->gl_errfunc = errfunc;
- pglob->gl_matchc = 0;
-@@ -243,11 +264,17 @@ glob(const char * __restrict pattern, int flags,
- * characters
- */
- static int
--globexp1(const Char *pattern, glob_t *pglob, size_t *limit)
-+globexp1(const Char *pattern, glob_t *pglob, struct glob_limit *limit)
- {
- const Char* ptr = pattern;
- int rv;
-
-+ if ((pglob->gl_flags & GLOB_LIMIT) &&
-+ limit->l_brace_cnt++ >= GLOB_LIMIT_BRACE) {
-+ errno = 0;
-+ return (GLOB_NOSPACE);
-+ }
-+
- /* Protect a single {}, for find(1), like csh */
- if (pattern[0] == LBRACE && pattern[1] == RBRACE && pattern[2] == EOS)
- return glob0(pattern, pglob, limit);
-@@ -266,7 +293,8 @@ static int
- * If it fails then it tries to glob the rest of the pattern and returns.
- */
- static int
--globexp2(const Char *ptr, const Char *pattern, glob_t *pglob, int *rv, size_t *limit)
-+globexp2(const Char *ptr, const Char *pattern, glob_t *pglob, int *rv,
-+ struct glob_limit *limit)
- {
- int i;
- Char *lm, *ls;
-@@ -436,7 +464,7 @@ globtilde(const Char *pattern, Char *patbuf, size_
- * if things went well, nonzero if errors occurred.
- */
- static int
--glob0(const Char *pattern, glob_t *pglob, size_t *limit)
-+glob0(const Char *pattern, glob_t *pglob, struct glob_limit *limit)
- {
- const Char *qpatnext;
- int err;
-@@ -529,7 +557,7 @@ compare(const void *p, const void *q)
- }
-
- static int
--glob1(Char *pattern, glob_t *pglob, size_t *limit)
-+glob1(Char *pattern, glob_t *pglob, struct glob_limit *limit)
- {
- Char pathbuf[MAXPATHLEN];
-
-@@ -547,7 +575,7 @@ static int
- */
- static int
- glob2(Char *pathbuf, Char *pathend, Char *pathend_last, Char *pattern,
-- glob_t *pglob, size_t *limit)
-+ glob_t *pglob, struct glob_limit *limit)
- {
- struct stat sb;
- Char *p, *q;
-@@ -563,6 +591,15 @@ glob2(Char *pathbuf, Char *pathend, Char *pathend_
- if (g_lstat(pathbuf, &sb, pglob))
- return(0);
-
-+ if ((pglob->gl_flags & GLOB_LIMIT) &&
-+ limit->l_stat_cnt++ >= GLOB_LIMIT_STAT) {
-+ errno = 0;
-+ if (pathend + 1 > pathend_last)
-+ return (GLOB_ABORTED);
-+ *pathend++ = SEP;
-+ *pathend = EOS;
-+ return (GLOB_NOSPACE);
-+ }
- if (((pglob->gl_flags & GLOB_MARK) &&
- pathend[-1] != SEP) && (S_ISDIR(sb.st_mode)
- || (S_ISLNK(sb.st_mode) &&
-@@ -606,7 +643,7 @@ glob2(Char *pathbuf, Char *pathend, Char *pathend_
- static int
- glob3(Char *pathbuf, Char *pathend, Char *pathend_last,
- Char *pattern, Char *restpattern,
-- glob_t *pglob, size_t *limit)
-+ glob_t *pglob, struct glob_limit *limit)
- {
- struct dirent *dp;
- DIR *dirp;
-@@ -652,6 +689,19 @@ glob3(Char *pathbuf, Char *pathend, Char *pathend_
- size_t clen;
- mbstate_t mbs;
-
-+ if ((pglob->gl_flags & GLOB_LIMIT) &&
-+ limit->l_readdir_cnt++ >= GLOB_LIMIT_READDIR) {
-+ errno = 0;
-+ if (pathend + 1 > pathend_last)
-+ err = GLOB_ABORTED;
-+ else {
-+ *pathend++ = SEP;
-+ *pathend = EOS;
-+ err = GLOB_NOSPACE;
-+ }
-+ break;
-+ }
-+
- /* Initial DOT must be matched literally. */
- if (dp->d_name[0] == DOT && *pattern != DOT)
- continue;
-@@ -702,14 +752,15 @@ glob3(Char *pathbuf, Char *pathend, Char *pathend_
- * gl_pathv points to (gl_offs + gl_pathc + 1) items.
- */
- static int
--globextend(const Char *path, glob_t *pglob, size_t *limit)
-+globextend(const Char *path, glob_t *pglob, struct glob_limit *limit)
- {
- char **pathv;
- size_t i, newsize, len;
- char *copy;
- const Char *p;
-
-- if (*limit && pglob->gl_pathc > *limit) {
-+ if ((pglob->gl_flags & GLOB_LIMIT) &&
-+ pglob->gl_matchc > limit->l_path_lim) {
- errno = 0;
- return (GLOB_NOSPACE);
- }
-@@ -737,6 +788,12 @@ static int
- for (p = path; *p++;)
- continue;
- len = MB_CUR_MAX * (size_t)(p - path); /* XXX overallocation */
-+ limit->l_string_cnt += len;
-+ if ((pglob->gl_flags & GLOB_LIMIT) &&
-+ limit->l_string_cnt >= GLOB_LIMIT_STRING) {
-+ errno = 0;
-+ return (GLOB_NOSPACE);
-+ }
- if ((copy = malloc(len)) != NULL) {
- if (g_Ctoc(path, copy, len)) {
- free(copy);
View
3,891 build-files/src-patches/2-SA-13:03.openssl.patch
0 additions, 3,891 deletions not shown
View
13 build-files/src-patches/2-SA-13:04.bind.patch
@@ -1,13 +0,0 @@
-Index: lib/bind/config.h
-===================================================================
---- lib/bind/config.h (revision 248771)
-+++ lib/bind/config.h (working copy)
-@@ -281,7 +281,7 @@ int sigwait(const unsigned int *set, int *sig);
- /* #undef HAVE_OPENSSL_GOST */
-
- /* Define to 1 if you have the <regex.h> header file. */
--#define HAVE_REGEX_H 1
-+/* #undef HAVE_REGEX_H */
-
- /* Define to 1 if you have the `setegid' function. */
- #define HAVE_SETEGID 1
View
58 build-files/src-patches/3-GENERIC-VIMAGE
@@ -1,58 +0,0 @@
---- sys/i386/conf/GENERIC.old 2013-04-09 16:23:11.881436192 -0400
-+++ sys/i386/conf/GENERIC 2013-04-09 16:22:51.631437099 -0400
-@@ -67,6 +67,7 @@
- options INCLUDE_CONFIG_FILE # Include this file in kernel
- options KDB # Kernel debugger related code
- options KDB_TRACE # Print a stack trace for a panic
-+options VIMAGE # Enable virtual-networking for jails
-
- # To make an SMP kernel, the next two lines are needed
- options SMP # Symmetric MultiProcessor Kernel
-@@ -341,13 +342,13 @@
- device zyd # ZyDAS zd1211/zd1211b wireless NICs
-
- # FireWire support
--device firewire # FireWire bus code
-+#device firewire # FireWire bus code
- # sbp(4) works for some systems but causes boot failure on others
- #device sbp # SCSI over FireWire (Requires scbus and da)
--device fwe # Ethernet over FireWire (non-standard!)
--device fwip # IP over FireWire (RFC 2734,3146)
--device dcons # Dumb console driver
--device dcons_crom # Configuration ROM for dcons
-+#device fwe # Ethernet over FireWire (non-standard!)
-+#device fwip # IP over FireWire (RFC 2734,3146)
-+#device dcons # Dumb console driver
-+#device dcons_crom # Configuration ROM for dcons
-
- # Sound support
- device sound # Generic sound driver (required)
---- sys/amd64/conf/GENERIC.old 2013-04-09 16:20:35.361437927 -0400
-+++ sys/amd64/conf/GENERIC 2013-04-09 16:22:08.301434802 -0400
-@@ -67,6 +67,7 @@
- options INCLUDE_CONFIG_FILE # Include this file in kernel
- options KDB # Kernel debugger related code
- options KDB_TRACE # Print a stack trace for a panic
-+options VIMAGE # Enable virtual-networking for jails
-
- # Make an SMP-capable kernel by default
- options SMP # Symmetric MultiProcessor Kernel
-@@ -328,13 +329,13 @@
- device zyd # ZyDAS zd1211/zd1211b wireless NICs
-
- # FireWire support
--device firewire # FireWire bus code
-+#device firewire # FireWire bus code
- # sbp(4) works for some systems but causes boot failure on others
- #device sbp # SCSI over FireWire (Requires scbus and da)
--device fwe # Ethernet over FireWire (non-standard!)
--device fwip # IP over FireWire (RFC 2734,3146)
--device dcons # Dumb console driver
--device dcons_crom # Configuration ROM for dcons
-+#device fwe # Ethernet over FireWire (non-standard!)
-+#device fwip # IP over FireWire (RFC 2734,3146)
-+#device dcons # Dumb console driver
-+#device dcons_crom # Configuration ROM for dcons
-
- # Sound support
- device sound # Generic sound driver (required)
View
11 build-files/src-patches/nullfs-patch
@@ -1,11 +0,0 @@
---- sys/fs/nullfs/null_subr.c.o 2009-09-19 19:36:27.000000000 -0400
-+++ sys/fs/nullfs/null_subr.c 2009-09-22 19:19:09.000000000 -0400
-@@ -230,6 +230,8 @@
- xp->null_vnode = vp;
- xp->null_lowervp = lowervp;
- vp->v_type = lowervp->v_type;
-+ if (vp->v_type == VSOCK || vp->v_type == VFIFO)
-+ vp->v_un = lowervp->v_un;
- vp->v_data = xp;
- vp->v_vnlock = lowervp->v_vnlock;
- if (vp->v_vnlock == NULL)
Please sign in to comment.
Something went wrong with that request. Please try again.