Commit Graph

413 Commits

Author SHA1 Message Date
Giacomo Tesio 1f59502bf5 kernel/boot: #ec/console (from kernel args) defines the console to start 2017-02-04 01:04:51 +01:00
Giacomo Tesio 19bf511603 kernel: devdup: fix dup(n, 0)
Completes e1a14b49be
2017-01-24 22:24:55 +01:00
Giacomo Tesio edd84db070 kernel: import 9front's PCI improvements 2017-01-24 22:24:43 +01:00
Giacomo Tesio c2b06ebf80 kernel: fix out of bound read in trap()
Reported by coverity, CID 155927: if vno == 32 it would access index
32 of excname at trap.c:339.
2017-01-24 22:24:20 +01:00
Giacomo Tesio 6dd0f2e130 kernel: use pprint instead of print in elf64ldseg.
Should also fix CID 156242, CID 156240 and CID 156236 avoiding
access to uninitialized pointers (get64, get32 and get16).
2017-01-24 22:23:17 +01:00
Giacomo Tesio db8aab1a04 kernel: boot: fix more dup() leaks reported by coverity 2017-01-24 22:22:58 +01:00
Giacomo Tesio aa25654232 libsec: improve fix #4: check valid length in TLS (msgRecv)
This commit should complete the work done at 90fe80e73b

Should also fix CID 155874.
2017-01-24 22:22:20 +01:00
Giacomo Tesio f6e1c78244 devtools: various fixes 2017-01-20 01:54:36 +01:00
Giacomo Tesio 0e29b708cb published: doc/hacking/overview.md 2017-01-20 01:53:06 +01:00
Giacomo Tesio 5952f36a44 devtools: introduce ./hacking/gdb.sh and improve ./hacking/devshell.sh 2017-01-19 19:34:56 +01:00
Giacomo Tesio 65cdad4317 libc: rewrite putenv and getenv.
These new implementations

- do several validity check on input parameters
- allow a bit larger variable names (127 bytes, aka sizeof(Proc.genbuf)-1)
- preserve nulls in the content (the original version used to replace
  '\0' with ' '). I can't see why they did, actually.
  See also http://marc.info/?l=9fans&m=148475801229908&w=2

Should also fix CID 155718
2017-01-19 00:58:43 +01:00
Giacomo Tesio d43be3861b libc: fix potential nil dereference in system() posix wrapper
Should also fix CID 155750.
2017-01-18 23:36:18 +01:00
Giacomo Tesio b05c21397e libc: rewrite brk() and sbrk()
Also fix Coverity 1 scan defects, CID 155773 and CID 155768, removing
less-than-zero comparisons of unsigned values that were never true.
2017-01-18 23:35:41 +01:00
Giacomo Tesio 6e816b293d libmp: fix #6: mptole takes `p` xor `pp`
See commit 0f82a2c3c3 for further info

Also fix build after typo.
2017-01-18 01:59:44 +01:00
Giacomo Tesio 0f82a2c3c3 libmp: fix #5: mptole takes `p` xor `pp`
According to http://man.cat-v.org/9front/2/mp mptole either take p or pp:

> Mptobe and mptole convert an mpint to a byte array.  The
> former creates a big endian representation, the latter a
> little endian one.  If the destination buf is not nil, it
> specifies the buffer of length blen for the result.  If the
> representation is less than blen bytes, the rest of the
> buffer is zero filled.  **If buf is nil**, then a buffer is
> allocated and a pointer to it is deposited in the location
> pointed to by **bufp**. Sign is ignored in these conversions,
> i.e., the byte array version is always positive.

Assert accordingly.
2017-01-18 01:47:31 +01:00
Giacomo Tesio 90fe80e73b libsec: fix #4: Finished.n can only be 0, 12 or 36
As noted ty Cinap Lenrek Finished.n is only set by setVersion and can only
be either 0 before setVersion() as emalloc() zeros the TlsConnection struct
or SSL3FinishedLen/TLSFinishedLen after when we got the client/server hello.

Introducing FinishedLength enum we make the domain of the field explicit.
2017-01-18 00:24:10 +01:00
Giacomo Tesio 49040ffdaa kernel: boot: fix dup() leaks reported by coverity 2017-01-17 22:01:15 +01:00
Giacomo Tesio e1a14b49be kernel: devdup: fix dup(n, 0)
A successful dup(n, 0) must not return -1L
2017-01-17 21:48:33 +01:00
Giacomo Tesio 207967f9e8 libc: _assert do not return. should fix build 2017-01-17 21:28:56 +01:00
Giacomo Tesio 04962f0637 libsec: fix #3: out-of-bound access in aesXCBCmac (CID 155914) 2017-01-17 21:05:59 +01:00
Giacomo Tesio 90f3d2ce31 lib9p2000: cleanup redundant checks in convM2S
CID 49221 (#1 of 1): Identical code for different branches (IDENTICAL_BRANCHES)
identical_branches: The same code is executed when the condition p == NULL is true or false, because the code in the if-then branch and after the if statement is identical. Should the if statement be removed?
2017-01-17 21:05:15 +01:00
Giacomo Tesio 663b002529 libsec: mark DigestState as stack var in ccpoly_*
CID 160099 and CID 160100 (#1 of 1): Free of address-of expression (BAD_FREE)
address_free: ccpolylen frees address of ds
2017-01-17 21:04:15 +01:00
Giacomo Tesio 3cfe366cc0 libsec: fix out of bound write (CID 155904)
In aesXCBCmac fix (potential) out of bound write in padding.

CID 155904 (#1 of 1): Out-of-bounds write (OVERRUN)
7. overrun-local: Overrunning array of 16 bytes at byte offset 16 by dereferencing pointer p2++.
2017-01-17 21:03:32 +01:00
Giacomo Tesio 06376d5859 libc.h: mark _assert as noreturn
Indeed the `assert` macro calls the _assert function only when the assertion failed.
2017-01-17 21:02:30 +01:00
Giacomo Tesio 6daa49324a kernel: umem: fix frees in segments_fill
CID 155453 (#1 of 1): Free of address-of expression (BAD_FREE)
address_free: free frees address of (segments + 0).pages.
2017-01-17 00:26:23 +01:00
Giacomo Tesio 20f15cbe5a kernel: fix not null terminated string in options()
CID 155471 (#1 of 1): Buffer not null terminated (BUFFER_SIZE_WARNING)67.
buffer_size_warning: Calling strncpy with a maximum size argument of 256 bytes on destination array envcopy of size 256 bytes might leave the destination string unterminated.
2017-01-17 00:18:18 +01:00
Giacomo Tesio 41a9489dd4 libsec: fix des56to64 access to key array
CID 155910 (#1 of 1): Out-of-bounds access (OVERRUN)1.

overrun-buffer-val: Overrunning buffer pointed to by key of 7 bytes by passing it to a function which accesses it at byte offset 63.
2017-01-17 00:01:08 +01:00
Giacomo Tesio e2b5953d99 libc: handle positive fd on "always-failing" creates (brk and dup) 2017-01-16 23:53:05 +01:00
Giacomo Tesio 042e206d13 kernel: devrtc: fix use of uninitialized array in rtcextract
CID 156229: Uninitialized scalar variable (UNINIT)9.
uninit_use: Using uninitialized value bcdclock[0].
2017-01-16 02:00:10 +01:00
Giacomo Tesio 237b7709ae kernel: umem: fix use of uninitialized fptr in freelist_pop
CID 156230 (#1 of 1): Uninitialized pointer read (UNINIT)9.
uninit_use: Using uninitialized value fptr.
2017-01-15 01:59:41 +01:00
Giacomo Tesio 1cb4610ed2 kernel: udp: fix read of uninitialized array
CID 156231 (#1 of 1): Uninitialized scalar variable (UNINIT)6.
uninit_use_in_call: Using uninitialized element of array laddr when calling memcmp.
2017-01-15 01:35:28 +01:00
Giacomo Tesio f2f95a935f kernel: fix use of uninitialized value in freelist_pop
CID 156233 (#1 of 1): Uninitialized pointer read (UNINIT)5. uninit_use: Using uninitialized value fimg.
2017-01-15 01:03:35 +01:00
Giacomo Tesio c4fb99ec38 qa: fix a few issues detected by coverity 2017-01-14 17:58:33 +01:00
Giacomo Tesio d4157c7e24 improve README.md and LICENSE.md 2017-01-14 12:39:05 +01:00
Giacomo Tesio 87a1c929ea doc: draft coding style 2017-01-12 23:19:02 +01:00
Giacomo Tesio 0de2dfc95b kernel: fix /dev/swap and `stats -m` 2017-01-12 00:41:14 +01:00
Giacomo Tesio 4e8d766fe8 doc: drafted hacking/overview.md 2017-01-12 00:41:01 +01:00
Giacomo Tesio d1cc947cd9 kernel: fix fd mode print in devproc 2017-01-12 00:39:50 +01:00
Giacomo Tesio e93aafc028 qa: build everything with -Werror 2017-01-12 00:38:56 +01:00
Giacomo Tesio 51d12f1f34 kernel: fix #0/brk/ qid (it's a special directory, not a special file) 2017-01-09 00:44:01 +01:00
Giacomo Tesio 01562d4ddb qa: rfork(RFNAMEG) on tests that are going to rfork(RFNOMNT) later 2017-01-06 23:04:04 +01:00
Giacomo Tesio 6872a8483b devtools: continuous-build.sh: restore toolchain cache in travis-ci 2017-01-06 18:49:12 +01:00
Giacomo Tesio d7d987c746 devtools: update 2017-01-06 03:48:47 +01:00
Giacomo Tesio a8e2247e20 kernel: drop SysNsec references from syscall() 2017-01-06 01:40:04 +01:00
Giacomo Tesio 4676c65a3d kernel: move nsec to libc 2017-01-06 00:56:22 +01:00
Giacomo Tesio 2508de40ea kernel: move sysdup to libc 2017-01-06 00:56:22 +01:00
Giacomo Tesio 882e33b091 qa: fix warnings 2017-01-06 00:54:42 +01:00
Giacomo Tesio c342234d74 kernel: print faults to process standard error 2017-01-06 00:54:04 +01:00
Giacomo Tesio 410e6d1fa1 cflags: set --sysroot=$JEHANNE 2017-01-06 00:53:25 +01:00
Giacomo Tesio d24c2b3606 rio: fix wloc call to sys/call 2017-01-04 23:34:44 +01:00