1. 02 Sep, 2014 1 commit
    • Nick Mathewson's avatar
      Another clang analyzer complaint wrt HT_GENERATE · 00ffccd9
      Nick Mathewson authored
      We're calling mallocfn() and reallocfn() in the HT_GENERATE macro
      with the result of a product.  But that makes any sane analyzer
      worry about overflow.
      
      This patch keeps HT_GENERATE having its old semantics, since we
      aren't the only project using ht.h.  Instead, define a HT_GENERATE2
      that takes a reallocarrayfn.
      00ffccd9
  2. 25 Aug, 2014 1 commit
  3. 24 Aug, 2014 2 commits
  4. 21 Aug, 2014 2 commits
  5. 11 Jun, 2014 2 commits
  6. 09 Jun, 2014 1 commit
  7. 29 May, 2014 1 commit
  8. 27 May, 2014 3 commits
  9. 22 May, 2014 1 commit
    • Nick Mathewson's avatar
      sandbox: revamp sandbox_getaddrinfo cacheing · e425fc78
      Nick Mathewson authored
      The old cache had problems:
           * It needed to be manually preloaded. (It didn't remember any
             address you didn't tell it to remember)
           * It was AF_INET only.
           * It looked at its cache even if the sandbox wasn't turned on.
           * It couldn't remember errors.
           * It had some memory management problems. (You can't use memcpy
             to copy an addrinfo safely; it has pointers in.)
      
      This patch fixes those issues, and moves to a hash table.
      
      Fixes bug 11970; bugfix on 0.2.5.1-alpha.
      e425fc78
  10. 20 May, 2014 2 commits
    • Nick Mathewson's avatar
      sandbox: permit gettid, sched_getaffinity · fef65fa6
      Nick Mathewson authored
      These are needed under some circumstances if we are running with
      expensive-hardening and sandbox at the same time.
      
      fixes 11477, bugfix on 0.2.5.4-alpha (where we introduced
      expensive-hardening)
      fef65fa6
    • Nick Mathewson's avatar
      sandbox: Disallow options which would make us call exec() · 46598201
      Nick Mathewson authored
      None of the things we might exec() can possibly run under the
      sanbox, so rather than crash later, we have to refuse to accept the
      configuration nice and early.
      
      The longer-term solution is to have an exec() helper, but wow is
      that risky.
      
      fixes 12043; bugfix on 0.2.5.1-alpha
      46598201
  11. 26 Apr, 2014 1 commit
  12. 18 Apr, 2014 1 commit
  13. 17 Apr, 2014 16 commits
  14. 10 Apr, 2014 2 commits
  15. 13 Mar, 2014 1 commit
  16. 02 Feb, 2014 1 commit
  17. 17 Jan, 2014 1 commit
  18. 06 Jan, 2014 1 commit
    • Nick Mathewson's avatar
      Fix some seccomp2 issues · 682c2252
      Nick Mathewson authored
      Fix for #10563.  This is a compatibility issue with libseccomp-2.1.
      I guess you could call it a bugfix on 0.2.5.1?
      682c2252