A silly little patch, but some ptp devices (like the camera I own) use USB3 endpoints and subsequently require the data size of the payload to be 1024(-12 for metadata). This is reflected in libgphoto2's current ptp driver.
An attacker may use an infinite number of SPF referrals in his/her SPF
setting and can send an email to your mail server which would make
your SMTP server make a lot of DNS queries. By exploiting this
vulnerability, an attacker can block your SMTP queue, flood the
associated recursive resolver, or any DNS authoritative server.
According to RFC recommendations
(https://datatracker.ietf.org/doc/html/rfc7208#section-4.6), a few DNS
lookup limits exist that an SMTP server needs to maintain while
resolving an SPF record. That is, SPF implementations MUST limit the
total number of query-causing terms to 10 and the number of void
lookups to 2 to avoid unreasonable load on the DNS.
from:
Taejoong “Tijay” Chung (tijay@vt.edu)
Ishtiaq Ashiq (iashiq5@vt.edu)
In run.c::assign(), assigning to $0 from $F, a field,
where F >= 2, produces an incoherent cell.
The assignment occurs in two steps, first the string value
and then the float. When the string value is assigned to $0,
setsval invalidates the fields. If FS hasn't changed, after
getfval rebuilds the fields, NF = 1 and F >= 2, therefore $F
is definitely uninitialized. The result is a float val of
0.0, producing a boolean false in the pattern expression.
Coercing a string comparison gives the expected result
because the incoherent cell has the correct string
value, which is not empty and evaluates to true.
when using records in BEGIN, we would read
from the field table before we read into it;
this ensures that the fields are an empty
string before we start touching their contents.
The original intention was to put devskel in to the
kernel to detach what it provides from devsrv.
That is not a good reason, just move it to userspace.
auth/box has been changed to exec skelfs instead
of relying on '#z'.
Git9 was sloppy about telling git what commits we have.
We would list the commits at the tip of the branch, but not
walk down it, which means we would request too much data if
our local branches were ahead of the remote.
This patch changes that, sending the tips *and* the first
256 commits after them, so that git can produce a better
pack for us, with fewer redundant commits.
cwfs had an issue with iounit negotiation as a result
of the conversion to 9p2000 -- with the move to variable
size messages, the fixed message overhead decreased, but
the advertised message size was still adding the old
fixed overhead.
This meant that if the kernel negotiated the maximum io
size, cwfs would negotiate something larger than it
supported, and would hang up when an io of that size
was made.
In addition, the size of messages was stored in a short,
which means that negotiating an iounit larger than 16384
bytes would overflow the message count, and cause things
to fall over.
Finally, whle we're here, we clean up some duplicated
and unused constants.
Changing the user to none doesn't do much for us
here. For kernel drivers that check the user of the
current proc we'll be none, but anything from devmnt
will still be accessed using creds from the original
attachment. Instead, running with none can be done
by chaining with auth/none:
auth/none auth/box ...
Unless ip/dhcpd is started with the -6 option,
we only receive v4 addresses. If we do see the
v6 options we should prefer them but should
also make sure we grab the v4 addresses as a fallback.
None of the v6 options should overwrite valid
overrides given at the command line.
Add our custom types to logging.
Currently, diff outputs a file header, even if there are
no changes to the file. This is wonky.
It means that the header chunks are ambiguous, since
not all header chunks are followed by '@@ hunk', and
'--- file', '+++ file' lines can be generated from
file content.
This changes the way that we decide to print the file
header, so we only print it when outputting the first
hunk on flushchanges.
Flushchanges is called once per regular file, at the
end of `diffreg`, so we output a hunk header once per
file.
ape/patch is a giant, ugly ball of code from almost 25 years ago,
which has not and will likely never been updated or maintained.
the world has since settled on unified diffs, and we just need a
simple program that can parse and apply them.
Inspired by some changes made in game of trees, I've
implemented a number of speedups in git9.
First, hashing the chunks during deltification with
murmurhash instead of sha1 speeds up the delta search
significantly.
The stretch function was micro-optimized a bit as well,
since that was taking a large portion of the time when
chunking.
Finally, the full path is not stored. We only care about
grouping files with the same name and path. We don't care
about the ordering. Therefore, only the hash of the path
xored with the hash of the diretory is kept, which saves
a bunch of mallocs and string munging.
This reduces the time spent repacking some test repos
significantly.
9front:
% time git/repack
deltifying 97473 objects: 100%
writing 97473 objects: 100%
indexing 97473 objects: 100%
58.85u 1.39s 61.82r git/repack
% time /sys/src/cmd/git/6.repack
deltifying 97473 objects: 100%
writing 97473 objects: 100%
indexing 97473 objects: 100%
43.86u 1.29s 47.51r /sys/src/cmd/git/6.repack
openbsd:
% time git/repack
deltifying 2092325 objects: 100%
writing 2092325 objects: 100%
indexing 2092325 objects: 100%
1589.48u 45.03s 1729.18r git/repack
% time /sys/src/cmd/git/6.repack
deltifying 2092325 objects: 100%
writing 2092325 objects: 100%
indexing 2092325 objects: 100%
1238.68u 41.49s 1373.15r /sys/src/cmd/git/6.repack
go:
% time git/repack
deltifying 529507 objects: 100%
writing 529507 objects: 100%
indexing 529507 objects: 100%
345.32u 7.71s 369.25r git/repack
% time /sys/src/cmd/git/6.repack
deltifying 529507 objects: 100%
writing 529507 objects: 100%
indexing 529507 objects: 100%
248.07u 4.47s 257.59r /sys/src/cmd/git/6.repack
When diffing non-regular files, like /dev/null,
pipes, and similar, diff will generate a temp
file to diff against. This is the right thing
to do, but the temp file leaks into the diff.
This patch retains the original file name all
the way through to diff output.
The getserv function has remained mostly unchanged since
1ed. These checks are for handling string local ports
or lack thereof. This was used by datakit at the time,
where 'ports' were service strings. This made the default
datakit service 'login' when a connector did not give
a specific service. The checks for directory traversal also
seemed specifically to guard against a connector from providing
a malicious service string. With datakit gone all current protocols
use numerics as ports so these checks and defaults become uneeded.
1ed reference:
https://github.com/plan9foundation/plan9/tree/1e-1992-09-21
Scrollbar was drawn using a wide dark gutter over a white background
whereas other applications (window, sam, ...) use a thinner scrollbar with an
inverse colorscheme.
This makes the scrollbar more consistent with other 9front applications.
When writing to a large variable in /env, we
spam 'Write error', in spite of the env var
working. This is new behavior, as of commit
b90036a062.
It produces a lot of scary, noisy warnings,
which are probably bogus.
When pushing, git/send would sometimes decide we had all the
objects that we'd need to update the remote, and would try
to pack and send the entire history of the repository. This
is because we only set the 'theirs' ref when we had the object.
If we didn't have the object, we would set a zero hash,
then when deciding if we needed to force, we would think
that we were updating a new branch and send everything,
which would fail to update the remote.
A while ago, qwx noticed that we clobbered the exec
bit when merging files. This is not what we want, so
we changed the operator precedence to avoid merging
dirty files implicitly.
But we do want to merge, because it's convenient for
maintaining permissions. So, instead, we should do a
3 way merge of the exec bit.
This patch does that, as well as reverting the rollback
of that change.
While we're here, we adjust the timestamps correctly
in git/branch.
This requires changes to git/fs, because without an open
handler, lib9p allows opening any file with any mode,
which confuses 'test -x'.
there was a diff that went in a while ago to improve
this, but it got backed out because it encounters a
bug in upstream git -- the spec says that a single
ACK should be sent when not using multi-ack modes,
but they send back multiple ones.
This commit brings back the functionality, and works
around the upstream git bug in two different ways.
First, it skips the packets up until it finds the
start of a pack header.
Second, it deduplicates the want messages, which
is what seems to trigger the duplicate ACKs that
cause us trouble.
This patch makes sam's = cmd output what seems to me a more
useful (plumbable) format: /full/path/to/file:addr , where
addr is line(s) under = and rune(s) under =#.
xfnw
