Smaller is better.

more...

In reference to arbitrary code execution in various source control programs. Refer svn advisory. Remember A Fire Upon the Deep?

There’s some code archaeologists who dig up an artifact. They don’t know what it does, but it includes some instructions for how to unpack it. And so they follow the instructions. And they think they’re taking precautions to prevent it from doing bad stuff, but they screw up, and the evil AI is turned loose. And then bad stuff happens.

It’s funny how similar this is to today’s vulnerability. In theory, checking out a code repo should be a safe operation. All you’re doing is downloading some artifact from a server. Building the code, running the code, all that can be unsafe. But surely there’s no trouble to simply checking out some code?

Alas, a repo is not just a repo. Checking out a repo might require checking out other sub repos and external resources. And so a dumb read only artifact is actually a smart read/execute artifact. The artifact can’t be checked out without also interpreting some of its contents. And if interpreting happens to execute some unwanted shell commands... Bad stuff happens.

It’s a bug, and it’s fixed, but another lesson that nothing is ever simple when adding features. What looks like just a hostname over here could be interpreted as a shell command over there.

Hackerthon is imminent.

There are two signals one can receive after accessing invalid memory, SIGBUS and SIGSEGV. Nobody seems to know what the difference is or should be, although some theories have been unearthed. Make some attempt to be slightly more consistent and predictable in OpenBSD.

Introduces jiffies in an effort to appease our penguin oppressors.

Clarify that IP.OF.UPSTREAM.RESOLVER is not actually the hostname of a server you can use.

Switch acpibat to use _BIX before _BIF, which means you might see discharge cycle counts, too.

Assorted clang compatibility. clang uses -Oz to mean optimize for size and -Os for something else, so make gcc accept -Oz so all makefiles can be the same. Adjust some hardlinks. Make sure we build gcc with gcc.

The SSL_check_private_key function is a lie.

Switch the amd64 and i386 compiler to clang and see what happens.

We are moving towards using wscons (wstpad) as the driver for touchpads.

Dancing with the stars, er, NET_LOCK().

clang emits lots of warnings. Fix some of them. Turn off a bunch of clang builtins because we have a strong preference that code use our libc versions. Some other changes because clang is not gcc.

Among other curiosities, static variables in the special .openbsd.randomdata are sometimes assumed to be all zero, leading the clang optimizer to eliminate reads of such variables.

Some more pledge rules for sed. If the script doesn’t require opening new files, don’t let it.

Backport a bajillion fixes to stable. Release errata.

RFC 1885 was obsoleted nearly 20 years ago by RFC 2463 which was obsoleted over 10 years ago by RFC 4443. We are probably not going back.

Update libexpat to 2.2.3.

vmm: support more than 3855MB guest memory.

Merge libdrm 2.4.82.

Disable SSE optimizations on i386/amd64 for SlowBcopy. It is supposed to be slow. Prevents crashes when talking to memory mapped video memory in a hypervisor.

Lucky sevens.

more...

Making some headway.

more...

A few thoughts after reading Are all BSDs created equally? by Ilja van Sprundel. Theo says OpenBSD is the best, Ilja fact checks.

more...

A few notes about gathered experiences with https certs not part of the traditional chain.

more...

How best to use a computer at night?

more...

A few different perspectives this week.

more...

Halcyon changes of summer.

Continue with some cleanup and improvement of the depend step of building. Lots of little things to support lex and yacc better as well.

Intel Optane parts are leaking into the wild, some driver fixes to support them.

Add support for pattern substitution to variables in ksh using a common syntax borrowed from ksh93. Or not, reverted.

Deprecate fgetln.

Add detection for missing X sets to syspatch.

Refinement of the inteldrm code, including better backlight support.

A special edition of slaacd for the installer.

After much wailing and gnashing of teeth, fix strtol to parse strings like “0xridiculous”.

A fix for malloc and zero sized allocations when using canaries.

Add the ability to pause and unpause VMs in vmd.

Remove “listen secure” syntax from smtpd.conf. It’s broken since a couple of months and noone complained.

Remove sending of router solicitations and processing of router advertisements from the kernel.

The lidsuspend sysctl has been fully replaced by lidaction.

Fix fortune to filter out unprintable characters. Convert the fortune files to using UTF-8 instead of archaic overprinting. Fortunes with unprintable words may still be obtained with the -o option.

Introduce some quirks to the IDE and ATA code to prevent drives from attaching twice on hyper-v.

Add vmctl send and receive as well.

Update to xterm 330.

Remove some magic cleanup from dhclient. It will not deliberately attempt to interfere with other operations on the same interface.

Update libexpat to 2.2.2. Fixes NULL parser dereference.

Ilja Van Sprundel found a whole mess of kernel bugs in this and that. Some info leaks, some erroneous signal handling, some unbounded malloc calls. Lions, tigers, bears. Try to fix them.