mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-03-03 07:29:23 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Bump redbean to 2.0.9

Browse source
This commit is contained in:
Justine Tunney 2022-07-09 05:49:19 -07:00
parent 896db8843f
commit 727d9cbf56
8 changed files with 156 additions and 157 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
libc/log/leaks.c
View file

@ -109,7 +109,7 @@ noasan void CheckForMemoryLeaks(void) {
}
malloc_inspect_all(OnMemory, 0);
kprintf("\n");
__print_maps();
/* __print_maps(); */
/* PrintSystemMappings(2); */
/* PrintGarbage(); */
__restorewintty();

83
libc/log/log.h
View file

@ -5,6 +5,7 @@
#include "libc/calls/struct/rusage.h"
#include "libc/calls/struct/sigset.h"
#include "libc/calls/struct/winsize.h"
#include "libc/dce.h"
#include "libc/errno.h"
#include "libc/nexgen32e/stackframe.h"
#include "libc/runtime/internal.h"
@ -79,15 +80,15 @@ extern unsigned __log_level; /* log level for runtime check */
// log a message with the specified log level (not checking if LOGGABLE)
#define LOGF(LEVEL, FMT, ...) \
do { \
--__ftrace; \
if (!IsTiny()) --__ftrace; \
flogf(LEVEL, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \
++__ftrace; \
if (!IsTiny()) ++__ftrace; \
} while (0)
// report an error without backtrace and debugger invocation
#define FATALF(FMT, ...) \
do { \
--__ftrace; \
if (!IsTiny()) --__ftrace; \
flogf(kLogError, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \
__restorewintty(); \
_Exit(1); \
@ -96,95 +97,101 @@ extern unsigned __log_level; /* log level for runtime check */
#define DIEF(FMT, ...) \
do { \
--__ftrace; \
if (!IsTiny()) --__ftrace; \
ffatalf(kLogFatal, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \
unreachable; \
} while (0)
#define ERRORF(FMT, ...) \
do { \
if (LOGGABLE(kLogError)) { LOGF(kLogError, FMT, ##__VA_ARGS__); } \
#define ERRORF(FMT, ...) \
do { \
if (LOGGABLE(kLogError)) { \
LOGF(kLogError, FMT, ##__VA_ARGS__); \
} \
} while (0)
#define WARNF(FMT, ...) \
do { \
if (LOGGABLE(kLogWarn)) { LOGF(kLogWarn, FMT, ##__VA_ARGS__); } \
#define WARNF(FMT, ...) \
do { \
if (LOGGABLE(kLogWarn)) { \
LOGF(kLogWarn, FMT, ##__VA_ARGS__); \
} \
} while (0)
#define INFOF(FMT, ...) \
do { \
if (LOGGABLE(kLogInfo)) { LOGF(kLogInfo, FMT, ##__VA_ARGS__); } \
#define INFOF(FMT, ...) \
do { \
if (LOGGABLE(kLogInfo)) { \
LOGF(kLogInfo, FMT, ##__VA_ARGS__); \
} \
} while (0)
#define VERBOSEF(FMT, ...) \
do { \
if (LOGGABLE(kLogVerbose)) { \
--__ftrace; \
if (!IsTiny()) --__ftrace; \
fverbosef(kLogVerbose, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \
++__ftrace; \
if (!IsTiny()) ++__ftrace; \
} \
} while (0)
#define DEBUGF(FMT, ...) \
do { \
if (UNLIKELY(LOGGABLE(kLogDebug))) { \
--__ftrace; \
if (!IsTiny()) --__ftrace; \
fdebugf(kLogDebug, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \
++__ftrace; \
if (!IsTiny()) ++__ftrace; \
} \
} while (0)
#define NOISEF(FMT, ...) \
do { \
if (UNLIKELY(LOGGABLE(kLogNoise))) { \
--__ftrace; \
if (!IsTiny()) --__ftrace; \
fnoisef(kLogNoise, __FILE__, __LINE__, NULL, FMT, ##__VA_ARGS__); \
++__ftrace; \
if (!IsTiny()) ++__ftrace; \
} \
} while (0)
#define FLOGF(F, FMT, ...) \
do { \
if (LOGGABLE(kLogInfo)) { \
--__ftrace; \
if (!IsTiny()) --__ftrace; \
flogf(kLogInfo, __FILE__, __LINE__, F, FMT, ##__VA_ARGS__); \
++__ftrace; \
if (!IsTiny()) ++__ftrace; \
} \
} while (0)
#define FWARNF(F, FMT, ...) \
do { \
if (LOGGABLE(kLogWarn)) { \
--__ftrace; \
if (!IsTiny()) --__ftrace; \
flogf(kLogWarn, __FILE__, __LINE__, F, FMT, ##__VA_ARGS__); \
++__ftrace; \
if (!IsTiny()) ++__ftrace; \
} \
} while (0)
#define FFATALF(F, FMT, ...) \
do { \
--__ftrace; \
flogf(kLogError, __FILE__, __LINE__, F, FMT, ##__VA_ARGS__); \
__restorewintty(); \
_Exit(1); \
unreachable; \
#define FFATALF(F, FMT, ...) \
do { \
if (!IsTiny()) --__ftrace; \
flogf(kLogError, __FILE__, __LINE__, F, FMT, ##__VA_ARGS__); \
__restorewintty(); \
_Exit(1); \
unreachable; \
} while (0)
#define FDEBUGF(F, FMT, ...) \
do { \
if (UNLIKELY(LOGGABLE(kLogDebug))) { \
--__ftrace; \
if (!IsTiny()) --__ftrace; \
fdebugf(kLogDebug, __FILE__, __LINE__, F, FMT, ##__VA_ARGS__); \
++__ftrace; \
if (!IsTiny()) ++__ftrace; \
} \
} while (0)
#define FNOISEF(F, FMT, ...) \
do { \
if (UNLIKELY(LOGGABLE(kLogNoise))) { \
--__ftrace; \
if (!IsTiny()) --__ftrace; \
fnoisef(kLogNoise, __FILE__, __LINE__, F, FMT, ##__VA_ARGS__); \
++__ftrace; \
if (!IsTiny()) ++__ftrace; \
} \
} while (0)
@ -197,9 +204,9 @@ extern unsigned __log_level; /* log level for runtime check */
int e = errno; \
autotype(FORM) Ax = (FORM); \
if (UNLIKELY(Ax == (typeof(Ax))(-1)) && LOGGABLE(kLogWarn)) { \
--__ftrace; \
if (!IsTiny()) --__ftrace; \
__logerrno(__FILE__, __LINE__, #FORM); \
++__ftrace; \
if (!IsTiny()) ++__ftrace; \
errno = e; \
} \
Ax; \
@ -210,9 +217,9 @@ extern unsigned __log_level; /* log level for runtime check */
int e = errno; \
autotype(FORM) Ax = (FORM); \
if (Ax == NULL && LOGGABLE(kLogWarn)) { \
--__ftrace; \
if (!IsTiny()) --__ftrace; \
__logerrno(__FILE__, __LINE__, #FORM); \
++__ftrace; \
if (!IsTiny()) ++__ftrace; \
errno = e; \
} \
Ax; \

29
third_party/lua/llock.c vendored Normal file
View file

@ -0,0 +1,29 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2022 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "third_party/lua/lrepl.h"
static pthread_mutex_t lua_repl_lock_obj;
void(lua_repl_lock)(void) {
pthread_mutex_lock(&lua_repl_lock_obj);
}
void(lua_repl_unlock)(void) {
pthread_mutex_unlock(&lua_repl_lock_obj);
}

9
third_party/lua/lrepl.c vendored
View file

@ -73,15 +73,6 @@ struct linenoiseState *lua_repl_linenoise;
static lua_State *globalL;
static const char *g_progname;
static const char *g_historypath;
static pthread_mutex_t lua_repl_lock_obj;
void(lua_repl_lock)(void) {
pthread_mutex_lock(&lua_repl_lock_obj);
}
void(lua_repl_unlock)(void) {
pthread_mutex_unlock(&lua_repl_lock_obj);
}
/*
** {==================================================================

1
third_party/lua/lua.mk vendored
View file

@ -79,6 +79,7 @@ THIRD_PARTY_LUA_A_SRCS = \
third_party/lua/linit.c \
third_party/lua/liolib.c \
third_party/lua/llex.c \
third_party/lua/llock.c \
third_party/lua/lmathlib.c \
third_party/lua/lmem.c \
third_party/lua/loadlib.c \

28
tool/net/help.txt
View file

@ -61,7 +61,7 @@ FLAGS
-s increase silence [repeatable]
-v increase verbosity [repeatable]
-V increase ssl verbosity [repeatable]
-S increase bpf seccomp sandboxing [repeatable]
-S increase pledge sandboxing [repeatable]
-H K:V sets http header globally [repeatable]
-D DIR overlay assets in local directory [repeatable]
-r /X=/Y redirect X to Y [repeatable]
@ -254,6 +254,32 @@ SECURITY
-VVV log ssl informational messages too
-VVVV log ssl verbose details too
Redbean supports sandboxing flags on Linux and OpenBSD.
-S (online policy)
This causes unix.pledge("stdio rpath inet dns") to be called on
workers after fork() is called. This permits read-only operations
and APIs like Fetch() that let workers send and receive data with
private and public Internet hosts. Access to the unix module is
somewhat restricted, disallowing its more powerful APIs like exec.
-SS (offline policy)
This causes unix.pledge("stdio rpath") to be called on workers
after after fork() is called. This prevents workers from talking
to the network (other than the client) and allows read-only file
system access (e.g. `-D DIR` flag).
-SSS (contained policy)
This causes unix.pledge("stdio") to be called on workers after
after fork() is called. This prevents workers from communicating
with the network (other than the client connection) and prevents
file system access (with some exceptions like logging). Redbean
should only be able to serve from its own zip file in this mode.
Lua script access to the unix module is highly restricted.
See http://redbean.dev for further details.
────────────────────────────────────────────────────────────────────────────────

2
tool/net/lfuncs.c
View file

@ -738,6 +738,7 @@ static void LuaCompress2(lua_State *L, void *dest, size_t *destLen,
}
}
// VERY DEPRECATED - PLEASE DO NOT USE
int LuaCompress(lua_State *L) {
size_t n, m;
char *q, *e;
@ -766,6 +767,7 @@ int LuaCompress(lua_State *L) {
return 1;
}
// VERY DEPRECATED - PLEASE DO NOT USE
int LuaUncompress(lua_State *L) {
int rc;
char *q;

159
tool/net/redbean.c
View file

@ -21,7 +21,6 @@
#include "libc/calls/calls.h"
#include "libc/calls/ioctl.h"
#include "libc/calls/struct/dirent.h"
#include "libc/calls/struct/filter.h"
#include "libc/calls/struct/flock.h"
#include "libc/calls/struct/iovec.h"
#include "libc/calls/struct/rusage.h"
@ -63,6 +62,7 @@
#include "libc/sock/sock.h"
#include "libc/stdio/append.internal.h"
#include "libc/stdio/hex.internal.h"
#include "libc/stdio/stdio.h"
#include "libc/str/slice.h"
#include "libc/sysv/consts/af.h"
#include "libc/sysv/consts/clone.h"
@ -145,7 +145,7 @@ STATIC_YOINK("ShowCrashReportsEarly");
#define REDBEAN "redbean"
#endif
#define VERSION 0x020008
#define VERSION 0x020009
#define HEARTBEAT 5000 /*ms*/
#define HASH_LOAD_FACTOR /* 1. / */ 4
#define MONITOR_MICROS 150000
@ -2259,7 +2259,11 @@ static wontreturn void PrintUsage(int fd, int rc) {
fprintf(stderr, "error: /help.txt is not a zip asset\n");
exit(1);
}
__paginate(fd, p);
if (IsTiny()) {
write(fd, p, strlen(p));
} else {
__paginate(fd, p);
}
exit(rc);
}
@ -6453,99 +6457,19 @@ static int ExitWorker(void) {
_Exit(0);
}
static const struct sock_filter kSandboxOnline[] = {
_SECCOMP_MACHINE(AUDIT_ARCH_X86_64), //
_SECCOMP_LOAD_SYSCALL_NR(), //
_SECCOMP_ALLOW_SYSCALL(0x013), // readv
_SECCOMP_ALLOW_SYSCALL(0x014), // writev
_SECCOMP_ALLOW_SYSCALL(0x009), // mmap
_SECCOMP_ALLOW_SYSCALL(0x00b), // munmap
_SECCOMP_ALLOW_SYSCALL(0x000), // read
_SECCOMP_ALLOW_SYSCALL(0x001), // write
_SECCOMP_ALLOW_SYSCALL(0x003), // close
_SECCOMP_ALLOW_SYSCALL(0x008), // lseek
_SECCOMP_ALLOW_SYSCALL(0x04f), // getcwd
_SECCOMP_ALLOW_SYSCALL(0x027), // getpid
_SECCOMP_ALLOW_SYSCALL(0x066), // getuid
_SECCOMP_ALLOW_SYSCALL(0x068), // getgid
_SECCOMP_ALLOW_SYSCALL(0x06e), // getppid
_SECCOMP_ALLOW_SYSCALL(0x06f), // getpgrp
_SECCOMP_ALLOW_SYSCALL(0x07c), // getsid
_SECCOMP_ALLOW_SYSCALL(0x06b), // geteuid
_SECCOMP_ALLOW_SYSCALL(0x06c), // getegid
_SECCOMP_ALLOW_SYSCALL(0x061), // getrlimit
_SECCOMP_ALLOW_SYSCALL(0x00f), // rt_sigreturn
_SECCOMP_ALLOW_SYSCALL(0x0e7), // exit_group
_SECCOMP_ALLOW_SYSCALL(0x106), // newfstatat
_SECCOMP_ALLOW_SYSCALL(0x0e4), // clock_gettime
_SECCOMP_ALLOW_SYSCALL(0x03f), // uname
_SECCOMP_ALLOW_SYSCALL(0x048), // fcntl
_SECCOMP_ALLOW_SYSCALL(0x029), // socket
_SECCOMP_ALLOW_SYSCALL(0x02a), // connect
_SECCOMP_ALLOW_SYSCALL(0x02c), // sendto
_SECCOMP_ALLOW_SYSCALL(0x02d), // recvfrom
_SECCOMP_ALLOW_SYSCALL(0x036), // setsockopt
_SECCOMP_LOG_AND_RETURN_ERRNO(1), // EPERM
};
static const struct sock_filter kSandboxOffline[] = {
_SECCOMP_MACHINE(AUDIT_ARCH_X86_64), //
_SECCOMP_LOAD_SYSCALL_NR(), //
_SECCOMP_ALLOW_SYSCALL(0x013), // readv
_SECCOMP_ALLOW_SYSCALL(0x014), // writev
_SECCOMP_ALLOW_SYSCALL(0x000), // read
_SECCOMP_ALLOW_SYSCALL(0x001), // write
_SECCOMP_ALLOW_SYSCALL(0x009), // mmap
_SECCOMP_ALLOW_SYSCALL(0x00b), // munmap
_SECCOMP_ALLOW_SYSCALL(0x003), // close
_SECCOMP_ALLOW_SYSCALL(0x008), // lseek
_SECCOMP_ALLOW_SYSCALL(0x04f), // getcwd
_SECCOMP_ALLOW_SYSCALL(0x027), // getpid
_SECCOMP_ALLOW_SYSCALL(0x066), // getuid
_SECCOMP_ALLOW_SYSCALL(0x068), // getgid
_SECCOMP_ALLOW_SYSCALL(0x06e), // getppid
_SECCOMP_ALLOW_SYSCALL(0x06f), // getpgrp
_SECCOMP_ALLOW_SYSCALL(0x07c), // getsid
_SECCOMP_ALLOW_SYSCALL(0x06b), // geteuid
_SECCOMP_ALLOW_SYSCALL(0x06c), // getegid
_SECCOMP_ALLOW_SYSCALL(0x061), // getrlimit
_SECCOMP_ALLOW_SYSCALL(0x00f), // rt_sigreturn
_SECCOMP_ALLOW_SYSCALL(0x0e7), // exit_group
_SECCOMP_ALLOW_SYSCALL(0x106), // newfstatat
_SECCOMP_ALLOW_SYSCALL(0x0e4), // clock_gettime
_SECCOMP_ALLOW_SYSCALL(0x03f), // uname
_SECCOMP_ALLOW_SYSCALL(0x048), // fcntl
_SECCOMP_LOG_AND_RETURN_ERRNO(1), // EPERM
};
static const struct sock_fprog kSandboxOnlineProg = {
.len = ARRAYLEN(kSandboxOnline),
.filter = kSandboxOnline,
};
static const struct sock_fprog kSandboxOfflineProg = {
.len = ARRAYLEN(kSandboxOffline),
.filter = kSandboxOffline,
};
static int EnableSandbox(void) {
const struct sock_fprog *sandbox;
switch (sandboxed) {
case 0:
return 0;
case 1:
case 1: // -S
DEBUGF("(stat) applying '%s' sandbox policy", "online");
sandbox = &kSandboxOnlineProg;
break;
default:
return pledge("stdio rpath inet dns", 0);
case 2: // -SS
DEBUGF("(stat) applying '%s' sandbox policy", "offline");
sandbox = &kSandboxOfflineProg;
break;
}
if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, sandbox) != -1) {
return 0;
} else {
return -1;
return pledge("stdio rpath", 0);
default: // -SSS
DEBUGF("(stat) applying '%s' sandbox policy", "contained");
return pledge("stdio", 0);
}
}
@ -7232,7 +7156,6 @@ static void GetOpts(int argc, char *argv[]) {
CASE('u', uniprocess = true);
CASE('g', loglatency = true);
CASE('m', logmessages = true);
CASE('*', selfmodifiable = true);
CASE('l', ProgramAddr(optarg));
CASE('H', ProgramHeader(optarg));
CASE('L', ProgramLogPath(optarg));
@ -7249,29 +7172,30 @@ static void GetOpts(int argc, char *argv[]) {
CASE('M', ProgramMaxPayloadSize(ParseInt(optarg)));
#if !IsTiny()
CASE('W', monitortty = optarg);
#endif
#ifndef STATIC
CASE('e', LuaEvalCode(optarg));
CASE('F', LuaEvalFile(optarg));
CASE('i', interpretermode = true);
CASE('E', leakcrashreports = true);
CASE('A', storeasset = true; StorePath(optarg));
#endif
#ifndef UNSECURE
CASE('B', suiteb = true);
CASE('V', ++mbedtls_debug_threshold);
CASE('k', sslfetchverify = false);
CASE('j', sslclientverify = true);
CASE('T', ProgramSslTicketLifetime(ParseInt(optarg)));
CASE('C', ProgramFile(optarg, ProgramCertificate));
CASE('K', ProgramFile(optarg, ProgramPrivateKey));
#endif
case 'f':
funtrace = true;
if (ftrace_install() == -1) {
WARNF("(srvr) ftrace failed to install %m");
}
break;
#endif
#ifndef STATIC
CASE('e', LuaEvalCode(optarg));
CASE('F', LuaEvalFile(optarg));
CASE('*', selfmodifiable = true);
CASE('i', interpretermode = true);
CASE('E', leakcrashreports = true);
CASE('A', storeasset = true; StorePath(optarg));
#endif
#ifndef UNSECURE
CASE('B', suiteb = true);
CASE('V', ++mbedtls_debug_threshold);
CASE('k', sslfetchverify = false);
CASE('j', sslclientverify = true);
CASE('T', ProgramSslTicketLifetime(ParseInt(optarg)));
CASE('C', ProgramFile(optarg, ProgramCertificate));
CASE('K', ProgramFile(optarg, ProgramPrivateKey));
#endif
default:
PrintUsage(2, EX_USAGE);
}
@ -7302,9 +7226,11 @@ void RedBean(int argc, char *argv[]) {
SetDefaults();
LuaStart();
GetOpts(argc, argv);
#ifndef STATIC
if (selfmodifiable) {
MakeExecutableModifiable();
}
#endif
LuaInit();
oldloglevel = __log_level;
if (uniprocess) {
@ -7399,8 +7325,25 @@ void RedBean(int argc, char *argv[]) {
int main(int argc, char *argv[]) {
LoadZipArgs(&argc, &argv);
RedBean(argc, argv);
// try to detect memory leaks upon:
// 1. main process exit
// 2. unwound worker exit
if (IsModeDbg()) {
if (isexitingworker) {
if (IsWindows()) {
// TODO(jart): Get windows worker leak detector working again.
return 0;
CloseServerFds();
}
if (repltls) {
free(repltls);
linenoiseDisableRawMode();
linenoiseHistoryFree();
}
}
CheckForMemoryLeaks();
}
return 0;
}