Age | Commit message (Collapse) | Author |
|
Reset p->htop in the oversize bignum error case to avoid leaving a
hole in the heap, which would crash the debug emulator.
|
|
Bignums are artifically restricted in size. Arithmetic and logical
operations check the sizes of resulting bignums, and turn oversize
results into system_limit exceptions.
However, this check is not performed when bignums are constructed by
binary matching. The consequence is that such matchings can construct
oversize bignums that satisfy is_integer/1 yet don't work. Performing
arithmetic such as Term - 0 fails with a system_limit exception. Worse,
performing a logical operation such as Term band Term results in [].
The latter occurs because the size checking (e.g. in erts_band()) is
a simple ASSERT(is_not_nil(...)) on the result of the bignum operation,
which internally is [] (NIL) in the case of oversize results. However,
ASSERT is a no-op in release builds, so the error goes unnoticed and []
is returned as the result of the band/2.
This patch addresses this by preventing oversize bignums from entering
the VM via binary matching:
- the internal bytes_to_big() procedure is augmented to return NIL for
oversize results, just like big_norm()
- callers of bytes_to_big() are augmented to check for NIL returns and
signal errors in those cases
- erts_bs_get_integer_2() can only fail with badmatch, so that is the
Erlang-level result of oversize bignums from binary matches
- big_SUITE.erl is extended with a test case that fails without this
fix (no error signalled) and passes with it (badmatch occurs)
Credit goes to Nico Kruber for the initial bug report.
|
|
|
|
|
|
* bjorn/compiler/map-bugs/OTP-12451:
Be more careful about map patterns when evalutating element/2
Do not convert map patterns to map expressions
|
|
We must not convert map patterns to map expressions.
|
|
In code such as:
case {a,Map} of
{a,#{}}=T ->
T
end
we must NOT rewrite a map pattern to a map expression like this:
case Map of
#{} ->
{a,#{}}
end
because the pattern '#{}' will match any map, but the expression
'#{}' will construct an empty map.
|
|
* ia/ssl/self-signed-root/OTP-12449:
ssl: Remove selfsigned anchor certificate from the certificate chain
|
|
A selfsigned trusted anchor should not be in the certifcate chain passed to
the certificate path validation.
Conflicts:
lib/ssl/src/ssl_certificate.erl
|
|
|
|
|
|
* egil/fix-getifaddrs-realloc/OTP-12445:
erts: Fix getifaddrs realloc ptr mismatch
|
|
* egil/fix-child_setup-close/OTP-12446:
erts: Use closefrom() if available when closing fds
erts: Don't close all fds twice in child_setup
|
|
* egil/fix-crashdump-epmd/OTP-12447:
erts: Check driver version before assigning callback
erts: Don't lookup invalid port for crashdump handling
erts: Reserve a file descriptor for the crashdump file
erts: Use emergency close to close epmd
erts: Extend driver interface with emergency_close
|
|
'ia/maint/inets/invalid-content-length/mod_alias_https/consistent_keep_alive_timeout/OTP-12429/OTP-12436' into maint-17
* ia/maint/inets/invalid-content-length/mod_alias_https/consistent_keep_alive_timeout/OTP-12429/OTP-12436:
inets: Consistent view of configuration parameter keep_alive_timeout
inets: httpd - mod_alias now handles https URIs
inets: httpd - Sanity check of content-length header
|
|
|
|
|
|
When a buffer was exhausted and subsequently a realloc, we could get
an invalid pointer.
For this to occur we would need to have a realloc to lower adresses.
The symptom would be garbage returned from erlang:port_control(Port, 25, [])
(prim_inet:getifaddrs(Port) resulting in a badarg) or a segmentation fault.
|
|
Gracefully handle invalid content-lenght headers instead of
crashing in list_to_integer.
|
|
* 0xAX/inets-typo-fix:
lib/inets: fix typo in httpd_load_test example
|
|
closefrom() was only used in the vfork() case before, now also
used in the fork() case.
|
|
The commit c2b4eab25c907f453a394d382c04cd04e6c06b49 introduced an error
in which child_setup erroneously tried to close all file descriptors twice.
|
|
|
|
* s1n4/httpc_invalid_set_cookies/OTP-12430:
httpc: Avoid parsing invalid 'Set-Cookie' headers
|
|
|
|
* sverk/port_get_data-race-r16b03/OTP-12208:
erts: Fix port data memory allocation bug
erts: Mend port_set_data with non-immed data for halfword VM
erts: Add test case for port_set_data and port_get_data
erts: Fix race between port_set_data, port_get_data and port termination
erts: Fix erlang:port_set_data/2 for non immediate data
|
|
* marcus/16/fix-rebuild:
Sort keys before generating
|
|
* ia/ssh/sftp-v3-flags:
ssh: Add some more flags
ssh: Correct Sftp flag handling
ssh: Add handling of sftp v3 flags
|
|
* ia/ssl/maint/poddle/OTP-12420:
ssl: Reenable padding check for TLS-1.0 and provide backwards compatible disable option
|
|
|
|
* egil/fix-lcnt/OTP-12364:
tools: Fix lcnt printout of histograms
tools: Fix lcnt sort of inspected locks
|
|
|
|
|
|
|
|
Closes all open socket before writing crashdump to file.
|
|
* nox/standard_error/OTP-12424:
Test standard_error
Properly handle broken input in standard_error
Fix io:getopts(standard_error)
|
|
* marcus/rabbe-doc-typos2/OTP-12399:
fix spelling
|
|
disable option
Conflicts:
lib/ssl/src/ssl_cipher.erl
lib/ssl/src/ssl_record.erl
lib/ssl/src/tls_record.erl
lib/ssl/test/ssl_cipher_SUITE.erl
|
|
|
|
Function name was somewhat confusing and when trying to find a better
name for it we realised it did not work as intended.
|
|
|
|
for non-immediate port data >= sizeof(Eterm)*2 words.
|
|
|
|
|
|
Always update prt->data with atomic xchg-op.
Check for NULL data to detect racing port terminator.
Use NULL, as THE_NON_VALUE can be a valid pointer on debug VM.
|
|
hsize field was not set leading to VM crash
|
|
|
|
* bjorn/compiler/map-pattern/OTP-12414:
core_lib: Handle patterns in map values
|
|
|
|
io:put_chars(standard_error, [oops]) could previously crash the
standard_error process.
Reported-by: Alexei Sholik
|