From owner-freebsd-audit Sun Dec 9 8: 6:54 2001 Delivered-To: freebsd-audit@freebsd.org Received: from green.bikeshed.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id A2E4E37B416; Sun, 9 Dec 2001 08:06:51 -0800 (PST) Received: from localhost (green@localhost) by green.bikeshed.org (8.11.6/8.11.6) with ESMTP id fB9G6pk07789; Sun, 9 Dec 2001 11:06:51 -0500 (EST) (envelope-from green@green.bikeshed.org) Message-Id: <200112091606.fB9G6pk07789@green.bikeshed.org> X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: David Hill Cc: freebsd-audit@freebsd.org Subject: Re: write.c diff In-Reply-To: Message from David Hill of "Sat, 08 Dec 2001 10:15:21 GMT." <20011208101521.0163ee8c.lists@phobia.ms> From: "Brian F. Feldman" Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sun, 09 Dec 2001 11:06:51 -0500 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG David Hill wrote: > Hello - > Here is a small code cleanup patch for write(1). > > - David It looks just fine to me. -- Brian Fundakowski Feldman \ FreeBSD: The Power to Serve! / green@FreeBSD.org `------------------------------' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Dec 9 13: 1:43 2001 Delivered-To: freebsd-audit@freebsd.org Received: from noos.fr (r178m112.cybercable.tm.fr [195.132.178.112]) by hub.freebsd.org (Postfix) with ESMTP id D0B4637B419 for ; Sun, 9 Dec 2001 13:01:14 -0800 (PST) Received: (from mux@localhost) by noos.fr (8.11.6/8.11.4) id fB9L1CI03455 for freebsd-audit@FreeBSD.org; Sun, 9 Dec 2001 22:01:12 +0100 (CET) (envelope-from mux) Date: Sun, 9 Dec 2001 22:01:12 +0100 From: Maxime Henrion To: freebsd-audit@FreeBSD.org Subject: More WARNS?=2 cleanup for /usr/src/usr.sbin/ Message-ID: <20011209220112.B298@nebula.noos.fr> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="+HP7ph2BbKc20aGI" Content-Disposition: inline User-Agent: Mutt/1.3.23i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --+HP7ph2BbKc20aGI Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hello, Here is another set of patches to set WARNS to 2 for some programs in /usr/src/usr.sbin/. These programs are arp(8), boot0cfg(8), chroot(8), digictl(8), edquota(8) and repquota(8). I think it's worth explaining some of them : o arp(8) : there was some warnings for missing initializers for these kind of declaration : struct sockaddr_in so_mask = {8, 0, 0, { 0xffffffff}}; this is because the ``char sin_zero[8];'' field is not initialized and rather than doing : struct sockaddr_in so_mask = {8, 0, 0, { 0xffffffff}, "\0\0\0\0\0\0\0"}; (I couldn't find something more correct) I moved these (global) declarations to the top of the file and initialized the structures in the main() function. o boot0cfg(8) : there was a warning in the mkrdev() function because of a const qualifier discarded by an assignment. The function was sometimes returning an strdup()'d pointer, and sometimes returning the original pointer passed as an argument. I solved this by always doing a strdup(), which is IMHO more correct, and allows us to safely free() it after (it wasn't free()'d previously). o digictl(8) : I just had to add the WARNS option to the Makefile for this one :-) Thanks, Maxime Henrion -- Don't be fooled by cheap finnish imitations ; BSD is the One True Code --+HP7ph2BbKc20aGI Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="warns.diff" Index: Makefile =================================================================== RCS file: /home/ncvs/src/usr.sbin/arp/Makefile,v retrieving revision 1.6 diff -u -r1.6 Makefile --- Makefile 20 Jul 2001 04:22:58 -0000 1.6 +++ Makefile 7 Dec 2001 00:35:43 -0000 @@ -4,4 +4,6 @@ PROG= arp MAN= arp.4 arp.8 +WARNS?= 2 + .include Index: arp.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/arp/arp.c,v retrieving revision 1.33 diff -u -r1.33 arp.c --- arp.c 19 Oct 2001 00:33:26 -0000 1.33 +++ arp.c 9 Dec 2001 17:25:45 -0000 @@ -84,9 +84,9 @@ void search(u_long addr, void (*action)(struct sockaddr_dl *sdl, struct sockaddr_inarp *sin, struct rt_msghdr *rtm)); void print_entry(struct sockaddr_dl *sdl, - struct sockaddr_inarp *sin, struct rt_msghdr *rtm); + struct sockaddr_inarp *addr, struct rt_msghdr *rtm); void nuke_entry(struct sockaddr_dl *sdl, - struct sockaddr_inarp *sin, struct rt_msghdr *rtm); + struct sockaddr_inarp *addr, struct rt_msghdr *rtm); int delete(char *host, char *info); void ether_print(u_char *cp); void usage(void); @@ -103,6 +103,15 @@ static int aflag; /* do it for all entries */ static int s = -1; +struct sockaddr_in so_mask; +struct sockaddr_inarp blank_sin, sin_m; +struct sockaddr_dl blank_sdl, sdl_m; +int expire_time, flags, doing_proxy, proxy_only, found_entry; +struct { + struct rt_msghdr m_rtm; + char m_space[512]; +} m_rtmsg; + /* which function we're supposed to do */ #define F_GET 1 #define F_SET 2 @@ -148,6 +157,16 @@ argc -= optind; argv += optind; + memset(&so_mask, 0, sizeof (so_mask)); + so_mask.sin_family = 8; + so_mask.sin_addr.s_addr = 0xffffffff; + memset(&blank_sin, 0, sizeof (blank_sin)); + blank_sin.sin_len = sizeof (blank_sin); + blank_sin.sin_family = AF_INET; + memset(&blank_sdl, 0, sizeof (blank_sdl)); + blank_sdl.sdl_len = sizeof (blank_sdl); + blank_sdl.sdl_family = AF_LINK; + if (!func) func = F_GET; switch (func) { @@ -234,15 +253,6 @@ } } -struct sockaddr_in so_mask = {8, 0, 0, { 0xffffffff}}; -struct sockaddr_inarp blank_sin = {sizeof(blank_sin), AF_INET }, sin_m; -struct sockaddr_dl blank_sdl = {sizeof(blank_sdl), AF_LINK }, sdl_m; -int expire_time, flags, doing_proxy, proxy_only, found_entry; -struct { - struct rt_msghdr m_rtm; - char m_space[512]; -} m_rtmsg; - /* * Set an individual arp entry */ @@ -250,7 +260,7 @@ set(int argc, char **argv) { struct hostent *hp; - register struct sockaddr_inarp *sin = &sin_m; + register struct sockaddr_inarp *addr = &sin_m; register struct sockaddr_dl *sdl; register struct rt_msghdr *rtm = &(m_rtmsg.m_rtm); u_char *ea; @@ -261,14 +271,14 @@ argv += 2; sdl_m = blank_sdl; sin_m = blank_sin; - sin->sin_addr.s_addr = inet_addr(host); - if (sin->sin_addr.s_addr == INADDR_NONE) { + addr->sin_addr.s_addr = inet_addr(host); + if (addr->sin_addr.s_addr == INADDR_NONE) { if (!(hp = gethostbyname(host))) { warnx("%s: %s", host, hstrerror(h_errno)); return (1); } - bcopy((char *)hp->h_addr, (char *)&sin->sin_addr, - sizeof sin->sin_addr); + bcopy((char *)hp->h_addr, (char *)&addr->sin_addr, + sizeof addr->sin_addr); } doing_proxy = flags = proxy_only = expire_time = 0; while (argc-- > 0) { @@ -293,9 +303,9 @@ } ea = (u_char *)LLADDR(&sdl_m); if (doing_proxy && !strcmp(eaddr, "auto")) { - if (!get_ether_addr(sin->sin_addr.s_addr, ea)) { + if (!get_ether_addr(addr->sin_addr.s_addr, ea)) { printf("no interface found for %s\n", - inet_ntoa(sin->sin_addr)); + inet_ntoa(addr->sin_addr)); return (1); } sdl_m.sdl_alen = 6; @@ -308,9 +318,9 @@ warn("%s", host); return (1); } - sin = (struct sockaddr_inarp *)(rtm + 1); - sdl = (struct sockaddr_dl *)(ROUNDUP(sin->sin_len) + (char *)sin); - if (sin->sin_addr.s_addr == sin_m.sin_addr.s_addr) { + addr = (struct sockaddr_inarp *)(rtm + 1); + sdl = (struct sockaddr_dl *)(ROUNDUP(addr->sin_len) + (char *)addr); + if (addr->sin_addr.s_addr == sin_m.sin_addr.s_addr) { if (sdl->sdl_family == AF_LINK && (rtm->rtm_flags & RTF_LLINFO) && !(rtm->rtm_flags & RTF_GATEWAY)) switch (sdl->sdl_type) { @@ -347,20 +357,20 @@ get(char *host) { struct hostent *hp; - struct sockaddr_inarp *sin = &sin_m; + struct sockaddr_inarp *addr = &sin_m; sin_m = blank_sin; - sin->sin_addr.s_addr = inet_addr(host); - if (sin->sin_addr.s_addr == INADDR_NONE) { + addr->sin_addr.s_addr = inet_addr(host); + if (addr->sin_addr.s_addr == INADDR_NONE) { if (!(hp = gethostbyname(host))) errx(1, "%s: %s", host, hstrerror(h_errno)); - bcopy((char *)hp->h_addr, (char *)&sin->sin_addr, - sizeof sin->sin_addr); + bcopy((char *)hp->h_addr, (char *)&addr->sin_addr, + sizeof addr->sin_addr); } - search(sin->sin_addr.s_addr, print_entry); + search(addr->sin_addr.s_addr, print_entry); if (found_entry == 0) { printf("%s (%s) -- no entry\n", - host, inet_ntoa(sin->sin_addr)); + host, inet_ntoa(addr->sin_addr)); return(1); } return(0); @@ -373,7 +383,7 @@ delete(char *host, char *info) { struct hostent *hp; - register struct sockaddr_inarp *sin = &sin_m; + register struct sockaddr_inarp *addr = &sin_m; register struct rt_msghdr *rtm = &m_rtmsg.m_rtm; struct sockaddr_dl *sdl; @@ -385,23 +395,23 @@ else usage(); } - sin->sin_addr.s_addr = inet_addr(host); - if (sin->sin_addr.s_addr == INADDR_NONE) { + addr->sin_addr.s_addr = inet_addr(host); + if (addr->sin_addr.s_addr == INADDR_NONE) { if (!(hp = gethostbyname(host))) { warnx("%s: %s", host, hstrerror(h_errno)); return (1); } - bcopy((char *)hp->h_addr, (char *)&sin->sin_addr, - sizeof sin->sin_addr); + bcopy((char *)hp->h_addr, (char *)&addr->sin_addr, + sizeof addr->sin_addr); } tryagain: if (rtmsg(RTM_GET) < 0) { warn("%s", host); return (1); } - sin = (struct sockaddr_inarp *)(rtm + 1); - sdl = (struct sockaddr_dl *)(ROUNDUP(sin->sin_len) + (char *)sin); - if (sin->sin_addr.s_addr == sin_m.sin_addr.s_addr) { + addr = (struct sockaddr_inarp *)(rtm + 1); + sdl = (struct sockaddr_dl *)(ROUNDUP(addr->sin_len) + (char *)addr); + if (addr->sin_addr.s_addr == sin_m.sin_addr.s_addr) { if (sdl->sdl_family == AF_LINK && (rtm->rtm_flags & RTF_LLINFO) && !(rtm->rtm_flags & RTF_GATEWAY)) switch (sdl->sdl_type) { @@ -423,7 +433,7 @@ return (1); } if (rtmsg(RTM_DELETE) == 0) { - printf("%s (%s) deleted\n", host, inet_ntoa(sin->sin_addr)); + printf("%s (%s) deleted\n", host, inet_ntoa(addr->sin_addr)); return (0); } return (1); @@ -440,7 +450,7 @@ size_t needed; char *lim, *buf, *next; struct rt_msghdr *rtm; - struct sockaddr_inarp *sin; + struct sockaddr_inarp *sin2; struct sockaddr_dl *sdl; mib[0] = CTL_NET; @@ -458,14 +468,14 @@ lim = buf + needed; for (next = buf; next < lim; next += rtm->rtm_msglen) { rtm = (struct rt_msghdr *)next; - sin = (struct sockaddr_inarp *)(rtm + 1); - (char *)sdl = (char *)sin + ROUNDUP(sin->sin_len); + sin2 = (struct sockaddr_inarp *)(rtm + 1); + (char *)sdl = (char *)sin2 + ROUNDUP(sin2->sin_len); if (addr) { - if (addr != sin->sin_addr.s_addr) + if (addr != sin2->sin_addr.s_addr) continue; found_entry = 1; } - (*action)(sdl, sin, rtm); + (*action)(sdl, sin2, rtm); } free(buf); } @@ -475,7 +485,7 @@ */ void print_entry(struct sockaddr_dl *sdl, - struct sockaddr_inarp *sin, struct rt_msghdr *rtm) + struct sockaddr_inarp *addr, struct rt_msghdr *rtm) { const char *host; struct hostent *hp; @@ -483,8 +493,8 @@ int seg; if (nflag == 0) - hp = gethostbyaddr((caddr_t)&(sin->sin_addr), - sizeof sin->sin_addr, AF_INET); + hp = gethostbyaddr((caddr_t)&(addr->sin_addr), + sizeof addr->sin_addr, AF_INET); else hp = 0; if (hp) @@ -494,7 +504,7 @@ if (h_errno == TRY_AGAIN) nflag = 1; } - printf("%s (%s) at ", host, inet_ntoa(sin->sin_addr)); + printf("%s (%s) at ", host, inet_ntoa(addr->sin_addr)); if (sdl->sdl_alen) ether_print(LLADDR(sdl)); else @@ -503,14 +513,14 @@ printf(" on %s", ifname); if (rtm->rtm_rmx.rmx_expire == 0) printf(" permanent"); - if (sin->sin_other & SIN_PROXY) + if (addr->sin_other & SIN_PROXY) printf(" published (proxy only)"); if (rtm->rtm_addrs & RTA_NETMASK) { - sin = (struct sockaddr_inarp *) + addr = (struct sockaddr_inarp *) (ROUNDUP(sdl->sdl_len) + (char *)sdl); - if (sin->sin_addr.s_addr == 0xffffffff) + if (addr->sin_addr.s_addr == 0xffffffff) printf(" published"); - if (sin->sin_len != 8) + if (addr->sin_len != 8) printf("(weird)"); } switch(sdl->sdl_type) { @@ -545,12 +555,12 @@ * Nuke an arp entry */ void -nuke_entry(struct sockaddr_dl *sdl, - struct sockaddr_inarp *sin, struct rt_msghdr *rtm) +nuke_entry(struct sockaddr_dl *sdl __unused, + struct sockaddr_inarp *addr, struct rt_msghdr *rtm __unused) { char ip[20]; - snprintf(ip, sizeof(ip), "%s", inet_ntoa(sin->sin_addr)); + snprintf(ip, sizeof(ip), "%s", inet_ntoa(addr->sin_addr)); delete(ip, NULL); } @@ -670,17 +680,17 @@ struct ifreq ifreq; struct ifconf ifc; struct ifreq ifs[MAX_IFS]; - int s; + int sock; - s = socket(AF_INET, SOCK_DGRAM, 0); - if (s < 0) + sock = socket(AF_INET, SOCK_DGRAM, 0); + if (sock < 0) err(1, "socket"); ifc.ifc_len = sizeof(ifs); ifc.ifc_req = ifs; if (ioctl(s, SIOCGIFCONF, &ifc) < 0) { warnx("ioctl(SIOCGIFCONF)"); - close(s); + close(sock); return 0; } @@ -724,7 +734,7 @@ } if (ifr >= ifend) { - close(s); + close(sock); return 0; } Index: Makefile =================================================================== RCS file: /home/ncvs/src/usr.sbin/boot0cfg/Makefile,v retrieving revision 1.6 diff -u -r1.6 Makefile --- Makefile 21 Jul 2001 14:32:45 -0000 1.6 +++ Makefile 9 Dec 2001 17:31:17 -0000 @@ -3,4 +3,6 @@ PROG= boot0cfg MAN= boot0cfg.8 +WARNS?= 2 + .include Index: boot0cfg.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/boot0cfg/boot0cfg.c,v retrieving revision 1.11 diff -u -r1.11 boot0cfg.c --- boot0cfg.c 22 Mar 2001 22:55:13 -0000 1.11 +++ boot0cfg.c 9 Dec 2001 17:39:56 -0000 @@ -92,7 +92,8 @@ { u_int8_t *mbr, *boot0; int boot0_size, mbr_size; - const char *bpath, *fpath, *disk; + const char *bpath, *fpath; + char *disk; int B_flag, v_flag, o_flag; int d_arg, m_arg, s_arg, t_arg; int o_and, o_or; @@ -201,6 +202,7 @@ if (mbr != boot0) free(boot0); free(mbr); + free(disk); return 0; } @@ -316,7 +318,7 @@ return 0x100; /* We have a newer boot0, so extract the version number and return it. */ - return *(int *)(bs + OFF_VERSION) & 0xffff; + return *(const int *)(bs + OFF_VERSION) & 0xffff; } /* @@ -337,7 +339,7 @@ {0x0, sizeof(id0), id0}, {0x1b2, sizeof(id1), id1} }; - int i; + unsigned int i; for (i = 0; i < sizeof(ident) / sizeof(ident[0]); i++) if (memcmp(bs + ident[i].off, ident[i].key, ident[i].len)) @@ -385,12 +387,14 @@ char buf[MAXPATHLEN]; char *s; - s = (char *)fname; if (!strchr(fname, '/')) { snprintf(buf, sizeof(buf), "%s%s", _PATH_DEV, fname); - if (!(s = strdup(buf))) - err(1, NULL); - } + s = strdup(buf); + } else + s = strdup(fname); + + if (s == NULL) + errx(1, "No more memory"); return s; } Index: Makefile =================================================================== RCS file: /home/ncvs/src/usr.sbin/chroot/Makefile,v retrieving revision 1.4 diff -u -r1.4 Makefile --- Makefile 26 Mar 2001 14:39:41 -0000 1.4 +++ Makefile 9 Dec 2001 16:59:49 -0000 @@ -4,4 +4,6 @@ PROG= chroot MAN= chroot.8 +WARNS?= 2 + .include Index: chroot.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/chroot/chroot.c,v retrieving revision 1.5 diff -u -r1.5 chroot.c --- chroot.c 9 Jul 2001 09:23:57 -0000 1.5 +++ chroot.c 9 Dec 2001 17:01:00 -0000 @@ -62,7 +62,7 @@ char *argv[]; { int ch; - char *shell; + const char *shell; while ((ch = getopt(argc, argv, "")) != -1) switch(ch) { Index: Makefile =================================================================== RCS file: /home/ncvs/src/usr.sbin/digictl/Makefile,v retrieving revision 1.3 diff -u -r1.3 Makefile --- Makefile 17 May 2001 01:42:52 -0000 1.3 +++ Makefile 9 Dec 2001 17:44:09 -0000 @@ -3,4 +3,6 @@ PROG= digictl MAN= digictl.8 +WARNS?= 2 + .include Index: Makefile =================================================================== RCS file: /home/ncvs/src/usr.sbin/edquota/Makefile,v retrieving revision 1.4 diff -u -r1.4 Makefile --- Makefile 26 Mar 2001 14:39:56 -0000 1.4 +++ Makefile 9 Dec 2001 17:46:37 -0000 @@ -4,4 +4,6 @@ PROG= edquota MAN= edquota.8 +WARNS?= 2 + .include Index: edquota.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/edquota/edquota.c,v retrieving revision 1.13 diff -u -r1.13 edquota.c --- edquota.c 28 Sep 2001 10:22:36 -0000 1.13 +++ edquota.c 9 Dec 2001 17:54:05 -0000 @@ -69,9 +69,9 @@ #include #include "pathnames.h" -char *qfname = QUOTAFILENAME; -char *qfextension[] = INITQFNAMES; -char *quotagroup = QUOTAGROUP; +const char *qfname = QUOTAFILENAME; +const char *qfextension[] = INITQFNAMES; +const char *quotagroup = QUOTAGROUP; char tmpfil[] = _PATH_TMP; struct quotause { @@ -83,12 +83,12 @@ }; #define FOUND 0x01 -int alldigits __P((char *s)); +int alldigits __P((const char *s)); int cvtatos __P((time_t, char *, time_t *)); char *cvtstoa __P((time_t)); int editit __P((char *)); void freeprivs __P((struct quotause *)); -int getentry __P((char *, int)); +int getentry __P((const char *, int)); struct quotause *getprivs __P((long, int, char *)); int hasquota __P((struct fstab *, int, char **)); void putprivs __P((long, int, struct quotause *)); @@ -220,7 +220,7 @@ */ int getentry(name, quotatype) - char *name; + const char *name; int quotatype; { struct passwd *pw; @@ -364,11 +364,11 @@ * Take a list of priviledges and get it edited. */ int -editit(tmpfile) - char *tmpfile; +editit(tmpf) + char *tmpf; { long omask; - int pid, stat; + int pid, status; omask = sigblock(sigmask(SIGINT)|sigmask(SIGQUIT)|sigmask(SIGHUP)); top: @@ -386,19 +386,19 @@ return (0); } if (pid == 0) { - register char *ed; + register const char *ed; sigsetmask(omask); setgid(getgid()); setuid(getuid()); if ((ed = getenv("EDITOR")) == (char *)0) ed = _PATH_VI; - execlp(ed, ed, tmpfile, (char *)0); + execlp(ed, ed, tmpf, (char *)0); err(1, "%s", ed); } - waitpid(pid, &stat, 0); + waitpid(pid, &status, 0); sigsetmask(omask); - if (!WIFEXITED(stat) || WEXITSTATUS(stat) != 0) + if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) return (0); return (1); } @@ -653,22 +653,22 @@ * Convert seconds to ASCII times. */ char * -cvtstoa(time) - time_t time; +cvtstoa(secs) + time_t secs; { static char buf[20]; - if (time % (24 * 60 * 60) == 0) { - time /= 24 * 60 * 60; - sprintf(buf, "%ld day%s", (long)time, time == 1 ? "" : "s"); - } else if (time % (60 * 60) == 0) { - time /= 60 * 60; - sprintf(buf, "%ld hour%s", (long)time, time == 1 ? "" : "s"); - } else if (time % 60 == 0) { - time /= 60; - sprintf(buf, "%ld minute%s", (long)time, time == 1 ? "" : "s"); + if (secs % (24 * 60 * 60) == 0) { + secs /= 24 * 60 * 60; + sprintf(buf, "%ld day%s", (long)secs, secs == 1 ? "" : "s"); + } else if (secs % (60 * 60) == 0) { + secs /= 60 * 60; + sprintf(buf, "%ld hour%s", (long)secs, secs == 1 ? "" : "s"); + } else if (secs % 60 == 0) { + secs /= 60; + sprintf(buf, "%ld minute%s", (long)secs, secs == 1 ? "" : "s"); } else - sprintf(buf, "%ld second%s", (long)time, time == 1 ? "" : "s"); + sprintf(buf, "%ld second%s", (long)secs, secs == 1 ? "" : "s"); return (buf); } @@ -676,20 +676,20 @@ * Convert ASCII input times to seconds. */ int -cvtatos(time, units, seconds) - time_t time; +cvtatos(tim, units, seconds) + time_t tim; char *units; time_t *seconds; { if (bcmp(units, "second", 6) == 0) - *seconds = time; + *seconds = tim; else if (bcmp(units, "minute", 6) == 0) - *seconds = time * 60; + *seconds = tim * 60; else if (bcmp(units, "hour", 4) == 0) - *seconds = time * 60 * 60; + *seconds = tim * 60 * 60; else if (bcmp(units, "day", 3) == 0) - *seconds = time * 24 * 60 * 60; + *seconds = tim * 24 * 60 * 60; else { printf("%s: bad units, specify %s\n", units, "days, hours, minutes, or seconds"); @@ -718,9 +718,9 @@ */ int alldigits(s) - register char *s; + register const char *s; { - register c; + register int c; c = *s++; do { Index: Makefile =================================================================== RCS file: /home/ncvs/src/usr.sbin/repquota/Makefile,v retrieving revision 1.4 diff -u -r1.4 Makefile --- Makefile 26 Mar 2001 14:41:39 -0000 1.4 +++ Makefile 9 Dec 2001 17:57:43 -0000 @@ -4,4 +4,6 @@ PROG= repquota MAN= repquota.8 +WARNS?= 2 + .include Index: repquota.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/repquota/repquota.c,v retrieving revision 1.10 diff -u -r1.10 repquota.c --- repquota.c 19 Jun 2001 00:47:24 -0000 1.10 +++ repquota.c 9 Dec 2001 18:06:39 -0000 @@ -78,8 +78,8 @@ #define max(a,b) ((a) >= (b) ? (a) : (b)) -char *qfname = QUOTAFILENAME; -char *qfextension[] = INITQFNAMES; +const char *qfname = QUOTAFILENAME; +const char *qfextension[] = INITQFNAMES; struct fileusage { struct fileusage *fu_next; @@ -90,8 +90,8 @@ }; #define FUHASH 1024 /* must be power of two */ struct fileusage *fuhead[MAXQUOTAS][FUHASH]; -struct fileusage *lookup(); -struct fileusage *addid(); +struct fileusage *lookup(u_long, int); +struct fileusage *addid(u_long, int, char *); u_long highid[MAXQUOTAS]; /* highest addid()'ed identifier per type */ int vflag; /* verbose */ @@ -257,9 +257,9 @@ fup->fu_dqblk.dqb_bsoftlimit ? timeprt(fup->fu_dqblk.dqb_btime) : "-"); printf(" %7lu %7lu %7lu %6s\n", - fup->fu_dqblk.dqb_curinodes, - fup->fu_dqblk.dqb_isoftlimit, - fup->fu_dqblk.dqb_ihardlimit, + (unsigned long)fup->fu_dqblk.dqb_curinodes, + (unsigned long)fup->fu_dqblk.dqb_isoftlimit, + (unsigned long)fup->fu_dqblk.dqb_ihardlimit, fup->fu_dqblk.dqb_isoftlimit && fup->fu_dqblk.dqb_curinodes >= fup->fu_dqblk.dqb_isoftlimit ? @@ -389,19 +389,22 @@ if (now == 0) time(&now); - if (now > seconds) - return ("none"); + if (now > seconds) { + strlcpy(buf, "none", sizeof (buf)); + return (buf); + } seconds -= now; minutes = (seconds + 30) / 60; hours = (minutes + 30) / 60; if (hours >= 36) { - sprintf(buf, "%lddays", (hours + 12) / 24); + sprintf(buf, "%lddays", (long)(hours + 12) / 24); return (buf); } if (minutes >= 60) { - sprintf(buf, "%2ld:%ld", minutes / 60, minutes % 60); + sprintf(buf, "%2ld:%ld", (long)minutes / 60, + (long)minutes % 60); return (buf); } - sprintf(buf, "%2ld", minutes); + sprintf(buf, "%2ld", (long)minutes); return (buf); } --+HP7ph2BbKc20aGI-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Dec 9 13:58:14 2001 Delivered-To: freebsd-audit@freebsd.org Received: from vivi.cc.vt.edu (vivi.cc.vt.edu [198.82.161.183]) by hub.freebsd.org (Postfix) with ESMTP id A7C7837B405 for ; Sun, 9 Dec 2001 13:58:11 -0800 (PST) Received: from enterprise.muriel.penguinpowered.com (hc652647d.dhcp.vt.edu [198.82.100.125]) by vivi.cc.vt.edu (Mirapoint) with ESMTP id AFQ30921; Sun, 9 Dec 2001 16:58:07 -0500 (EST) Message-ID: X-Mailer: XFMail 1.5.2 on FreeBSD X-Priority: 3 (Normal) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="_=XFMail.1.5.2.FreeBSD:20011209165807:437=_"; micalg=pgp-md5; protocol="application/pgp-signature" In-Reply-To: <20011209220112.B298@nebula.noos.fr> Date: Sun, 09 Dec 2001 16:58:07 -0500 (EST) From: Mike Heffner To: Maxime Henrion Subject: Re: More WARNS?=2 cleanup for /usr/src/usr.sbin/ Cc: freebsd-audit@FreeBSD.ORG Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG This message is in MIME format --_=XFMail.1.5.2.FreeBSD:20011209165807:437=_ Content-Type: text/plain; charset=us-ascii On 09-Dec-2001 Maxime Henrion wrote: | Hello, | | | Here is another set of patches to set WARNS to 2 for some programs in | /usr/src/usr.sbin/. These programs are arp(8), boot0cfg(8), chroot(8), | digictl(8), edquota(8) and repquota(8). I've committed the chroot(8) and digictl(8) ones, I'll take a look at the others later when I have more time. Thanks, Mike -- Mike Heffner Blacksburg, VA --_=XFMail.1.5.2.FreeBSD:20011209165807:437=_ Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE8E95uFokZQs3sv5kRAjQkAJ4nOZfkReGCOL9BU75McT8rMS37SwCfQXBa b9UhUXJ6f2r8EZLb1jPdsrE= =PRmW -----END PGP SIGNATURE----- --_=XFMail.1.5.2.FreeBSD:20011209165807:437=_-- End of MIME message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Dec 10 23:35:31 2001 Delivered-To: freebsd-audit@freebsd.org Received: from relay.EECS.Berkeley.EDU (relay.EECS.Berkeley.EDU [169.229.34.228]) by hub.freebsd.org (Postfix) with ESMTP id 1240D37B417; Mon, 10 Dec 2001 23:35:24 -0800 (PST) Received: from gateway.EECS.Berkeley.EDU (nsmail@gateway.EECS.Berkeley.EDU [169.229.60.73]) by relay.EECS.Berkeley.EDU (8.9.3/8.9.3) with ESMTP id XAA22239; Mon, 10 Dec 2001 23:35:23 -0800 (PST) Received: from uclink.berkeley.edu (uva-121-4.Reshall.Berkeley.EDU [169.229.121.4]) by gateway.EECS.Berkeley.EDU (Netscape Messaging Server 4.15) with ESMTP id GO652U00.LA2; Mon, 10 Dec 2001 23:35:18 -0800 Message-ID: <3C15B736.7080605@uclink.berkeley.edu> Date: Mon, 10 Dec 2001 23:35:18 -0800 From: Hao Chen User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.6) Gecko/20011120 X-Accept-Language: en-us MIME-Version: 1.0 To: freebsd-audit@freebsd.org, freebsd-security@freebsd.org Subject: setuid() POSIX compliance Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi, I am a graduate student doing computer security research and I am looking at the implementation of setuid() system call in FreeBSD 4.4 Release. I have the following questions: 1. The following comments are from /usr/src/sys/kern/kern_prot.c /* * Use the clause in B.4.2.2 that allows setuid/setgid to be 4.2/4.3BSD * compatable. It says that setting the uid/gid to euid/egid is a special * case of "appropriate privilege". Once the rules are expanded out, this * basically means that setuid(nnn) sets all three id's, in all permitted * cases unless _POSIX_SAVED_IDS is enabled. In that case, setuid(getuid()) * does not set the saved id - this is dangerous for traditional BSD * programs. For this reason, we *really* do not want to set * _POSIX_SAVED_IDS and do not want to clear POSIX_APPENDIX_B_4_2_2. */ But according to POSIX 1003.1-1988, section 4.2.2.2: If {_POSIX_SAVED_IDS} is defined: (1) If the process has appropriate privileges, the setuid() function sets the real user ID, effective user ID, and the saved set-user-ID to uid. Does FreeBSD's interpretation of _POSIX_SAVED_IDS differ from POSIX? Or did I misunderstand anything here? 2. Also according to the above comment from /usr/src/sys/kern/kern_prot.c, setting _POSIX_SAVED_IDS will cause setuid(getuid()) NOT to set the saved id. However, according to the following code from setuid() in /usr/src/sys/kern/kern_prot.c, setuid(getuid()) will not set the saved id ONLY if: (1) _POSIX_SAVED_IDS is set, and (2) euid is not root, and (3) either (3.1) POSIX_APPENDIX_B_4_2_2 is unset, or (3.2) POSIX_APPENDIX_B_4_2_2 is set and the parameter to setuid() is not equal to the euid. If POSIX_APPENDIX_B_4_2_2 is set, which is the case in the pre-compiled kernel (and is also the case for Linux), for setuid(getuid()), the above condition requires at least that euid!=0, ruid!=euid, and ruid!=0 (because the programmer intends to DROP privilege by setuid(getuid())). Is there any real situation where this condition may arise? #ifdef _POSIX_SAVED_IDS /* * Do we have "appropriate privileges" (are we root or uid == euid) * If so, we are changing the real uid and/or saved uid. */ if ( #ifdef POSIX_APPENDIX_B_4_2_2 /* Use the clause from B.4.2.2 */ uid == pc->pc_ucred->cr_uid || #endif suser_xxx(0, p, PRISON_ROOT) == 0) /* we are using privs */ #endif { // set saved id Thank you in advance! - Hao To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Dec 12 3: 1:13 2001 Delivered-To: freebsd-audit@freebsd.org Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by hub.freebsd.org (Postfix) with ESMTP id D98F437B417; Wed, 12 Dec 2001 03:01:02 -0800 (PST) Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102]) by mailman.zeta.org.au (8.9.3/8.8.7) with ESMTP id WAA18374; Wed, 12 Dec 2001 22:00:55 +1100 Date: Wed, 12 Dec 2001 22:01:42 +1100 (EST) From: Bruce Evans X-X-Sender: To: Hao Chen Cc: , Subject: Re: setuid() POSIX compliance In-Reply-To: <3C15B736.7080605@uclink.berkeley.edu> Message-ID: <20011212211356.L34562-100000@gamplex.bde.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > 1. The following comments are from /usr/src/sys/kern/kern_prot.c > > /* > * Use the clause in B.4.2.2 that allows setuid/setgid to be 4.2/4.3BSD > * compatable. It says that setting the uid/gid to euid/egid is a special > * case of "appropriate privilege". Once the rules are expanded out, this > * basically means that setuid(nnn) sets all three id's, in all permitted > * cases unless _POSIX_SAVED_IDS is enabled. In that case, setuid(getuid()) > * does not set the saved id - this is dangerous for traditional BSD > * programs. For this reason, we *really* do not want to set > * _POSIX_SAVED_IDS and do not want to clear POSIX_APPENDIX_B_4_2_2. > */ > > But according to POSIX 1003.1-1988, section 4.2.2.2: > > If {_POSIX_SAVED_IDS} is defined: > > (1) If the process has appropriate privileges, the setuid() function > sets the real user ID, effective user ID, and the saved set-user-ID > to uid. > > Does FreeBSD's interpretation of _POSIX_SAVED_IDS differ from POSIX? Or did > I misunderstand anything here? There is no difference, because _POSIX_SAVED_IDS is intentionally not defined, as permitted in all versions of POSIX up to at least the 1996 version. POSIX.1-2001 requires it, so FreeBSD would need to be "fixed" to conform with the current version of POSIX (unless everyone that can change one of their ids using setuid() is considered to have "appropriate privilege". > But according to POSIX 1003.1-1988, section 4.2.2.2: > > 2. Also according to the above comment from /usr/src/sys/kern/kern_prot.c, > setting _POSIX_SAVED_IDS will cause setuid(getuid()) NOT to set the saved > id. Setting _POSIX_SAVED_IDS is not a supported option. The code has ifdefs to support it for mostly historical reasons. > However, according to the following code from setuid() in > /usr/src/sys/kern/kern_prot.c, setuid(getuid()) will not set the saved id > ONLY if: > > (1) _POSIX_SAVED_IDS is set, and > (2) euid is not root, and > (3) either > (3.1) POSIX_APPENDIX_B_4_2_2 is unset, or > (3.2) POSIX_APPENDIX_B_4_2_2 is set and the parameter to setuid() is not > equal to the euid. That seems about right (I didn't check the details). When POSIX_APPENDIX_B_4_2_2 is set, root (euid = 0) has "appropriate privilege" to setuid() to anything, and all processes have "appropriate privilege" to setuid() to their euid, so setuid() sets the saved id even when _POSIX_SAVED_IDS is set. > If POSIX_APPENDIX_B_4_2_2 is set, which is the case in the pre-compiled > kernel (and is also the case for Linux), for setuid(getuid()), the above > condition requires at least that euid!=0, ruid!=euid, and ruid!=0 (because > the programmer intends to DROP privilege by setuid(getuid())). Is there any > real situation where this condition may arise? Yes. This is the usual case for processes that have execed a setuid-to-non- root program. When _POSIX_SAVED_IDS is set, it is impossible in previous versions of POSIX to drop their saved id privilege using setuid() or any other POSIX function, or even to know if they have extra privilege from a saved id. This problem is why _POSIX_SAVED_IDS is not defined in FreeBSD. POSIX.1-200x has a 4.4BSD compatible seteuid(), so processes can try seteuid(getuid(); /* euid = ruid */ setuid(geteuid()); /* hope this sets svuid = ruid too */ This sets all the ids to the same value in 4.4BSD and FreeBSD, but doesn't seem to be required to do so in POSIX.1-200x (it depends on everyone having "appropriate privilege" for setuid(geteuid()). Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Dec 12 12:42: 0 2001 Delivered-To: freebsd-audit@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id 77F8137B417; Wed, 12 Dec 2001 12:41:55 -0800 (PST) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.11.4/8.11.4) id fBCKflY68302; Wed, 12 Dec 2001 15:41:47 -0500 (EST) (envelope-from wollman) Date: Wed, 12 Dec 2001 15:41:47 -0500 (EST) From: Garrett Wollman Message-Id: <200112122041.fBCKflY68302@khavrinen.lcs.mit.edu> To: Bruce Evans Cc: , Subject: Re: setuid() POSIX compliance In-Reply-To: <20011212211356.L34562-100000@gamplex.bde.org> References: <3C15B736.7080605@uclink.berkeley.edu> <20011212211356.L34562-100000@gamplex.bde.org> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG < said: > change one of their ids using setuid() is considered to have > "appropriate privilege". ``Appropriate privilege'', in the POSIX sense, can be any arbitrarily complex predicate. I.e., ``the process belongs to a user whose supplementary group list contains exactly three groups, the person sitting at the console is carrying an umbrella, and the moon is waxing gibbous'' is a valid definition of ``appropriate privilege''. A valid implementation of setuid() (ignoring syscall calling convention issues) could be: int setuid(uid_t uid) { /* ... */ /* * Appropriate privilege is defined as: * 1) The process belongs to the super-user, or * 2) The process has the CAP_CHANGE_UID capability, or * 3) The process already has that uid. * * This definition trumps the second clause (1003.1-2001, * ll. 41136ff) by considering all processes it would otherwise * apply to privileged. */ if (uid == cred->cr_uid || uid == cred->cr_euid || uid == cred->cr_svuid || has_capability(cred, CAP_CHANGE_UID) || suser_cred(cred)) { cred = crcopy(cred); assert(cred && cred->cr_refcnt == 1); cred->cr_uid = cred->cr_euid = cred->cr_svuid = uid; install_process_credential(cred); retval = 0; } else { errno = EPERM; retval = -1; } return (retval); } This implementation is valid regardless of whether _POSIX_SAVED_IDS is defined -- hence the problems which are detailed in the 1003.1-2001 rationale for setuid(). -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Dec 12 19:57:20 2001 Delivered-To: freebsd-audit@freebsd.org Received: from mail.rpi.edu (mail.rpi.edu [128.113.22.40]) by hub.freebsd.org (Postfix) with ESMTP id BB07137B405 for ; Wed, 12 Dec 2001 19:57:00 -0800 (PST) Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47]) by mail.rpi.edu (8.11.3/8.11.3) with ESMTP id fBD3uxM59144; Wed, 12 Dec 2001 22:56:59 -0500 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: Date: Wed, 12 Dec 2001 22:56:57 -0500 To: freebsd-print@bostonradio.org, freebsd-audit@freebsd.org From: Garance A Drosihn Subject: Changes to lpr/chkprintcap (run by lpd at startup) Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Back in October I posted a patch for chkprintcap to freebsd-print which added the idea of "skimming" the printcap file. The idea was to look thru the file for subtle format errors which are extremely frustrating because it "looks right". That was October, but then most of my October and all of my November were tied up fixing several serious problems we were having here at RPI. Now, of course, I'm hoping to get some of that change in for 4.5-release. So, here is a slightly modified version of what I posted earlier. It's basically the same, but just splits the new routine out into a separate source file. I have a number of other ideas here, but I don't have time to code them up and test them right now. It wouldn't surprise me much if maybe it's a little too late for people to feel comfortable with this going into stable for 4.5, so let me know if I should wait. I really did mean to finish this off in October, in which case it would have had plenty of testing before release... That "finish off" would have included additional changes after this one, which would make this one more useful. But this is a reasonably self-contained patch, so I might as well get the ball rolling with this. Index: chkprintcap/Makefile =================================================================== RCS file: /home/ncvs/src/usr.sbin/lpr/chkprintcap/Makefile,v retrieving revision 1.10 diff -u -r1.10 Makefile --- chkprintcap/Makefile 20 Jul 2001 06:19:54 -0000 1.10 +++ chkprintcap/Makefile 13 Dec 2001 03:04:01 -0000 @@ -4,6 +4,7 @@ PROG= chkprintcap MAN= chkprintcap.8 +SRCS= chkprintcap.c skimprintcap.c CFLAGS+= -I${.CURDIR}/../common_source ${CWARNFLAGS} Index: chkprintcap/chkprintcap.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/lpr/chkprintcap/chkprintcap.c,v retrieving revision 1.6 diff -u -r1.6 chkprintcap.c --- chkprintcap/chkprintcap.c 30 Dec 2000 20:56:01 -0000 1.6 +++ chkprintcap/chkprintcap.c 13 Dec 2001 03:04:01 -0000 @@ -48,6 +48,8 @@ #include /* ditto */ #include "lp.h" #include "lp.local.h" +#include "pathnames.h" +#include "skimprintcap.h" static void check_spool_dirs(void); static int interpret_error(const struct printer *pp, int error); @@ -64,20 +66,30 @@ int main(int argc, char **argv) { - int c, error, makedirs, more; + struct skiminfo *skres; + char *pcap_fname; + int c, error, makedirs, more, queuecnt, verbosity; struct printer myprinter, *pp; makedirs = 0; + queuecnt = 0; + verbosity = 0; + pcap_fname = NULL; pp = &myprinter; - while ((c = getopt(argc, argv, "df:")) != -1) { + while ((c = getopt(argc, argv, "df:v")) != -1) { switch (c) { case 'd': makedirs = 1; break; case 'f': - setprintcap(optarg); + pcap_fname = strdup(optarg); + setprintcap(pcap_fname); + break; + + case 'v': + verbosity++; break; default: @@ -88,6 +100,25 @@ if (optind != argc) usage(); + if (pcap_fname == NULL) + pcap_fname = strdup(_PATH_PRINTCAP); + + /* + * Skim through the printcap file looking for simple user-mistakes + * which will produce the wrong result for the user, but which may + * be pretty hard for the user to notice. Such user-mistakes will + * only generate warning messages. The (fatal-) problem count will + * only be incremented if there is a system problem trying to read + * the printcap file. + */ + skres = skim_printcap(pcap_fname, verbosity); + if (skres->fatalerr) + return (skres->fatalerr); + + /* + * Now use the standard capability-db routines to check the values + * in each of the queues defined in the printcap file. + */ more = firstprinter(pp, &error); if (interpret_error(pp, error) && more) goto next; @@ -95,6 +126,7 @@ while (more) { struct stat stab; + queuecnt++; errno = 0; if (stat(pp->spool_dir, &stab) < 0) { if (errno == ENOENT && makedirs) { @@ -107,15 +139,23 @@ note_spool_dir(pp, &stab); } - /* Make other validity checks here... */ + /* Make other queue-specific validity checks here... */ next: more = nextprinter(pp, &error); if (interpret_error(pp, error) && more) goto next; } + check_spool_dirs(); - return problems; + + if (queuecnt != skres->entries) { + warnx("WARNING: found %d entries when skimming %s,", + skres->entries, pcap_fname); + warnx("WARNING: but only found %d queues to process!", + queuecnt); + } + return (problems); } /* @@ -272,6 +312,6 @@ static void usage(void) { - fprintf(stderr, "usage:\n\tchkprintcap [-d] [-f printcapfile]\n"); + fprintf(stderr, "usage:\n\tchkprintcap [-dv] [-f printcapfile]\n"); exit(1); } Index: chkprintcap/skimprintcap.c =================================================================== RCS file: chkprintcap/skimprintcap.c diff -N chkprintcap/skimprintcap.c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ chkprintcap/skimprintcap.c 13 Dec 2001 03:04:01 -0000 @@ -0,0 +1,261 @@ +/* + * ------+---------+---------+---------+---------+---------+---------+---------* + * Copyright (c) 2001 - Garance Alistair Drosehn . + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The views and conclusions contained in the software and documentation + * are those of the authors and should not be interpreted as representing + * official policies, either expressed or implied, of the FreeBSD Project. + * + * ------+---------+---------+---------+---------+---------+---------+---------* + */ + +#include + +__FBSDID("$FreeBSD$"); + +#include + +#include +#include +#include +#include +#include +#include +#include +#include + +#include /* needed for lp.h but not used here */ +#include /* ditto */ +#include "lp.h" +#include "lp.local.h" +#include "skimprintcap.h" + +/* + * Save the canonical queue name of the entry that is currently being + * scanned, in case a warning message is printed for the current queue. + * Only the first 'QENTRY_MAXLEN' characters will be saved, since this + * is only for warning messages. The variable includes space for the + * string " (entry " and a trailing ")", when the scanner is in the + * middle of an entry. When the scanner is not in a specific entry, + * the variable will be the a null string. + */ +#define QENTRY_MAXLEN 30 +#define QENTRY_PREFIX " (entry " +static char skim_entryname[sizeof(QENTRY_PREFIX) + QENTRY_MAXLEN + 2]; + +/* + * isgraph is defined to work on an 'int', in the range 0 to 255, plus EOF. + * Define a wrapper which can take 'char', either signed or unsigned. + */ +#define isgraphch(Anychar) isgraph(((int) Anychar) & 255) + +struct skiminfo * +skim_printcap(const char *pcap_fname, int verbosity) +{ + struct skiminfo *skinf; + char buff[BUFSIZ]; + char *ch, *curline, *endfield, *lastchar; + FILE *pc_file; + int missing_nl; + enum {NO_CONTINUE, WILL_CONTINUE, BAD_CONTINUE} is_cont, had_cont; + enum {CMNT_LINE, ENTRY_LINE, TAB_LINE, TABERR_LINE} is_type, had_type; + + skinf = malloc(sizeof(struct skiminfo)); + memset(skinf, 0, sizeof(struct skiminfo)); + + pc_file = fopen(pcap_fname, "r"); + if (pc_file == NULL) { + warn("fopen(%s)", pcap_fname); + skinf->fatalerr++; + return (skinf); /* fatal error */ + } + + skim_entryname[0] = '0'; + + is_cont = NO_CONTINUE; + is_type = CMNT_LINE; + errno = 0; + curline = fgets(buff, sizeof(buff), pc_file); + while (curline != NULL) { + skinf->lines++; + + /* Check for the expected newline char, and remove it */ + missing_nl = 0; + lastchar = strchr(curline, '\n'); + if (lastchar != NULL) + *lastchar = '\0'; + else { + lastchar = strchr(curline, '\0'); + missing_nl = 1; + } + if (curline < lastchar) + lastchar--; + + /* + * Check for `\' (continuation-character) at end of line. + * If there is none, then trim off spaces and check again. + * This would be a bad line because it looks like it is + * continued, but it will not be treated that way. + */ + had_cont = is_cont; + is_cont = NO_CONTINUE; + if (*lastchar == '\\') { + is_cont = WILL_CONTINUE; + lastchar--; + } else { + while ((curline < lastchar) && !isgraphch(*lastchar)) + lastchar--; + if (*lastchar == '\\') + is_cont = BAD_CONTINUE; + } + + had_type = is_type; + is_type = CMNT_LINE; + switch (*curline) { + case '\0': /* treat zero-length line as comment */ + case '#': + skinf->comments++; + break; + case ' ': + case '\t': + is_type = TAB_LINE; + break; + default: + is_type = ENTRY_LINE; + skinf->entries++; + + /* pick up the queue name, to use in warning messages */ + ch = curline; + while ((ch <= lastchar) && (*ch != ':') && (*ch != '|')) + ch++; + ch--; /* last char of queue name */ + strcpy(skim_entryname, QENTRY_PREFIX); + if ((ch - curline) > QENTRY_MAXLEN) { + strncat(skim_entryname, curline, QENTRY_MAXLEN + - 1); + strcat(skim_entryname, "+"); + } else { + strncat(skim_entryname, curline, (ch - curline + + 1)); + } + strlcat(skim_entryname, ")", sizeof(skim_entryname)); + break; + } + + /* + * Check to see if the previous line was a bad contination + * line. The check is delayed until now so a warning message + * is not printed when a "bad continuation" is on a comment + * line, and it just "continues" into another comment line. + */ + if (had_cont == BAD_CONTINUE) { + if ((had_type != CMNT_LINE) || (is_type != CMNT_LINE) || + (verbosity > 1)) { + skinf->warnings++; + warnx("Warning: blanks after trailing '\\'," + " at line %d%s", skinf->lines - 1, + skim_entryname); + } + } + + /* If we are no longer in an entry, then forget the name */ + if ((had_cont != WILL_CONTINUE) && (is_type != ENTRY_LINE)) { + skim_entryname[0] = '\0'; + } + + /* + * Print out warning for missing newline, done down here + * so we are sure to have the right entry-name for it. + */ + if (missing_nl) { + skinf->warnings++; + warnx("Warning: No newline at end of line %d%s", + skinf->lines, skim_entryname); + } + + /* + * Check for start-of-entry lines which do not include a + * ":" character (to indicate the end of the name field). + * This can cause standard printcap processing to ignore + * ALL of the following lines. + * XXXXX - May need to allow for the list-of-names to + * continue on to the following line... + */ + if (is_type == ENTRY_LINE) { + endfield = strchr(curline, ':'); + if (endfield == NULL) { + skinf->warnings++; + warnx("Warning: No ':' to terminate name-field" + " at line %d%s", skinf->lines, + skim_entryname); + } + } + + /* + * Now check for cases where this line is (or is-not) a + * continuation of the previous line, and a person skimming + * the file would assume it is not (or is) a continuation. + */ + switch (had_cont) { + case NO_CONTINUE: + case BAD_CONTINUE: + if (is_type == TAB_LINE) { + skinf->warnings++; + warnx("Warning: values-line after line with" + " NO trailing '\\', at line %d%s", + skinf->lines, skim_entryname); + } + break; + + case WILL_CONTINUE: + if (is_type == ENTRY_LINE) { + skinf->warnings++; + warnx("Warning: new entry starts after line" + " with trailing '\\', at line %d%s", + skinf->lines, skim_entryname); + } + break; + } + + /* get another line from printcap and repeat loop */ + curline = fgets(buff, sizeof(buff), pc_file); + } + + if (errno != 0) { + warn("fgets(%s)", pcap_fname); + skinf->fatalerr++; /* fatal error */ + } + + if (skinf->warnings > 0) + warnx("%4d warnings from skimming %s", skinf->warnings, + pcap_fname); + + if (verbosity) + warnx("%4d lines (%d comments), %d entries for %s", + skinf->lines, skinf->comments, skinf->entries, pcap_fname); + + fclose(pc_file); + return (skinf); +} Index: chkprintcap/skimprintcap.h =================================================================== RCS file: chkprintcap/skimprintcap.h diff -N chkprintcap/skimprintcap.h --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ chkprintcap/skimprintcap.h 13 Dec 2001 03:04:01 -0000 @@ -0,0 +1,44 @@ +/* + * ------+---------+---------+---------+---------+---------+---------+---------* + * Copyright (c) 2001 - Garance Alistair Drosehn . + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The views and conclusions contained in the software and documentation + * are those of the authors and should not be interpreted as representing + * official policies, either expressed or implied, of the FreeBSD Project. + * + * ------+---------+---------+---------+---------+---------+---------+---------* + * $FreeBSD$ + * ------+---------+---------+---------+---------+---------+---------+---------* + */ + +struct skiminfo { + int comments; + int entries; + int fatalerr; /* fatal error, msg already printed */ + int lines; + int warnings; +}; + +struct skiminfo *skim_printcap(const char *_pcap, int _verbosity); -- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Dec 13 5:41:55 2001 Delivered-To: freebsd-audit@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id 194AD37BE2B for ; Thu, 13 Dec 2001 05:40:14 -0800 (PST) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.33 #1) id 16EW7a-0000EA-00 for audit@FreeBSD.org; Thu, 13 Dec 2001 15:41:58 +0200 From: Sheldon Hearn To: audit@FreeBSD.org Subject: REQ: Please test libmchain dependency patch for smbfs In-reply-to: Your message of "Thu, 13 Dec 2001 05:08:35 PST." <200112131308.fBDD8Zm59173@freefall.freebsd.org> Date: Thu, 13 Dec 2001 15:41:58 +0200 Message-ID: <877.1008250918@axl.seasidesoftware.co.za> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi folks, Could someone with a RELENG_4 scratchbox test the patch at the bottom of this message? It merges rev 1.5 of smbfs_vfsops.c onto the RELENG_4 branch: > Modified files: > sys/fs/smbfs smbfs_vfsops.c > Log: > Add module dependency on libmchain. > > With this change, mounting an smb share (using mount_smb, which is not > yet included in the tree) without any of smbfs, libiconv or libmchain > compiled into the kernel or loaded works. How to test: 1) Apply patch. 2) Ensure that NETSMB, SMBFS, LIBICONV and LIBMCHAIN are _not_ included in the kernel config file. 3) Build kernel and modules. This may be very important, because I had horrible panics with just a day-old kernel when I tested this on -CURRENT. 4) Install and boot new kernel. 5) Verify that smbfs, libiconv and libmchain are _not_ wired into the kernel with: kldstat -v | egrep '(smbfs|libiconv|libmchain)' 6) Try to mount an smb share with the mount command. The smbfs, libiconv and libmchain drivers should automatically be loaded and the mount shoudl be successful. 7) Umount the smb share, ignoring the "smbfs_closel: Negative opencount" error. 8) Unload smbfs, and confirm that libiconv and libmchain are automatically unloaded with: kldstat | egrep '(smbfs|libiconv|libmchain)' 9) Repeat steps 6 through 8. If that works, I'd like to MFC the change, since it'll make getting smbfs support in 4.5-RELEASE as easy as installing the net/smbfs port. Ciao, Sheldon. Index: smbfs_vfsops.c =================================================================== RCS file: /home/ncvs/src/sys/fs/smbfs/smbfs_vfsops.c,v retrieving revision 1.2.2.3 diff -u -d -r1.2.2.3 smbfs_vfsops.c --- smbfs_vfsops.c 25 Oct 2001 19:18:52 -0000 1.2.2.3 +++ smbfs_vfsops.c 13 Dec 2001 13:31:05 -0000 @@ -45,6 +45,7 @@ #include #include #include +#include #include @@ -124,6 +125,7 @@ MODULE_DEPEND(smbfs, netsmb, NSMB_VERSION, NSMB_VERSION, NSMB_VERSION); MODULE_DEPEND(smbfs, libiconv, 1, 1, 1); +MODULE_DEPEND(smbfs, libmchain, 1, 1, 1); int smbfs_pbuf_freecnt = -1; /* start out unlimited */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Dec 13 5:51:23 2001 Delivered-To: freebsd-audit@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id 010D537B945 for ; Thu, 13 Dec 2001 05:51:19 -0800 (PST) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.33 #1) id 16EWHm-0000Hk-00 for audit@FreeBSD.org; Thu, 13 Dec 2001 15:52:30 +0200 From: Sheldon Hearn To: audit@FreeBSD.org Subject: Re: REQ: Please test libmchain dependency patch for smbfs In-reply-to: Your message of "Thu, 13 Dec 2001 15:41:58 +0200." <877.1008250918@axl.seasidesoftware.co.za> Date: Thu, 13 Dec 2001 15:52:30 +0200 Message-ID: <1099.1008251550@axl.seasidesoftware.co.za> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, 13 Dec 2001 15:41:58 +0200, Sheldon Hearn wrote: > How to test: > > 1) Apply patch. Sorry, I forgot about the fact that libiconv isn't available as a module in RELENG_4 yet. As well as applying the patch to smbfs_vfsops.c, you also need to grab src/sys/modules/libiconv from HEAD and connect libiconv to the build in src/sys/modules/Makefile. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message