===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/62.html,v
retrieving revision 1.76
retrieving revision 1.77
diff -u -r1.76 -r1.77
--- www/62.html 2017/10/09 15:35:15 1.76
+++ www/62.html 2017/10/09 15:55:26 1.77
@@ -328,13 +328,18 @@
Tighter pledge for at(1).
Fixed and simplified pledge logic for
nc(1).
- More application of recallocarray(3) in userland, and tracked sizes
- to free(9) in the kernel.
+ More application of
+ recallocarray(3)
+ in userland, and tracked sizes to
+ free(9) in the kernel.
Achieve higher levels of paranoia regarding structure packing, and
clear many kernel objects before passing to userland.
- Disable some optimizations in clang(1) due to incompatibility
- with security.
- For instance, cope with clang(1)'s assumption that static or const
+ Disable some optimizations in
+ clang(1)
+ due to incompatibility with security.
+ For instance, cope with
+ clang(1)'s assumption
+ that static or const
objects placed in unknown sections (such as .openbsd.randomdata)
are surely always 0, and therefore such memory accesses can be
optimized away.