Age | Commit message (Collapse) | Author |
|
We can never read past the end of the packet, so this seems impossible
to exploit, but let's error out early as reading past the end of the
current RR is clearly an error.
Found by Lennart, based on patch by Daniel.
|
|
Rename the field to make this clearer.
|
|
Most blobs (keys, signatures, ...) should have a specific size given by
the relevant algorithm. However, as we don't use/verify the algorithms
yet, let's just ensure that we don't read out zero-length data in cases
where this does not make sense.
The only exceptions, where zero-length data is allowed are in the NSEC3
salt field, and the generic data (which we don't know anything about,
so better not make any assumptions).
|
|
bitmap: various clean-ups
|
|
a) use memcmp() to compare bitmaps efficiently
b) use UINT64_C() macro instead of ULL suffixes to get right suffix for
uint64_t constants
c) add a few assert()s
d) when comparing integers with 0 we generally try to make this explicit
with "!= 0".
e) remove redundant bitmap_isset() if check, as we don't have it in
bitmap_isset() either.
f) It should be fine to invoke bitmap_unset() on a NULL bitmap
|
|
resolve: unify memdup() code when parsing RRs
|
|
basic: bitmap: use uint64_t instead if long long unsigned
|
|
ip6 tunnel: add support for DSCP
|
|
|
|
Hook up container userns with nss-mymachines
|
|
tmpfiles: downgrade errors when a file system does not support file a…
|
|
resolved: make sure we alway initialize *start in dns_packet_append_t…
|
|
long long unsigned is always 64 bit wide, so use a more readable type.
|
|
bitmap: bitmap_clear()
|
|
This patch adds support for setting the
DSCP field in the ip6 tunnel.
when set it inherits DSCP field between inner and outer header.
|
|
dns_packet_append_type_window()
|
|
No need to actually reset the bitmap, we can just truncate it back zero
size. That not only makes bitmap_clear() quicker, but also subsequent
bitmap_isclear().
|
|
Let's make dns_packet_read_public_key() more generic by renaming it to
dns_packet_read_memdup() (which more accurately describes what it
does...). Then, patch all cases where we memdup() RR data to use this
new call.
This specifically checks for zero-length objects, and handles them
gracefully. It will set zero length payload fields as a result.
Special care should be taken to ensure that any code using this call
can handle the returned allocated field to be NULL if the size is
specified as 0!
|
|
resolve: fix two minor memory leaks
|
|
resolve: drop dns_scope_good_dns_server()
|
|
strv_extend() already strdup()s internally, no need to to this twice.
(Also, was missing OOM check...).
Use strv_consume() when we already have a string allocated whose
ownership we want to pass to the strv.
This fixes 50f1e641a93cacfc693b0c3d300bee5df0c8c460.
|
|
It's not used anymore since 29815b6c608b836cada5e349d06a96b63eaa65f3,
hence let's remove it from the sources.
|
|
journal: reword msg about enforced size limits a bit
|
|
http://lists.freedesktop.org/archives/systemd-devel/2015-July/033574.html
|
|
Machines can also be services
|
|
This makes `systemd-cgls -M <machine name>` work with nspawn containers in
systemd 222.
|
|
This downgrades errors from setting file attributes via tmpfiles to
warnings and makes them non-fatal.
Also, as a special case, if a file system does not support file
attributes at all, then the message is downgraded to debug, so that it
is not seen at all.
With this change reiserfs should not see any messages at all anymore
(since it apparently does not implement file attributes at all), but XFS
will still get a warning but no failure. The warning is something the
XFS kernel folks should fix though, by adjusting their file attributes
behaviour to be identical to ext234's.
Fixes #560.
|
|
improve IN_SET macro
|
|
Making the array static allows gcc -O2 to generate smaller code:
"size systemd" before:
text data bss dec hex filename
1377286 128608 2632 1508526 1704ae systemd
After:
text data bss dec hex filename
1374326 128572 2664 1505562 16f91a systemd
(IN_SET still results in worse generated code than using
"x == FOO || x == BAR || ...". I don't think we'll be able to match
that with the C preprocessor.)
This change limits the use of IN_SET to sets with constant elements. All
present callers use constants. The compiler would report an "initializer
element is not constant" error otherwise.
|
|
Putting the set elements in an array variable and using ELEMENTSOF makes
it clearer what's going on.
Incidentally, it also makes gcc -O2 generate slightly smaller code:
"size systemd", before:
text data bss dec hex filename
1378318 128608 2632 1509558 1708b6 systemd
After:
text data bss dec hex filename
1377286 128608 2632 1508526 1704ae systemd
|
|
network: Add tunnel params
|
|
Job logging fixes and improvements
|
|
ata_id: unreverse WWN identifier
|
|
|
|
|
|
hwdb: add Logitech MX Master DPI settings
|
|
An endianness conversion was lost in 6024a6e302bad6bcf073fa84a41a6123305dc845.
Restore it. Now ata_id and scsi_id output match.
https://bugzilla.redhat.com/show_bug.cgi?id=1227503
|
|
|
|
udev.log-priority crash fix and cleanup
|
|
This way it does not need distinct string literals and it also preserves
the "rd." prefix.
|
|
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1245293
|
|
We do not print all non-OK job completion status messages to the console
in red, because not all of them are plain errors. We do however log the
same messages as LOG_ERR.
Differentiate the log levels by deducing them from the job result in a
way that more or less matches the color of the console message.
|
|
Joins three log_struct() calls into one.
|
|
JOB_RESTART and failed JOB_VERIFY_ACTIVE completions were printed to
console but not to the log.
|
|
It is misleading to see "Started foo." in the log when the unit's
condition was false.
|
|
These units' message format strings are identical to the generic
strings. Since we can always rely on the fallback, these are now
redundant.
|
|
This is similar to "core: always try harder to get unit status
message format string", but for job completion status messages.
It makes generic status messages applicable for printing to the console.
And it rewrites the functions in a more table-based style.
|
|
unit_get_status_message_format() is used only with one of JOB_START,
JOB_STOP, JOB_RELOAD, all of which have fallback message strings
defined, so the function may never return NULL.
|
|
Fix the overrun case in sample acquistion and negative number calculations.
Reported by Stefan Sauer.
Fixes #642
|
|
basic/fileio: fix write_string_file() fallout
|