Date: Wed, 11 Feb 2026 06:15:40 +0000 From: Colin Percival <cperciva@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Cc: Jose Luis Duran <jlduran@FreeBSD.org> Subject: git: 4690a369ff6d - releng/14.4 - Adapt changes from blocklist 2026-02-07 (10a907f) Message-ID: <698c1e8c.33847.3d4b3c3@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch releng/14.4 has been updated by cperciva: URL: https://cgit.FreeBSD.org/src/commit/?id=4690a369ff6da368872eb7ac8664fb81b202ad5b commit 4690a369ff6da368872eb7ac8664fb81b202ad5b Author: Jose Luis Duran <jlduran@FreeBSD.org> AuthorDate: 2026-02-10 02:05:42 +0000 Commit: Colin Percival <cperciva@FreeBSD.org> CommitDate: 2026-02-11 06:14:53 +0000 Adapt changes from blocklist 2026-02-07 (10a907f) Also apply the fix from PR 258411. This is a direct commit to stable/14, as blacklist has been renamed to blocklist upstream. Approved by: re (cperciva) (cherry picked from commit 30c04399f2e81b8e71045fc410837461abeb2d8b) --- contrib/blocklist/bin/blacklistd.c | 29 +++++++------- contrib/blocklist/bin/blacklistd.conf.5 | 4 +- contrib/blocklist/bin/run.c | 13 +++--- contrib/blocklist/bin/support.c | 1 - contrib/blocklist/port/popenve.c | 71 +++++++++++++++++---------------- 5 files changed, 61 insertions(+), 57 deletions(-) diff --git a/contrib/blocklist/bin/blacklistd.c b/contrib/blocklist/bin/blacklistd.c index 714abcbcaf0e..ded8e684f63c 100644 --- a/contrib/blocklist/bin/blacklistd.c +++ b/contrib/blocklist/bin/blacklistd.c @@ -339,10 +339,10 @@ addfd(struct pollfd **pfdp, bl_t **blp, size_t *nfd, size_t *maxfd, exit(EXIT_FAILURE); if (*nfd >= *maxfd) { *maxfd += 10; - *blp = realloc(*blp, sizeof(**blp) * *maxfd); + *blp = reallocarray(*blp, *maxfd, sizeof(**blp)); if (*blp == NULL) err(EXIT_FAILURE, "malloc"); - *pfdp = realloc(*pfdp, sizeof(**pfdp) * *maxfd); + *pfdp = reallocarray(*pfdp, *maxfd, sizeof(**pfdp)); if (*pfdp == NULL) err(EXIT_FAILURE, "malloc"); } @@ -366,7 +366,7 @@ uniqueadd(struct conf ***listp, size_t *nlist, size_t *mlist, struct conf *c) } if (*nlist == *mlist) { *mlist += 10; - void *p = realloc(*listp, *mlist * sizeof(*list)); + void *p = reallocarray(*listp, *mlist, sizeof(*list)); if (p == NULL) err(EXIT_FAILURE, "Can't allocate for rule list"); list = *listp = p; @@ -451,8 +451,8 @@ main(int argc, char *argv[]) case 's': if (nblsock >= maxblsock) { maxblsock += 10; - void *p = realloc(blsock, - sizeof(*blsock) * maxblsock); + void *p = reallocarray(blsock, maxblsock, + sizeof(*blsock)); if (p == NULL) err(EXIT_FAILURE, "Can't allocate memory for %zu sockets", @@ -527,14 +527,15 @@ main(int argc, char *argv[]) state = state_open(dbfile, flags, 0600); if (state == NULL) state = state_open(dbfile, flags | O_CREAT, 0600); - if (state == NULL) - return EXIT_FAILURE; - - if (restore) { - if (!flush) - rules_flush(); - rules_restore(); + else { + if (restore) { + if (!flush) + rules_flush(); + rules_restore(); + } } + if (state == NULL) + exit(EXIT_FAILURE); if (!debug) { if (daemon(0, 0) == -1) @@ -556,7 +557,7 @@ main(int argc, char *argv[]) if (errno == EINTR) continue; (*lfun)(LOG_ERR, "poll (%m)"); - return EXIT_FAILURE; + exit(EXIT_FAILURE); case 0: state_sync(state); break; @@ -572,5 +573,5 @@ main(int argc, char *argv[]) update(); } state_close(state); - return 0; + exit(EXIT_SUCCESS); } diff --git a/contrib/blocklist/bin/blacklistd.conf.5 b/contrib/blocklist/bin/blacklistd.conf.5 index 70036441eb4b..e557e51a9642 100644 --- a/contrib/blocklist/bin/blacklistd.conf.5 +++ b/contrib/blocklist/bin/blacklistd.conf.5 @@ -27,7 +27,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd May 18, 2020 +.Dd January 13, 2026 .Dt BLACKLISTD.CONF 5 .Os .Sh NAME @@ -102,7 +102,7 @@ The syntax for the .Va location is: .Bd -literal -offset indent - [<address>|<interface>][/<mask>][:<port>] + [<address>|<interface>[/<mask>]:]<port> .Ed .Pp The diff --git a/contrib/blocklist/bin/run.c b/contrib/blocklist/bin/run.c index 5588f0198c04..e11f8b28e2ef 100644 --- a/contrib/blocklist/bin/run.c +++ b/contrib/blocklist/bin/run.c @@ -62,10 +62,10 @@ static char * run(const char *cmd, const char *name, ...) { const char *argv[20]; - size_t i; + size_t i, len; va_list ap; FILE *fp; - char buf[10240], *res; + char *line, *res; argv[0] = "control"; argv[1] = cmd; @@ -77,6 +77,7 @@ run(const char *cmd, const char *name, ...) va_end(ap); if (debug) { + char buf[2048]; size_t z; int r; @@ -97,10 +98,10 @@ run(const char *cmd, const char *name, ...) (*lfun)(LOG_ERR, "popen %s failed (%m)", controlprog); return NULL; } - if (fgets(buf, sizeof(buf), fp) != NULL) - res = strdup(buf); - else - res = NULL; + line = res = NULL; + len = 0; + if (getline(&line, &len, fp) >= 0) + res = line; pclose(fp); if (debug) (*lfun)(LOG_DEBUG, "%s returns %s", cmd, res); diff --git a/contrib/blocklist/bin/support.c b/contrib/blocklist/bin/support.c index d560d2303223..3e14fcbdc688 100644 --- a/contrib/blocklist/bin/support.c +++ b/contrib/blocklist/bin/support.c @@ -117,7 +117,6 @@ fmtydhms(char *b, size_t l, time_t t) y = t; - z = 0; o = 0; #define APPEND(a) \ if (a) { \ diff --git a/contrib/blocklist/port/popenve.c b/contrib/blocklist/port/popenve.c index 20f6b5b86b68..df57cde9d51f 100644 --- a/contrib/blocklist/port/popenve.c +++ b/contrib/blocklist/port/popenve.c @@ -45,19 +45,19 @@ __RCSID("$NetBSD: popenve.c,v 1.2 2015/01/22 03:10:50 christos Exp $"); #endif #endif /* LIBC_SCCS and not lint */ -#include <sys/param.h> -#include <sys/wait.h> +#include <sys/types.h> #include <sys/socket.h> +#include <sys/wait.h> #include <assert.h> #include <errno.h> +#include <fcntl.h> #include <paths.h> #include <signal.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <unistd.h> -#include <fcntl.h> #ifdef __weak_alias __weak_alias(popen,_popen) @@ -71,8 +71,8 @@ static struct pid { int fd; #endif pid_t pid; -} *pidlist; - +} *pidlist; + #ifdef _REENTRANT static rwlock_t pidlist_lock = RWLOCK_INITIALIZER; #endif @@ -109,11 +109,25 @@ pdes_get(int *pdes, const char **type) #endif } - if ((cur = malloc(sizeof(*cur))) != NULL) - return cur; + if ((cur = malloc(sizeof(*cur))) != NULL) { + if (**type == 'r') { + cur->fp = fdopen(pdes[0], *type); +#ifdef _REENTRANT + cur->fd = pdes[0]; +#endif + } else { + cur->fp = fdopen(pdes[1], *type); +#ifdef _REENTRANT + cur->fd = pdes[1]; +#endif + } + if (cur->fp != NULL) + return cur; + } serrno = errno; (void)close(pdes[0]); (void)close(pdes[1]); + free(cur); errno = serrno; return NULL; } @@ -123,16 +137,6 @@ pdes_child(int *pdes, const char *type) { struct pid *old; - /* POSIX.2 B.3.2.2 "popen() shall ensure that any streams - from previous popen() calls that remain open in the - parent process are closed in the new child process. */ - for (old = pidlist; old; old = old->next) -#ifdef _REENTRANT - (void)close(old->fd); /* don't allow a flush */ -#else - (void)close(fileno(old->fp)); /* don't allow a flush */ -#endif - if (type[0] == 'r') { (void)close(pdes[0]); if (pdes[1] != STDOUT_FILENO) { @@ -148,31 +152,30 @@ pdes_child(int *pdes, const char *type) (void)close(pdes[0]); } } + + /* POSIX.2 B.3.2.2 "popen() shall ensure that any streams + from previous popen() calls that remain open in the + parent process are closed in the new child process. */ + for (old = pidlist; old; old = old->next) { +#ifdef _REENTRANT + (void)close(old->fd); /* don't allow a flush */ +#else + (void)close(fileno(old->fp)); /* don't allow a flush */ +#endif + } } static void pdes_parent(int *pdes, struct pid *cur, pid_t pid, const char *type) { - FILE *iop; - - /* Parent; assume fdopen can't fail. */ - if (*type == 'r') { - iop = fdopen(pdes[0], type); -#ifdef _REENTRANT - cur->fd = pdes[0]; -#endif + /* Parent */ + if (*type == 'r') (void)close(pdes[1]); - } else { - iop = fdopen(pdes[1], type); -#ifdef _REENTRANT - cur->fd = pdes[1]; -#endif + else (void)close(pdes[0]); - } /* Link into list of file descriptors. */ - cur->fp = iop; - cur->pid = pid; + cur->pid = pid; cur->next = pidlist; pidlist = cur; } @@ -198,7 +201,7 @@ popenve(const char *cmd, char *const *argv, char *const *envp, const char *type) #ifdef _REENTRANT (void)rwlock_rdlock(&pidlist_lock); #endif - switch (pid = vfork()) { + switch (pid = fork()) { case -1: /* Error. */ serrno = errno; #ifdef _REENTRANThome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?698c1e8c.33847.3d4b3c3>