| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
the kernel wrongly expects the cmsg length field to be size_t instead
of socklen_t. in order to work around the issue, we have to impose a
length limit and copy to a local buffer. the length limit should be
more than sufficient for any real-world use; these headers are only
used for passing file descriptors and permissions between processes
over unix sockets.
|
| |
|
|
|
|
|
|
| |
we do not bother making h_errno thread-local since the only interfaces
that use it are inherently non-thread-safe. but still use the
potentially-thread-local ABI to access it just to avoid lock-in.
|
|
|
|
|
|
|
|
|
|
|
| |
the buffer in getaddrinfo really only matters when /etc/hosts is huge,
but in that case, the huge number of syscalls resulting from a tiny
buffer would seriously impact the performance of every name lookup.
the buffer in __dns.c has also been enlarged a bit so that typical
resolv.conf files will fit fully in the buffer. there's no need to
make it so large as to dominate the syscall overhead for large files,
because resolv.conf should never be large.
|
|
|
|
|
| |
uninitialized file descriptor was being closed on return, causing
stdin to be closed in many cases.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
if the file descriptor resource limit has been increased past
FD_SETSIZE, this is actually a security issue; we could write past the
end of the fd_set object. using poll makes it a non-issue, and
simplifies the code at the same time.
also, use clock_gettime instead of gettimeofday, for reduced bloat
and better entropy.
|
| |
|
| |
|
|
|
|
| |
i had missed the fact that a couple values were unassigned...
|
|
|
|
|
|
|
|
|
|
|
| |
per POSIX and RFC 3493:
If the specified address family is AF_INET, AF_INET6, or AF_UNSPEC,
the service can be specified as a string specifying a decimal port
number.
021 is a valid decimal number, therefore, interpreting it as octal
seems to be non-conformant.
|
|
|
|
|
| |
these are useless legacy functions but some old software contains
cruft that expects them to exist...
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
this patch improves the correctness, simplicity, and size of
cancellation-related code. modulo any small errors, it should now be
completely conformant, safe, and resource-leak free.
the notion of entering and exiting cancellation-point context has been
completely eliminated and replaced with alternative syscall assembly
code for cancellable syscalls. the assembly is responsible for setting
up execution context information (stack pointer and address of the
syscall instruction) which the cancellation signal handler can use to
determine whether the interrupted code was in a cancellable state.
these changes eliminate race conditions in the previous generation of
cancellation handling code (whereby a cancellation request received
just prior to the syscall would not be processed, leaving the syscall
to block, potentially indefinitely), and remedy an issue where
non-cancellable syscalls made from signal handlers became cancellable
if the signal handler interrupted a cancellation point.
x86_64 asm is untested and may need a second try to get it right.
|
|
|
|
|
|
|
| |
we can do this without violating the namespace now that they are
macros/inline functions rather than extern functions. the motivation
is that gcc was generating giant, slow, horrible code for the old
functions, and now generates a single byte-swapping instruction.
|
|
|
|
|
|
|
|
|
|
|
| |
POSIX clearly specifies the type of msg_iovlen and msg_controllen, and
Linux ignores it and makes them both size_t instead. to work around
this we add padding (instead of just using the wrong types like glibc
does), but we also need to patch-up the struct before passing it to
the kernel in case the caller did not zero-fill it.
if i could trust the kernel to just ignore the upper 32 bits, this
would not be necessary, but i don't think it will ignore them...
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
previously NULL was returned in ai_canonname, resulting in crashes in
some callers. this behavior was incorrect. note however that the new
behavior differs from glibc, which performs reverse dns lookups. POSIX
is very clear that a reverse DNS lookup must not be performed for
numeric addresses.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
sadly the C language does not specify any such implicit conversion, so
this is not a matter of just fixing warnings (as gcc treats it) but
actual errors. i would like to revisit a number of these changes and
possibly revise the types used to reduce the number of casts required.
|
| |
|
| |
|
|
|