We have a few places where we read secrets into memory, and then
do some computation on them. In these cases we should always make
sure we zero the allocations before they are free'd.
The SecureString wrapper provides this abstraction by wrapping a
ByteBuffer and calling explicit_bzero on destruction of the object.
File::link_file takes the dst_path then the src_path so on duplicate
names we tried to create a link at the original file location, which
then flipped the parameters back round again and we ended up with a
broken link from "dst_path (1)" to "src_path (1)".
Command used:
grep -Pirn '(out|warn)ln\((?!["\)]|format,|stderr,|stdout,|output, ")' \
AK Kernel/ Tests/ Userland/
(Plus some manual reviewing.)
Let's pick ArgsParser as an example:
outln(file, m_general_help);
This will fail at runtime if the general help happens to contain braces.
Even if this transformation turns out to be unnecessary in a place or
two, this way the code is "more obviously" correct.
`ArgsParser` and `AboutDialog` had the same procedure to read the
version from `/res/version.ini`. Now they use the `SERENITY_VERSION`
string by default.
This commit refactored the version-reading utility to the new
`Core::Version` namespace.
Before, `AboutDialog` and `ArgsParser` read from a build-time created
file called `/res/version.ini`. This caused problems with utilities
unveiling specific paths leaving the version file unaccessible.
This commit hard-codes a serenity version in `LibCore`, and use it in
`ArgsParser` and `AboutDialog`.
The previous version contained the hash of the last GIT commit, this is
omitted for the default use for the sake of simplicity.
Core::deferred_invoke is a way of executing an action after previously
queued events have been processed. It removes the requirement of
having/being a Core::Object subclass in order to defer invocation
through Core::Object::deferred_invoke.
Core::Object::deferred_invoke now delegates to Core::deferred_invoke.
The version with the Object& argument is still present but will be
removed in the following commits.
This commit additionally fixes a new places where the
DeferredInvocationEvent was dispatched to the event loop directly, and
replaces them with the Core::deferred_invoke equivalent.
We don't need to be allocating Strings for these names during static
initialization. The C-string literals will be stored in the .rodata ELF
section, so they're not going anywhere. We can just wrap the .rodata
storage for the class names in StringViews and use those in Object
registration and lookup APIs.
This static bool getter can be used to VERIFY that an event loop exists,
in situations where one is expected.
This is helpful if the absence of an event loop would generate strange
and/or loud errors that don't immediately point to this as a cause.
This patch adds support for opening a ConfigFile using a file
descriptor rather than trying to open a the file by name directly.
In contrast to the previous implementation, ConfigFile now always keeps
a reference to an open File and does not reopen it for writing.
This requires providing an additional argument to open functions if a
file gets opened based on its name and the user of the api intends to
write to the file in the future.
`--version` always prints "git" for now.
The motivation is that the neofetch port calls `Shell --version` and
adds the output to its output. And if `Shell --version` prints a long
error message about it not knowing the flag, neofetch's output looks a
bit ugly. Per Discord discussion, just add the flag to ArgsParser
instead of only to Shell.
Previously the system would assume the socket was connected after the
file descriptor became writeable. Just because the fd is signaled as
ready for output does not necessarily indicate the socket is connected.
Instead, we should check the status of the socket with SO_ERROR and
handle successes/errors accordingly.
This is a simple wrapper around posix_spawn() that will help us simplify
a bunch of very verbose posix_spawn() invocations.
This first version only supports the simplest case: executing an
executable without passing arguments or doing anything fancy. More
features can be added to cover more cases. :^)
This switches tracking CPU usage to more accurately measure time in
user and kernel land using either the TSC or another time source.
This will also come in handy when implementing a tickless kernel mode.
As threads come and go, we can't simply account for how many time
slices the threads at any given point may have been using. We need to
also account for threads that have since disappeared. This means we
also need to track how many time slices we have expired globally.
However, because this doesn't account for context switches outside of
the system timer tick values may still be under-reported. To solve this
we will need to track more accurate time information on each context
switch.
This also fixes top's cpu usage calculation which was still based on
the number of context switches.
Fixes#6473
This will generate absolute paths lexically rather than through a call
to realpath. The motivation for this is to generate absolute paths for
non-existent files in unveil calls, as realpath will not work if the
file does not exist.
LibCore::Account::generate_passwd_file should follow
generate_shadow_file by conditionally checking for the username.
Previously, usermod's set_uid changes would not reflect in the updated
passwd file as m_uid had already been changed to the updated value.
