Age | Commit message (Collapse) | Author |
|
* ac/fix-erl_interface-docs:
Make comment reflect code in erl_interface/src/misc/ei_decode_term.c
ei_decode_ei_term() returns 1 if index is incremented
OTP-9559
|
|
* cr/cppcheck:
Changes inspired by running cppcheck(1)
OTP-9557
|
|
* ms/ei-int-overflow-in-string-atom-enc:
ei: integer overflow in string/atom encoding
OTP-9530
|
|
Note that ei_decode_term.h has the correct behaviour described!
Also removed extraneous '/* return 0; */' comments.
|
|
|
|
|
|
ei_encode_atom() and ei_encode_string() use strlen() to get the length
of the buffer. As strlen() returns an unsigned long long and both ei
functions take a signed integer, the length fields may overflow.
Check the results of strlen can be held in a signed integer.
|
|
|
|
|
|
* gl/erl_do_receive_msg/OTP-9241:
The function 'erl_xreceive_msg' returned garbage in the 'to' and 'to_name' members of the message. The reason for that was found in the 'erl_do_receive_msg' function. When no 'pid' is provided by the sender, like when doing rpc calls as those uses registered name sends, it doesn't initialize the 'to' member and also the 'to_name' member is copied by the function.
|
|
members of the message. The reason for that was found in the 'erl_do_receive_msg' function. When no 'pid' is provided by the sender, like when doing rpc calls as those uses registered name sends, it doesn't initialize the 'to' member and also the 'to_name' member is copied by the function.
|
|
|
|
* cg/fix-sizeof-array-arg:
Fix using sizeof() for array given as function argument
OTP-9151
|
|
|
|
When using the sizeof() operator for an array given as function argument it
returns the size of the pointer.
In this case, the affected function hex(char digest[16], char buff[33]) will
just print 4 or 8 byte instead of the full length of 16 bytes, on 32bit and
64bit systems respectively.
|
|
|
|
|
|
* vb/ei-exts:
Fix testcases erl_global_whereis, erl_global_names
Fix wrong erl_compare_ext result comparing lists
Correct erl_global{register, unregister} functions
Add PID (~p) type parameters to ei_format
Add char (~c) type parameters to ei_format
OTP-9015
Conflicts:
lib/erl_interface/include/ei.h
|
|
|
|
Function erl_compare_ext of erl_interface library returns
1 instead -1 when comparing lists like [0] and [0, 1000].
Credits to: Evgeny Khirin <evgeny.khirin <at> erlios.com>
|
|
C node needs DFLAG_DIST_MONITOR flag set when connecting,
and support for processing monitoring start/end messages
received from counterpart, to make global registration
actually work.
|
|
|
|
|
|
From R14B integers use all 32 bits of external format
INTEGER_EXT. erl_term_len still had the 28-bit check and therefor
returned a too large values (7 instead of 5) for integers of 29-32
bits.
erl_term_len also returned a 2 bytes too small value for references.
|
|
* ms/ei-fixes:
ei: check memory was allocated
ei: error if return value of ei_alloc_big is NULL
OTP-8943
|
|
* ms/ei-fix-node-name-overflow:
ei: check the length of the node name
OTP-8943
|
|
|
|
|
|
|
|
|
|
Check the length of the node name to prevent an overflow.
|
|
* ms/fix-zero-byte-allocation:
registry: fix zero byte allocation
OTP-8893
|
|
* sv/ei-number-parsing:
teach ei_x_format to handle unary - and +
OTP-8891
|
|
Teach the format string parser used for ei_x_format() and
ei_x_format_wo_ver() about unary negative and positive operators on
numbers. Previously, passing a negative numeric constant or a positive
numeric constant with an explicit leading plus sign within the format
string would cause these functions to fail.
Augment the format_wo_ver unit test in the ei_format suite with a
regression test for these cases.
An easy way to reproduce the problem is to use erl_call:
erl_call -s foo@bar -a 'erlang list_to_integer [-1]'
Without this change, erl_call fails with a -1 exit status. With this
change, it properly prints "-1".
|
|
Pasto in code results in 0 bytes (instead of length bytes) being allocated
when the length of the key exceeds the static buffer.
|
|
get_hostent does not properly handle IPv4 addresses on little endian
platforms and fails with hostnames beginning with a number. Remove
get_hostent and use ei_gethostbyname directly since gethostbyname supports
IPv4 addresses.
Reported-By: Julien Barbot
|
|
* pan/epmd-vulnerabilities/OTP-8780:
Teach testcases to survive TIME_WAIT overload
Update erl_interface doc and testsuite for epmd changes
Restore null termination of input buffer
Teach testcase epmd_SUITE:too_large to accept econnaborted
Teach epmd_cli.c to not respond 'Killed' when killing denied
Calculate minimal packet size for ALIVE2 requests correctly
Document epmd and it's options properly and fixup help text
Fix anomalies in epmd not yet reported as security issues
Remove two buffer overflow vulnerabilities in EPMD
Remove all support for ancient EPMD protocol
Remove very old protocol from EPMD
Conflicts:
lib/erl_interface/src/epmd/epmd_port.c
|
|
* sv/ei-writev:
fix incorrect writev iovec buffer handling in ei
OTP-8837
|
|
|
|
For platforms that support writev, ei uses iovec structures to be able
to easily send noncontiguous data buffers. When sending large
messages, the socket can of course block, in which case ei adjusts its
iovecs to pick up where it left off when the socket becomes writeable
again. Unfortunately the code that handled the case when the number of
bytes written are less than the current iovec size adjusted only the
iovec byte count but not the iovec data pointer, resulting in the same
data being sent multiple times.
The fix is trivial: in addition to subtracting the count of bytes
already written from the current iovec's size, also increment the
current iovec's data pointer by the number of bytes already written.
Tested manually on Linux and verified to fix a problem detected in
production with writing large binaries from a cnode to a regular
node. No unit tests were added, however, because they use the local
loopback which acts more like a pipe than an inter-host TCP
connection. The closing of the TCP window on the receiving side and
the resultant write blocking on the socket, which in turn caused the
code that mishandled the iovecs to be exercised, could unfortunately
not be readily duplicated in the erl_interface test suite.
|
|
Check operations that can overflow, e.g.,
erl_call -sname $(perl -e 'print "x"x5000')
perl -e 'print "-module(", "x"x10000, ");"' | erl_call -m -r -sname foo
|
|
* mk/net-dragonfly-bsd-patches:
Remove unused variables
Use proper install method
Add support for DragonFly BSD
Add support for NetBSD
|
|
|
|
Check the length of the buffer before copying.
ei_cnode ec;
struct in_addr addr;
char *node = (char *)calloc(5001, 1);
(void)memset(node, 'x', 5000);
ei_connect_init(&ec, node, "", 0);
addr.s_addr = inet_addr("192.168.1.1");
ei_xconnect(&ec, &addr, node);
|
|
These are the current NetBSD pkgsrc patches.
|
|
- Removed unused variable in ei_decode_term.c
- Fixed faulty deallocation
|
|
Earlier, external format INTEGER_EXT was only produced for 28-bit
signed integers. Now full 32-bit signed integers are produced as
INTEGER_EXT to avoid the more costly SMALL_BIG_EXT format. Both old
and new code can read 32-bit INTEGER_EXT.
Also fixed integer encoding bugs in erl_interface erl_encode/erl_decode.
(Thanks to Alexander Demidenko for reporting)
|
|
* sv/serge-new_float_ext:
Let ei_get_type() return ERL_FLOAT_EXT instead of NEW_FLOAT_EXT
Fix ei_tmo to restrict dflags to NEW_FLOAT_EXT
compact IEEE 754 double encoding in external binary format for ei
fix typo in ei_decode_ei_term documentation
OTP-8684 sv/serge-new_float_ext
compact IEEE 754 double encoding in external binary format for ei
Implement the compact IEEE 754 double encoding in external binary format
for ei. Encoding for ei now always produces the NEW_FLOAT_EXT format.
Decoding and term printing handle both the old ERL_FLOAT_EXT encoding and
the new NEW_FLOAT_EXT encoding.
Legacy erl_interface code also handles the new encoding, but still produces
the ERL_FLOAT_EXT encoding by default.
Also enable the DFLAG_NEW_FLOATS distribution flag.
ei_get_type() will return ERL_FLOAT_EXT regardless if the external format
is encoded with ERL_FLOAT_EXT or NEW_FLOAT_EXT for doubles.
Reduce the number of copies of the code for encoding and decoding doubles
throughout ei and erl_interface by instead calling the ei encoding and
decoding functions wherever possible.
Restore commented-out float tests in ei_decode_SUITE and ei_encode_SUITE in
lib/erl_interface/test. Modify them to make them match the style of other
tests in the same suites.
These changes are based on an ei float patch from Serge Aleynikov
originally submitted against R12B-2 in July 2008 and reworked by Steve
Vinoski May 2010.
|
|
|
|
Implement the compact IEEE 754 double encoding in external binary
format for ei. Encoding for ei now always produces the NEW_FLOAT_EXT
format. Decoding and term printing handle both the old ERL_FLOAT_EXT
encoding and the new NEW_FLOAT_EXT encoding. Legacy erl_interface code
also handles the new encoding, but still produces the ERL_FLOAT_EXT
encoding by default.
Also enable the DFLAG_NEW_FLOATS distribution flag.
Reduce the number of copies of the code for encoding and decoding
doubles throughout ei and erl_interface by instead calling the ei
encoding and decoding functions wherever possible.
Restore commented-out float tests in ei_decode_SUITE and
ei_encode_SUITE in lib/erl_interface/test. Modify them to make them
match the style of other tests in the same suites.
These changes are based on an ei float patch from Serge Aleynikov
originally submitted against R12B-2 in July 2008.
|