This patch prevents a code execution vector involving terminal escape sequences when rxvt-unicode is in "secure mode". This change was spurred by the following conversation on the oss-security mailing list: Problem description and proof of concept: http://seclists.org/oss-sec/2017/q2/190 Upstream response: http://seclists.org/oss-sec/2017/q2/291 Patch copied from upstream source repository: http://cvs.schmorp.de/rxvt-unicode/src/command.C?r1=1.582&r2=1.583 --- rxvt-unicode/src/command.C 2016/07/14 05:33:26 1.582 +++ rxvt-unicode/src/command.C 2017/05/18 02:43:18 1.583 @@ -2695,7 +2695,7 @@ /* kidnapped escape sequence: Should be 8.3.48 */ case C1_ESA: /* ESC G */ // used by original rxvt for rob nations own graphics mode - if (cmd_getc () == 'Q') + if (cmd_getc () == 'Q' && option (Opt_insecure)) tt_printf ("\033G0\012"); /* query graphics - no graphics */ break; @@ -2914,7 +2914,7 @@ break; case CSI_CUB: /* 8.3.18: (1) CURSOR LEFT */ - case CSI_HPB: /* 8.3.59: (1) CHARACTER POSITION BACKWARD */ + case CSI_HPB: /* 8.3.59: (1) CHARACTER POSITION BACKWARD */ #ifdef ISO6429 arg[0] = -arg[0]; #else /* emulate common DEC VTs */ ts/store-deduplication.scm?id=2ba263864b7b055a01d4d445089f03370eef1c3e'>treecommitdiff
path: root/tests/store-deduplication.scm
AgeCommit message (Expand)Author
2021-11-16daemon: Do not deduplicate files smaller than 8 KiB....Files smaller than 8 KiB typically represent ~70% of the entries in /gnu/store/.links but only contribute to ~4% of the space savings afforded by deduplication. Not considering these files for deduplication speeds up file insertion in the store and, more importantly, leaves 'removeUnusedLinks' with fewer entries to traverse, thereby speeding it up proportionally. Partly fixes <https://issues.guix.gnu.org/24937>. * config-daemon.ac: Remove symlink hard link check and CAN_LINK_SYMLINK definition. * guix/store/deduplication.scm (%deduplication-minimum-size): New variable. (deduplicate)[loop]: Do not recurse when FILE's size is below %DEDUPLICATION-MINIMUM-SIZE. (dump-port): New procedure. (dump-file/deduplicate)[hash]: Turn into... [dump-and-compute-hash]: ... this thunk. Call 'deduplicate' only when SIZE is greater than %DEDUPLICATION-MINIMUM-SIZE; otherwise call 'dump-port'. * nix/libstore/gc.cc (LocalStore::removeUnusedLinks): Drop files where st.st_size < deduplicationMinSize. * nix/libstore/local-store.hh (deduplicationMinSize): New declaration. * nix/libstore/optimise-store.cc (deduplicationMinSize): New variable. (LocalStore::optimisePath_): Return when PATH is a symlink or smaller than 'deduplicationMinSize'. * tests/derivations.scm ("identical files are deduplicated"): Produce files bigger than %DEDUPLICATION-MINIMUM-SIZE. * tests/nar.scm ("restore-file-set with directories (signed, valid)"): Likewise. * tests/store-deduplication.scm ("deduplicate, below %deduplication-minimum-size"): New test. ("deduplicate", "deduplicate, ENOSPC"): Produce files bigger than %DEDUPLICATION-MINIMUM-SIZE. * tests/store.scm ("substitute, deduplication"): Likewise. Ludovic Courtès