Since the payload size is user-controlled, this could be used to
overflow the kernel stack.
We should probably also be breaking things into smaller packets at a
higher level, e.g TCPSocket::protocol_send(), but let's do that as
a separate exercise.
Fixes#5310.
This currently breaks the OSS-Fuzz build, and attempts to make it build
with clang >= 12 were unsuccessful, so let's just disable dbgln() checks
for any clang version.
This reverts commit 338bb73289.
This didn't work, the OSS-Fuzz build (using clang 12) is still failing.
We'll just disable dbgln() checks when compiling with any clang for now.
Not sure why this was 4 MiB in the first place, but that's a lot of
memory to reserve for each thread when we're running with 512 MiB
total in the default testing setup. :^)
Allocate GC heap blocks with mmap(MAP_RANDOMIZED) for ASLR.
This may very well be too aggressive in terms of fragmentation, and we
can figure out ways to scale that back once it becomes a big problem.
For now, this makes the GC heap a lot less predictable for an attacker.
* We don't have to lock the "all IPv4 sockets" in exclusive mode, shared mode is
enough for just reading the list (as opposed to modifying it).
* We don't have to lock socket's own lock at all, the IPv4Socket::did_receive()
implementation takes care of this.
* Most importantly, we don't have to hold the "all IPv4 sockets" across the
IPv4Socket::did_receive() call(s). We can copy the current ICMP socket list
while holding the lock, then release the lock, and then call
IPv4Socket::did_receive() on all the ICMP sockets in our list.
These changes fix a deadlock triggered by receiving ICMP messages when using tap
networking setup (as opposed to QEMU's default user/SLIRP networking) on the host.
These don't do short-circuit evaluation, and so I ran into some
some very subtle side-effects when converting code to DistinctNumeric.
In code like this:
MyDistinctNumeric n;
if (n && check_thing(n))
return;
There would be no short-circuit evaluation if the return type of
check_thing() was implicitly convertible to MyDistinctNumeric.
Ran into this while making Ext2FS::GroupIndex a DistinctNumeric.
The way we read/write directories is very inefficient, and this doesn't
solve any of that. It does however reduce memory usage of directory
entry vectors by 25% which has nice immediate benefits.
CLion doesn't understand that we switch compilers mid-build (which I
can understand since it's a bit unusual.) Defining __serenity__ makes
the majority of IDE features work correctly in the kernel context.
This replaces the manual watch_file and Notifier handling with the new
Core::FileWatcher wrapper, which reduces the manual handling and makes
the code easier to reason about :^)
This wrapper abstracts the watch_file setup and file handling, and
allows using the watch_file events as part of the event loop via the
Core::Notifier class.
Also renames the existing DirectoryWatcher class to BlockingFileWatcher,
and adds support for the Modified mode in this class.
I honestly don't know the internals of all this and what exactly is
going on, but this fixes compositing of the fullscreen window. By trial
and error I found that specifically m_invalidated_all needs to be set to
false, so it's probably different behaviour in prepare_dirty_rects(),
which depends on that...
Either way, the code composing all windows in non-fullscreen mode calls
Window::clear_dirty_rects() for each, so not doing that for the fullscreen
window as well seems like an oversight.
Fixes#4810.
