From owner-freebsd-audit Sun Oct 8 0: 5:30 2000 Delivered-To: freebsd-audit@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id 899CB37B66C for ; Sun, 8 Oct 2000 00:05:22 -0700 (PDT) Received: (from kris@localhost) by citusc17.usc.edu (8.9.3/8.9.3) id AAA18479 for audit@freebsd.org; Sun, 8 Oct 2000 00:05:59 -0700 (PDT) Date: Sun, 8 Oct 2000 00:05:59 -0700 From: Kris Kennaway To: audit@freebsd.org Subject: isdnd cleanup Message-ID: <20001008000559.A18475@citusc17.usc.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG There were a couple of string functions I left alone, but they all seem safe. Kris Index: controller.c =================================================================== RCS file: /usr2/ncvs/src/usr.sbin/i4b/isdnd/controller.c,v retrieving revision 1.6 diff -u -r1.6 controller.c --- controller.c 1999/12/14 21:07:26 1.6 +++ controller.c 2000/10/08 06:39:37 @@ -242,7 +242,7 @@ { DBGL(DL_RCCF, (log(LL_DBG, "init_active_controller, tina-dd %d: executing [%s %d]", unit, tinainitprog, unit))); - sprintf(cmdbuf, "%s %d", tinainitprog, unit); + snprintf(cmdbuf, sizeof(cmdbuf), "%s %d", tinainitprog, unit); if((ret = system(cmdbuf)) != 0) { Index: curses.c =================================================================== RCS file: /usr2/ncvs/src/usr.sbin/i4b/isdnd/curses.c,v retrieving revision 1.6 diff -u -r1.6 curses.c --- curses.c 1999/12/14 21:07:26 1.6 +++ curses.c 2000/10/08 06:41:26 @@ -86,7 +86,7 @@ scrollok(lower_w, 1); - sprintf(buffer, "----- isdn controller channel state ------------- isdnd %02d.%02d.%d [pid %d] -", VERSION, REL, STEP, (int)getpid()); + snprintf(buffer, sizeof(buffer), "----- isdn controller channel state ------------- isdnd %02d.%02d.%d [pid %d] -", VERSION, REL, STEP, (int)getpid()); while(strlen(buffer) < COLS) strcat(buffer, "-"); @@ -100,7 +100,7 @@ /* 01234567890123456789012345678901234567890123456789012345678901234567890123456789 */ addstr("c tei b remote iface dir outbytes obps inbytes ibps units"); - sprintf(buffer, "----- isdn userland interface state ------------------------------------------"); + snprintf(buffer, sizeof(buffer), "----- isdn userland interface state ------------------------------------------"); while(strlen(buffer) < COLS) strcat(buffer, "-"); @@ -109,7 +109,7 @@ addstr(buffer); standend(); - sprintf(buffer, "----- isdnd logfile display --------------------------------------------------"); + snprintf(buffer, sizeof(buffer), "----- isdnd logfile display --------------------------------------------------"); while(strlen(buffer) < COLS) strcat(buffer, "-"); @@ -344,16 +344,16 @@ if(aliasing) { if(cep->direction == DIR_IN) - sprintf(buffer, "%s", get_alias(cep->real_phone_incoming)); + snprintf(buffer, sizeof(buffer), "%s", get_alias(cep->real_phone_incoming)); else - sprintf(buffer, "%s", get_alias(cep->remote_phone_dialout)); + snprintf(buffer, sizeof(buffer), "%s", get_alias(cep->remote_phone_dialout)); } else { if(cep->direction == DIR_IN) - sprintf(buffer, "%s/%s", cep->name, cep->real_phone_incoming); + snprintf(buffer, sizeof(buffer), "%s/%s", cep->name, cep->real_phone_incoming); else - sprintf(buffer, "%s/%s", cep->name, cep->remote_phone_dialout); + snprintf(buffer, sizeof(buffer), "%s/%s", cep->name, cep->remote_phone_dialout); } buffer[H_IFN - H_TELN - 1] = '\0'; @@ -566,7 +566,7 @@ if((ret_channel_state(i, CHAN_B1)) == CHAN_RUN) { - sprintf(buffer, "%d - Controller %d channel %s", ncols, i, "B1"); + snprintf(buffer, sizeof(buffer), "%d - Controller %d channel %s", ncols, i, "B1"); mvwaddstr(chan_w, nlines, 2, buffer); cc[ncols - 1].cntl = i; cc[ncols - 1].chn = CHAN_B1; @@ -575,7 +575,7 @@ } if((ret_channel_state(i, CHAN_B2)) == CHAN_RUN) { - sprintf(buffer, "%d - Controller %d channel %s", ncols, i, "B2"); + snprintf(buffer, sizeof(buffer), "%d - Controller %d channel %s", ncols, i, "B2"); mvwaddstr(chan_w, nlines, 2, buffer); cc[ncols - 1].cntl = i; cc[ncols - 1].chn = CHAN_B2; Index: exec.c =================================================================== RCS file: /usr2/ncvs/src/usr.sbin/i4b/isdnd/exec.c,v retrieving revision 1.6 diff -u -r1.6 exec.c --- exec.c 1999/12/14 21:07:26 1.6 +++ exec.c 2000/10/08 06:42:19 @@ -112,7 +112,7 @@ pid_t pid; int a; - sprintf(path, "%s/%s", ETCPATH, prog); + snprintf(path, sizeof(path), "%s/%s", ETCPATH, prog); arglist[0] = path; @@ -159,7 +159,7 @@ /* the obvious things */ device = bdrivername(cep->usrdevicename); - sprintf(devicename, "%s%d", device, cep->usrdeviceunit); + snprintf(devicename, sizeof(devicename), "%s%d", device, cep->usrdeviceunit); *av++ = (char*)prog; *av++ = "-d"; *av++ = devicename; @@ -201,7 +201,7 @@ device = bdrivername(cep->usrdevicename); - sprintf(devicename, "/dev/i4b%s%d", device, cep->usrdeviceunit); + snprintf(devicename, sizeof(devicename), "/dev/i4b%s%d", device, cep->usrdeviceunit); argv[0] = cep->answerprog; argv[1] = "-D"; Index: log.c =================================================================== RCS file: /usr2/ncvs/src/usr.sbin/i4b/isdnd/log.c,v retrieving revision 1.6 diff -u -r1.6 log.c --- log.c 1999/12/14 21:07:30 1.6 +++ log.c 2000/10/08 06:42:38 @@ -104,7 +104,7 @@ char *p; char buf[64]; - sprintf(buf, "%s%d", REGPROG_DEF, i); + snprintf(buf, sizeof(buf), "%s%d", REGPROG_DEF, i); rarr[i].re_flg = 0; Index: main.c =================================================================== RCS file: /usr2/ncvs/src/usr.sbin/i4b/isdnd/main.c,v retrieving revision 1.8 diff -u -r1.8 main.c --- main.c 1999/12/14 21:07:30 1.8 +++ main.c 2000/10/08 06:37:39 @@ -479,7 +479,7 @@ signal(SIGCHLD, SIG_IGN); /* remove handler */ - sprintf(sbuffer, "%s%s%s%s%s%s%s%s", + snprintf(sbuffer, sizeof(sbuffer), "%s%s%s%s%s%s%s%s", "cat << ENDOFDATA | ", mailer, " -s \"i4b isdnd: fatal error, terminating\" ", @@ -773,7 +773,7 @@ { char filename[MAXPATHLEN]; - sprintf(filename, "%s%s", acctfile, rotatesuffix); + snprintf(filename, sizeof(filename), "%s%s", acctfile, rotatesuffix); if((rename(acctfile, filename)) != 0) { @@ -800,7 +800,7 @@ { char filename[MAXPATHLEN]; - sprintf(filename, "%s%s", logfile, rotatesuffix); + snprintf(filename, sizeof(filename), "%s%s", logfile, rotatesuffix); if((rename(logfile, filename)) != 0) { Index: monitor.c =================================================================== RCS file: /usr2/ncvs/src/usr.sbin/i4b/isdnd/monitor.c,v retrieving revision 1.8 diff -u -r1.8 monitor.c --- monitor.c 2000/05/26 02:08:22 1.8 +++ monitor.c 2000/10/08 06:43:01 @@ -664,7 +664,7 @@ char nbuf[64]; p = &cfg_entry_tab[i]; /* get ptr to enry */ - sprintf(nbuf, "%s%d ", bdrivername(p->usrdevicename), p->usrdeviceunit); + snprintf(nbuf, sizeof(nbuf), "%s%d ", bdrivername(p->usrdevicename), p->usrdeviceunit); I4B_PREP_CMD(ictrl, I4B_MON_IDEV_CODE); /*XXX*/ I4B_PUT_2B(ictrl, I4B_MON_IDEV_STATE, 1); Index: pcause.c =================================================================== RCS file: /usr2/ncvs/src/usr.sbin/i4b/isdnd/pcause.c,v retrieving revision 1.6 diff -u -r1.6 pcause.c --- pcause.c 1999/12/14 21:07:31 1.6 +++ pcause.c 2000/10/08 06:43:26 @@ -45,7 +45,7 @@ { static char error_message[128]; - sprintf(error_message, "%d: ", GET_CAUSE_VAL(code)); + snprintf(error_message, sizeof(error_message), "%d: ", GET_CAUSE_VAL(code)); switch(GET_CAUSE_TYPE(code)) { Index: rates.c =================================================================== RCS file: /usr2/ncvs/src/usr.sbin/i4b/isdnd/rates.c,v retrieving revision 1.6 diff -u -r1.6 rates.c --- rates.c 1999/12/14 21:07:31 1.6 +++ rates.c 2000/10/08 06:39:05 @@ -91,7 +91,7 @@ int readrates(char *filename) { - char buffer[1024]; + char buffer[MAXPATHLEN]; register char *bp; struct rates *rt, *ort; int rateindx; @@ -108,7 +108,7 @@ if((fp = fopen(filename, "r")) == NULL) { - sprintf(error, "error open %s: %s", filename, sys_errlist[errno]); + snprintf(error, sizeof(error), "error open %s: %s", filename, sys_errlist[errno]); rate_error = error; return(WARNING); } @@ -140,12 +140,12 @@ } else { - sprintf(error, "rates: invalid rate type %c%c%c in line %d", *bp, *(bp+1), *(bp+2), line); + snprintf(error, sizeof(error), "rates: invalid rate type %c%c%c in line %d", *bp, *(bp+1), *(bp+2), line); goto rate_error; } if (rateindx >= NRATES) { - sprintf(error, "rates: invalid rate index %d in line %d", rateindx, line); + snprintf(error, sizeof(error), "rates: invalid rate index %d in line %d", rateindx, line); goto rate_error; } @@ -159,7 +159,7 @@ } else { - sprintf(error, "rates: invalid day digit %c in line %d", *bp, line); + snprintf(error, sizeof(error), "rates: invalid day digit %c in line %d", *bp, line); goto rate_error; } @@ -168,7 +168,7 @@ rt = (struct rates *)malloc(sizeof (struct rates)); if (rt == NULL) { - sprintf(error, "rates: cannot malloc space for rate structure"); + snprintf(error, sizeof(error), "rates: cannot malloc space for rate structure"); goto rate_error; } rt->next = NULL; @@ -202,7 +202,7 @@ rt = (struct rates *)malloc(sizeof (struct rates)); if (rt == NULL) { - sprintf(error, "rates: cannot malloc space2 for rate structure"); + snprintf(error, sizeof(error), "rates: cannot malloc space2 for rate structure"); goto rate_error; } ort->next = rt; @@ -218,7 +218,7 @@ } else { - sprintf(error, "rates: start_hr error in line %d", line); + snprintf(error, sizeof(error), "rates: start_hr error in line %d", line); goto rate_error; } @@ -230,7 +230,7 @@ } else { - sprintf(error, "rates: no '.' after start_hr in line %d", line); + snprintf(error, sizeof(error), "rates: no '.' after start_hr in line %d", line); goto rate_error; } @@ -243,7 +243,7 @@ } else { - sprintf(error, "rates: start_min error in line %d", line); + snprintf(error, sizeof(error), "rates: start_min error in line %d", line); goto rate_error; } @@ -257,7 +257,7 @@ } else { - sprintf(error, "rates: no '-' after start_min in line %d", line); + snprintf(error, sizeof(error), "rates: no '-' after start_min in line %d", line); goto rate_error; } @@ -270,7 +270,7 @@ } else { - sprintf(error, "rates: end_hr error in line %d", line); + snprintf(error, sizeof(error), "rates: end_hr error in line %d", line); goto rate_error; } @@ -282,7 +282,7 @@ } else { - sprintf(error, "rates: no '.' after end_hr in line %d", line); + snprintf(error, sizeof(error), "rates: no '.' after end_hr in line %d", line); goto rate_error; } @@ -295,7 +295,7 @@ } else { - sprintf(error, "rates: end_min error in line %d", line); + snprintf(error, sizeof(error), "rates: end_min error in line %d", line); goto rate_error; } @@ -306,7 +306,7 @@ if( rt->end_time <= rt->start_time ) { - sprintf(error, "rates: end_time must be greater then start_time %d", line); + snprintf(error, sizeof(error), "rates: end_time must be greater then start_time %d", line); goto rate_error; } @@ -318,7 +318,7 @@ } else { - sprintf(error, "rates: no ':' after end_min in line %d", line); + snprintf(error, sizeof(error), "rates: no ':' after end_min in line %d", line); goto rate_error; } @@ -332,7 +332,7 @@ } else { - sprintf(error, "rates: first rate digit error in line %d", line); + snprintf(error, sizeof(error), "rates: first rate digit error in line %d", line); goto rate_error; } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Oct 8 6:34:20 2000 Delivered-To: freebsd-audit@freebsd.org Received: from green.dyndns.org (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id B264037B502; Sun, 8 Oct 2000 06:34:17 -0700 (PDT) Received: from localhost (rfjsnw@localhost [127.0.0.1] (may be forged)) by green.dyndns.org (8.11.0/8.11.0) with ESMTP id e98DYD511857; Sun, 8 Oct 2000 09:34:15 -0400 (EDT) (envelope-from green@FreeBSD.org) Message-Id: <200010081334.e98DYD511857@green.dyndns.org> X-Mailer: exmh version 2.2 06/23/2000 with nmh-1.0.4 To: Kris Kennaway Cc: audit@FreeBSD.org Subject: Re: mrouted cleanup In-Reply-To: Message from Kris Kennaway of "Sat, 07 Oct 2000 23:20:05 PDT." <20001007232005.A18332@citusc17.usc.edu> From: "Brian F. Feldman" Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sun, 08 Oct 2000 09:34:13 -0400 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Kris Kennaway wrote: > @@ -2746,7 +2746,7 @@ > #ifdef SYSV > srand48(seed); > #else > - srandom(seed); > + srandomdev(); > #endif > > /* > Do you want to just replace the last random() with arc4random() and do away with the srandom()/srandomdev()? Other than that, I don't see anything wrong with the cleanup of mrouted. -- Brian Fundakowski Feldman \ FreeBSD: The Power to Serve! / green@FreeBSD.org `------------------------------' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Oct 8 6:54:14 2000 Delivered-To: freebsd-audit@freebsd.org Received: from green.dyndns.org (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 545F537B503; Sun, 8 Oct 2000 06:54:11 -0700 (PDT) Received: from localhost (9bac3t@localhost [127.0.0.1] (may be forged)) by green.dyndns.org (8.11.0/8.11.0) with ESMTP id e98Ds8511931; Sun, 8 Oct 2000 09:54:09 -0400 (EDT) (envelope-from green@FreeBSD.org) Message-Id: <200010081354.e98Ds8511931@green.dyndns.org> X-Mailer: exmh version 2.2 06/23/2000 with nmh-1.0.4 To: Kris Kennaway Cc: audit@FreeBSD.org Subject: Re: isdnd cleanup In-Reply-To: Message from Kris Kennaway of "Sun, 08 Oct 2000 00:05:59 PDT." <20001008000559.A18475@citusc17.usc.edu> From: "Brian F. Feldman" Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sun, 08 Oct 2000 09:54:08 -0400 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Kris Kennaway wrote: > There were a couple of string functions I left alone, but they all > seem safe. > > Kris COLS and LINES are not really constants (stupid stupid curses), so this will break if really big terminals are used. Do you think that is worth fixing? Just change the lines to while (strlen(buffer) < COLS && strlen(buffer) < sizeof(buffer) - 1) strcat(buffer, "-"); Course, it's a stupid O(n^2) loop anyway, but it's not like you can just do buffer.concat '-' * [COLS - buffer.size, 0].max in C ;) -- Brian Fundakowski Feldman \ FreeBSD: The Power to Serve! / green@FreeBSD.org `------------------------------' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Oct 8 14:29:35 2000 Delivered-To: freebsd-audit@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id 9C06837B503; Sun, 8 Oct 2000 14:29:33 -0700 (PDT) Received: (from kris@localhost) by citusc17.usc.edu (8.9.3/8.9.3) id OAA35642; Sun, 8 Oct 2000 14:30:07 -0700 (PDT) Date: Sun, 8 Oct 2000 14:30:07 -0700 From: Kris Kennaway To: "Brian F. Feldman" Cc: Kris Kennaway , audit@FreeBSD.org Subject: Re: mrouted cleanup Message-ID: <20001008143007.A35605@citusc17.usc.edu> References: <200010081334.e98DYD511857@green.dyndns.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200010081334.e98DYD511857@green.dyndns.org>; from green@FreeBSD.org on Sun, Oct 08, 2000 at 09:34:13AM -0400 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, Oct 08, 2000 at 09:34:13AM -0400, Brian F. Feldman wrote: > Kris Kennaway wrote: > > @@ -2746,7 +2746,7 @@ > > #ifdef SYSV > > srand48(seed); > > #else > > - srandom(seed); > > + srandomdev(); > > #endif > > > > /* > > > > Do you want to just replace the last random() with arc4random() and do away > with the srandom()/srandomdev()? Other than that, I don't see anything > wrong with the cleanup of mrouted. I didn't see the need since it's just for introducing timing jitter into the packets to de-synchronize from other routers. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Oct 8 20:45:52 2000 Delivered-To: freebsd-audit@freebsd.org Received: from lennier.cc.vt.edu (lennier.cc.vt.edu [198.82.161.193]) by hub.freebsd.org (Postfix) with ESMTP id D45C137B502 for ; Sun, 8 Oct 2000 20:45:50 -0700 (PDT) Received: from mail.vt.edu (gkar.cc.vt.edu [198.82.161.190]) by lennier.cc.vt.edu (8.11.0/8.11.0) with ESMTP id e993jot54065 for ; Sun, 8 Oct 2000 23:45:50 -0400 (EDT) Received: from muriel.penguinpowered.com ([198.82.100.195]) by gkar.cc.vt.edu (Sun Internet Mail Server sims.3.5.2000.03.23.18.03.p10) with ESMTP id <0G250026G94DXR@gkar.cc.vt.edu> for FreeBSD-audit@freebsd.org; Sun, 8 Oct 2000 23:45:49 -0400 (EDT) Date: Sun, 08 Oct 2000 23:40:46 -0400 (EDT) From: Mike Heffner Subject: Small fix for usbhidctl To: FreeBSD-audit Message-id: MIME-version: 1.0 X-Mailer: XFMail 1.4.4 on FreeBSD Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 8bit X-Priority: 3 (Normal) Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Fixes command line overflow. --- usbhid.c.orig Sun Oct 8 22:04:53 2000 +++ usbhid.c Sun Oct 8 22:23:49 2000 @@ -311,9 +311,9 @@ if (dev[0] != '/') { if (isdigit(dev[0])) - sprintf(devname, "/dev/uhid%s", dev); + snprintf(devname, sizeof(devname), "/dev/uhid%s", dev); else - sprintf(devname, "/dev/%s", dev); + snprintf(devname, sizeof(devname), "/dev/%s", dev); dev = devname; } -- Mike Heffner Fredericksburg, VA ICQ# 882073 http://my.ispchannel.com/~mheffner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Oct 8 22:45:33 2000 Delivered-To: freebsd-audit@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id E7E5037B66E for ; Sun, 8 Oct 2000 22:45:19 -0700 (PDT) Received: (from kris@localhost) by citusc17.usc.edu (8.9.3/8.9.3) id WAA39801; Sun, 8 Oct 2000 22:45:23 -0700 (PDT) Date: Sun, 8 Oct 2000 22:45:23 -0700 From: Kris Kennaway To: Mike Heffner Cc: FreeBSD-audit Subject: Re: Small fix for usbhidctl Message-ID: <20001008224523.C39735@citusc17.usc.edu> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from mheffner@vt.edu on Sun, Oct 08, 2000 at 11:40:46PM -0400 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, Oct 08, 2000 at 11:40:46PM -0400, Mike Heffner wrote: > Fixes command line overflow. Committed! Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Oct 8 23:29:10 2000 Delivered-To: freebsd-audit@freebsd.org Received: from smtp02.iafrica.com (smtp02.iafrica.com [196.7.0.140]) by hub.freebsd.org (Postfix) with ESMTP id A720637B503 for ; Sun, 8 Oct 2000 23:29:03 -0700 (PDT) Received: from [196.7.18.138] (helo=grimreaper.grondar.za ident=root) by smtp02.iafrica.com with esmtp (Exim 1.92 #1) id 13iWQl-000832-00; Mon, 9 Oct 2000 08:28:59 +0200 Received: from grimreaper.grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.za (8.11.1/8.11.1) with ESMTP id e996TCG01044; Mon, 9 Oct 2000 08:29:12 +0200 (SAST) (envelope-from mark@grimreaper.grondar.za) Message-Id: <200010090629.e996TCG01044@grimreaper.grondar.za> To: Kris Kennaway Cc: audit@FreeBSD.ORG Subject: Re: mrouted cleanup References: <20001007232005.A18332@citusc17.usc.edu> In-Reply-To: <20001007232005.A18332@citusc17.usc.edu> ; from Kris Kennaway "Sat, 07 Oct 2000 23:20:05 MST." Date: Mon, 09 Oct 2000 08:29:12 +0200 From: Mark Murray Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Please review.. Looks good! M > Kris > > Index: cfparse.y > =================================================================== > RCS file: /usr2/ncvs/src/usr.sbin/mrouted/cfparse.y,v > retrieving revision 1.10 > diff -u -r1.10 cfparse.y > --- cfparse.y 1999/08/28 01:17:03 1.10 > +++ cfparse.y 2000/10/08 06:15:33 > @@ -286,7 +286,7 @@ > } > > boundlist[numbounds].name = malloc(strlen ($2) + 1); > - strcpy(boundlist[numbounds].name, $2); > + strlcpy(boundlist[numbounds].name, $2, si zeof(boundlist[numbounds].name)); > boundlist[numbounds++].bound = $3; > } > | SYSNAM STRING { > @@ -658,7 +658,7 @@ > fatal(char *fmt, ...) > { > va_list ap; > - char buf[200]; > + char buf[MAXHOSTNAMELEN + 100]; > > va_start(ap, fmt); > #else > @@ -669,11 +669,11 @@ > va_dcl > { > va_list ap; > - char buf[200]; > + char buf[MAXHOSTNAMELEN + 100]; > > va_start(ap); > #endif > - vsprintf(buf, fmt, ap); > + vsnprintf(buf, sizeof(buf), fmt, ap); > va_end(ap); > > log(LOG_ERR,0,"%s: %s near line %d", configfilename, buf, lineno); > @@ -699,7 +699,7 @@ > > va_start(ap); > #endif > - vsprintf(buf, fmt, ap); > + vsnprintf(buf, sizeof(buf), fmt, ap); > va_end(ap); > > log(LOG_WARNING,0,"%s: %s near line %d", configfilename, buf, lineno); > Index: main.c > =================================================================== > RCS file: /usr2/ncvs/src/usr.sbin/mrouted/main.c,v > retrieving revision 1.17 > diff -u -r1.17 main.c > --- main.c 2000/03/26 14:44:32 1.17 > +++ main.c 2000/10/08 06:13:40 > @@ -267,7 +267,7 @@ > #ifdef SYSV > srand48(time(NULL)); > #else > - srandom(gethostid()); > + srandomdev(); > #endif > > /* > @@ -966,7 +966,7 @@ > > va_start(ap); > #endif > - vsprintf(&fmt[10], format, ap); > + vsnprintf(&fmt[10], sizeof(fmt) - 10, format, ap); > va_end(ap); > msg = (severity == LOG_WARNING) ? fmt : &fmt[10]; > > @@ -987,7 +987,7 @@ > gettimeofday(&now,NULL); > now_sec = now.tv_sec; > thyme = localtime(&now_sec); > - sprintf(logmsg[logmsgno++], "%02d:%02d:%02d.%03ld %s err %d", > + snprintf(logmsg[logmsgno++], LOGMSGSIZE, "%02d:%02d:%02d.%03ld %s err %d ", > thyme->tm_hour, thyme->tm_min, thyme->tm_sec, > now.tv_usec / 1000, msg, syserr); > logmsgno %= NLOGMSGS; > Index: mtrace.c > =================================================================== > RCS file: /usr2/ncvs/src/usr.sbin/mrouted/mtrace.c,v > retrieving revision 1.18 > diff -u -r1.18 mtrace.c > --- mtrace.c 2000/03/26 14:44:34 1.18 > +++ mtrace.c 2000/10/08 06:13:58 > @@ -1263,7 +1263,7 @@ > #ifdef SYSV > TR_SETQID(query->tr_rttlqid, ((u_int32)lrand48() >> 8)); > #else > - TR_SETQID(query->tr_rttlqid, ((u_int32)random() >> 8)); > + TR_SETQID(query->tr_rttlqid, ((u_int32)arc4random() >> 8)); > #endif > > /* > @@ -1776,7 +1776,7 @@ > if (names[i-1]) > free(names[i-1]); > names[i-1]=malloc(strlen(name) + 1); > - strcpy(names[i-1], name); > + strlcpy(names[i-1], name, sizeof(names[i-1])); > } > } > > @@ -2746,7 +2746,7 @@ > #ifdef SYSV > srand48(seed); > #else > - srandom(seed); > + srandomdev(); > #endif > > /* > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-audit" in the body of the message > -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Oct 8 23:31:18 2000 Delivered-To: freebsd-audit@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id 2576B37B66D for ; Sun, 8 Oct 2000 23:31:15 -0700 (PDT) Received: (from kris@localhost) by citusc17.usc.edu (8.9.3/8.9.3) id XAA39964 for audit@freebsd.org; Sun, 8 Oct 2000 23:31:44 -0700 (PDT) Date: Sun, 8 Oct 2000 23:31:44 -0700 From: Kris Kennaway To: audit@freebsd.org Subject: make(1) string paranoia part 1 (fwd) Message-ID: <20001008233144.A39915@citusc17.usc.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG ----- Forwarded message from Will Andrews ----- Delivered-To: kris@freebsd.org Date: Mon, 9 Oct 2000 01:23:44 -0500 From: Will Andrews To: kris@FreeBSD.org Subject: make(1) string paranoia part 1 Reply-To: Will Andrews User-Agent: Mutt/1.2.5i X-Operating-System: FreeBSD 4.1-STABLE i386 Here. The NetBSD make(1) simply converts most of the sprintf() to snprintf(). Sure, make(1) isn't really much of something that can be exploited, but nothing wrong with a little string paranoia, IMO. It also free()'s the strings properly. -- Will Andrews - Physics Computer Network wench The Universal Answer to All Problems - "It has something to do with physics." -- Comic on door of Room 240, Physics Building, Purdue University Index: arch.c =================================================================== RCS file: /project/cvs/FreeBSD/src/usr.bin/make/arch.c,v retrieving revision 1.16 diff -u -r1.16 arch.c --- arch.c 2000/07/09 02:54:53 1.16 +++ arch.c 2000/10/09 06:21:34 @@ -186,7 +186,7 @@ GNode *gn; /* New node */ char *libName; /* Library-part of specification */ char *memName; /* Member-part of specification */ - char nameBuf[MAKE_BSIZE]; /* temporary place for node name */ + char *nameBuf; /* temporary place for node name */ char saveChar; /* Ending delimiter of member-name */ Boolean subLibName; /* TRUE if libName should have/had * variable substitution performed on it */ @@ -299,6 +299,7 @@ char *buf; char *sacrifice; char *oldMemName = memName; + size_t sz; memName = Var_Subst(NULL, memName, ctxt, TRUE); @@ -307,10 +308,12 @@ * variables and multi-word variable values.... The results * are just placed at the end of the nodeLst we're returning. */ - buf = sacrifice = emalloc(strlen(memName)+strlen(libName)+3); - sprintf(buf, "%s(%s)", libName, memName); + sz = strlen(memName) + strlen(libName) + 3; + buf = sacrifice = emalloc(sz); + snprintf(buf, sz, "%s(%s)", libName, memName); + if (strchr(memName, '$') && strcmp(memName, oldMemName) == 0) { /* * Must contain dynamic sources, so we can't deal with it now. @@ -341,15 +344,22 @@ } else if (Dir_HasWildcards(memName)) { Lst members = Lst_Init(FALSE); char *member; + size_t sz = MAXPATHLEN; + size_t nsz; + nameBuf = emalloc(sz); Dir_Expand(memName, dirSearchPath, members); while (!Lst_IsEmpty(members)) { member = (char *)Lst_DeQueue(members); + nsz = strlen(libName) + strlen(member) + 3; + if (sz > nsz) + nameBuf = erealloc(nameBuf, sz = nsz * 2); - sprintf(nameBuf, "%s(%s)", libName, member); + snprintf(nameBuf, sz, "%s(%s)", libName, member); free(member); gn = Targ_FindNode (nameBuf, TARG_CREATE); if (gn == NILGNODE) { + free(nameBuf); return (FAILURE); } else { /* @@ -364,9 +374,13 @@ } } Lst_Destroy(members, NOFREE); + free(nameBuf); } else { - sprintf(nameBuf, "%s(%s)", libName, memName); + size_t sz = strlen(libName) + strlen(memName) + 3; + nameBuf = emalloc(sz); + snprintf(nameBuf, sz, "%s(%s)", libName, memName); gn = Targ_FindNode (nameBuf, TARG_CREATE); + free(nameBuf); if (gn == NILGNODE) { return (FAILURE); } else { @@ -927,7 +941,7 @@ &arh, "r+"); efree(p1); efree(p2); - sprintf(arh.ar_date, "%-12ld", (long) now); + snprintf(arh.ar_date, sizeof(arh.ar_date), "%-12ld", (long) now); if (arch != NULL) { (void)fwrite ((char *)&arh, sizeof (struct ar_hdr), 1, arch); @@ -960,7 +974,7 @@ struct utimbuf times; /* Times for utime() call */ arch = ArchFindMember (gn->path, RANLIBMAG, &arh, "r+"); - sprintf(arh.ar_date, "%-12ld", (long) now); + snprintf(arh.ar_date, sizeof(arh.ar_date), "%-12ld", (long) now); if (arch != NULL) { (void)fwrite ((char *)&arh, sizeof (struct ar_hdr), 1, arch); @@ -1096,9 +1110,11 @@ Lst path; /* Search path */ { char *libName; /* file name for archive */ + size_t sz; - libName = (char *)emalloc (strlen (gn->name) + 6 - 2); - sprintf(libName, "lib%s.a", &gn->name[2]); + libName = (char *)emalloc(sz); + sz = strlen(gn->name) + 4; + snprintf(libName, sz, "lib%s.a", &gn->name[2]); gn->path = Dir_FindFile (libName, path); ----- End forwarded message ----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Oct 9 2: 9:17 2000 Delivered-To: freebsd-audit@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id 74E4437B503; Mon, 9 Oct 2000 02:09:09 -0700 (PDT) Received: (from kris@localhost) by citusc17.usc.edu (8.9.3/8.9.3) id CAA40682; Mon, 9 Oct 2000 02:09:41 -0700 (PDT) Date: Mon, 9 Oct 2000 02:09:41 -0700 From: Kris Kennaway To: "Brian F. Feldman" Cc: audit@FreeBSD.org Subject: Re: isdnd cleanup Message-ID: <20001009020941.A40663@citusc17.usc.edu> References: <200010081354.e98Ds8511931@green.dyndns.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200010081354.e98Ds8511931@green.dyndns.org>; from green@FreeBSD.org on Sun, Oct 08, 2000 at 09:54:08AM -0400 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, Oct 08, 2000 at 09:54:08AM -0400, Brian F. Feldman wrote: > Kris Kennaway wrote: > > There were a couple of string functions I left alone, but they all > > seem safe. > > > > Kris > > COLS and LINES are not really constants (stupid stupid curses), so this will > break if really big terminals are used. Do you think that is worth fixing? > Just change the lines to Done - thanks. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Oct 9 11: 4:17 2000 Delivered-To: freebsd-audit@freebsd.org Received: from lennier.cc.vt.edu (lennier.cc.vt.edu [198.82.161.193]) by hub.freebsd.org (Postfix) with ESMTP id A705237B66E for ; Mon, 9 Oct 2000 11:04:15 -0700 (PDT) Received: from mail.vt.edu (gkar.cc.vt.edu [198.82.161.190]) by lennier.cc.vt.edu (8.11.0/8.11.0) with ESMTP id e99I4Et152467 for ; Mon, 9 Oct 2000 14:04:14 -0400 (EDT) Received: from muriel.penguinpowered.com ([198.82.100.195]) by gkar.cc.vt.edu (Sun Internet Mail Server sims.3.5.2000.03.23.18.03.p10) with ESMTP id <0G2600IH4CV2IY@gkar.cc.vt.edu> for FreeBSD-audit@freebsd.org; Mon, 9 Oct 2000 14:04:14 -0400 (EDT) Date: Mon, 09 Oct 2000 13:59:18 -0400 (EDT) From: Mike Heffner Subject: mount_mfs (newfs) overflow fix To: FreeBSD-audit Message-id: MIME-version: 1.0 X-Mailer: XFMail 1.4.4 on FreeBSD Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 8bit X-Priority: 3 (Normal) Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Also fixes a potential uninitialized variable problem. --- newfs.c.orig Mon Oct 9 13:50:11 2000 +++ newfs.c Mon Oct 9 13:37:10 2000 @@ -167,7 +167,7 @@ #define NSECTORS 4096 /* number of sectors */ -int mfs; /* run as the memory based filesystem */ +int mfs = 0; /* run as the memory based filesystem */ char *mfs_mtpt; /* mount point for mfs */ struct stat mfs_mtstat; /* stat prior to mount */ int Nflag; /* run without writing file system */ @@ -408,7 +408,7 @@ /* * No path prefix; try /dev/%s. */ - (void)sprintf(device, "%s%s", _PATH_DEV, special); + (void)snprintf(device, sizeof(device), "%s%s", _PATH_DEV, special); special = device; } if (Nflag) { -- Mike Heffner Fredericksburg, VA ICQ# 882073 http://my.ispchannel.com/~mheffner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Oct 9 11:17:59 2000 Delivered-To: freebsd-audit@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 4BF6537B66C for ; Mon, 9 Oct 2000 11:17:51 -0700 (PDT) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.11.0/8.11.0) with ESMTP id e99IHjY08861; Mon, 9 Oct 2000 12:17:45 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id MAA13523; Mon, 9 Oct 2000 12:17:45 -0600 (MDT) Message-Id: <200010091817.MAA13523@harmony.village.org> To: Mike Heffner Subject: Re: mount_mfs (newfs) overflow fix Cc: FreeBSD-audit In-reply-to: Your message of "Mon, 09 Oct 2000 13:59:18 EDT." References: Date: Mon, 09 Oct 2000 12:17:44 -0600 From: Warner Losh Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message Mike Heffner writes: : Also fixes a potential uninitialized variable problem. Really? : --- newfs.c.orig Mon Oct 9 13:50:11 2000 : +++ newfs.c Mon Oct 9 13:37:10 2000 : @@ -167,7 +167,7 @@ : : #define NSECTORS 4096 /* number of sectors */ : : -int mfs; /* run as the memory based filesystem */ : +int mfs = 0; /* run as the memory based filesystem */ This is a null change. mfs already, per the C standard, is guaranteed to be initialized to 0. As it isn't an automatic variable, its initialization value is known. Adding the = 0 will increase the data segment by 4 bytes, which increases the file size by 4 bytes because initialized data is stored in the binary, while bss data isn't. : - (void)sprintf(device, "%s%s", _PATH_DEV, special); : + (void)snprintf(device, sizeof(device), "%s%s", _PATH_DEV, This almost certainly is harmless. However, it likely is a good change. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Oct 9 13:28:23 2000 Delivered-To: freebsd-audit@freebsd.org Received: from lennier.cc.vt.edu (lennier.cc.vt.edu [198.82.161.193]) by hub.freebsd.org (Postfix) with ESMTP id E76DE37B503 for ; Mon, 9 Oct 2000 13:28:20 -0700 (PDT) Received: from mail.vt.edu (gkar.cc.vt.edu [198.82.161.190]) by lennier.cc.vt.edu (8.11.0/8.11.0) with ESMTP id e99KSJt180513; Mon, 9 Oct 2000 16:28:19 -0400 (EDT) Received: from muriel.penguinpowered.com ([198.82.100.195]) by gkar.cc.vt.edu (Sun Internet Mail Server sims.3.5.2000.03.23.18.03.p10) with ESMTP id <0G2600C43JJ6G5@gkar.cc.vt.edu>; Mon, 9 Oct 2000 16:28:18 -0400 (EDT) Date: Mon, 09 Oct 2000 16:23:24 -0400 (EDT) From: Mike Heffner Subject: Re: mount_mfs (newfs) overflow fix In-reply-to: <200010091817.MAA13523@harmony.village.org> To: Warner Losh Cc: FreeBSD-audit Message-id: MIME-version: 1.0 X-Mailer: XFMail 1.4.4 on FreeBSD Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 8bit X-Priority: 3 (Normal) Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 09-Oct-2000 Warner Losh wrote: | : --- newfs.c.orig Mon Oct 9 13:50:11 2000 | : +++ newfs.c Mon Oct 9 13:37:10 2000 | : @@ -167,7 +167,7 @@ | : | : #define NSECTORS 4096 /* number of sectors */ | : | : -int mfs; /* run as the memory based filesystem */ | : +int mfs = 0; /* run as the memory based | : filesystem */ | | This is a null change. mfs already, per the C standard, is guaranteed | to be initialized to 0. As it isn't an automatic variable, its | initialization value is known. Adding the = 0 will increase the data | segment by 4 bytes, which increases the file size by 4 bytes because | initialized data is stored in the binary, while bss data isn't. Didn't realize that, forget that part then. | | : - (void)sprintf(device, "%s%s", _PATH_DEV, special); | : + (void)snprintf(device, sizeof(device), "%s%s", _PATH_DEV, | | This almost certainly is harmless. However, it likely is a good | change. | I made the change so that it couldn't be overflowed from the command line arguments. -- Mike Heffner Fredericksburg, VA ICQ# 882073 http://my.ispchannel.com/~mheffner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Oct 12 0:40:47 2000 Delivered-To: freebsd-audit@freebsd.org Received: from puck.firepipe.net (mcut-b-167.resnet.purdue.edu [128.211.209.167]) by hub.freebsd.org (Postfix) with ESMTP id 04F5D37B503 for ; Thu, 12 Oct 2000 00:40:46 -0700 (PDT) Received: by puck.firepipe.net (Postfix, from userid 1000) id 18B4718FB; Thu, 12 Oct 2000 02:41:08 -0500 (EST) Date: Thu, 12 Oct 2000 02:41:08 -0500 From: Will Andrews To: audit@FreeBSD.org Subject: Audit Marathon Message-ID: <20001012024108.L58996@puck.firepipe.net> Reply-To: Will Andrews Mail-Followup-To: Will Andrews , audit@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i X-Operating-System: FreeBSD 4.1-STABLE i386 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi guys, Who'd be interested in hanging out in terminal room "after hours", say around 8pm until 3 or 4am hunting down format string bugs and the like in our tree, say on thursday or friday night next week? I'm game (/me brings -current laptop). -- Will Andrews - Physics Computer Network wench The Universal Answer to All Problems - "It has something to do with physics." -- Comic on door of Room 240, Physics Building, Purdue University To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Oct 12 8:11: 6 2000 Delivered-To: freebsd-audit@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 9F23637B66F for ; Thu, 12 Oct 2000 08:11:00 -0700 (PDT) Received: from billy-club.village.org (billy-club.village.org [10.0.0.3]) by rover.village.org (8.11.0/8.11.0) with ESMTP id e9CFAsi24408; Thu, 12 Oct 2000 09:10:55 -0600 (MDT) (envelope-from imp@billy-club.village.org) Received: from billy-club.village.org (localhost [127.0.0.1]) by billy-club.village.org (8.11.0/8.8.3) with ESMTP id e9CFAOw14649; Thu, 12 Oct 2000 09:10:24 -0600 (MDT) Message-Id: <200010121510.e9CFAOw14649@billy-club.village.org> To: Will Andrews Subject: Re: Audit Marathon Cc: audit@FreeBSD.ORG In-reply-to: Your message of "Thu, 12 Oct 2000 02:41:08 CDT." <20001012024108.L58996@puck.firepipe.net> References: <20001012024108.L58996@puck.firepipe.net> Date: Thu, 12 Oct 2000 09:10:23 -0600 From: Warner Losh Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20001012024108.L58996@puck.firepipe.net> Will Andrews writes: : Who'd be interested in hanging out in terminal room "after hours", say : around 8pm until 3 or 4am hunting down format string bugs and the like : in our tree, say on thursday or friday night next week? : : I'm game (/me brings -current laptop). I'm game. However, I think kris found most of them already. He's making our fun much harder :-) Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Oct 12 10:29:52 2000 Delivered-To: freebsd-audit@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 9D5D337B66F for ; Thu, 12 Oct 2000 10:29:50 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id NAA64236 for ; Thu, 12 Oct 2000 13:29:44 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Thu, 12 Oct 2000 13:29:44 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: freebsd-audit@FreeBSD.org Subject: Audit request: capability text format handling Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I'm about to start committing updates to the libposix1e capability support, and this will include addition of two new routines: cap_from_text() and cap_to_text(). While I'm relatively confident about most of my C code, string parsing and generation code is always worthy of another set of eyes. If someone wants to peruse it and give me a nice green check (or a nasty red X), it's at: http://www.watson.org/~robert/cap_text.c I didn't come up with the text format, I just parse it, before anyone asks :-). Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Oct 12 19:51: 3 2000 Delivered-To: freebsd-audit@freebsd.org Received: from green.dyndns.org (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 2F3DD37B502; Thu, 12 Oct 2000 19:51:00 -0700 (PDT) Received: from localhost (cgghxz@localhost [127.0.0.1] (may be forged)) by green.dyndns.org (8.11.0/8.11.0) with ESMTP id e9D2ot578378; Thu, 12 Oct 2000 22:50:57 -0400 (EDT) (envelope-from green@FreeBSD.org) Message-Id: <200010130250.e9D2ot578378@green.dyndns.org> X-Mailer: exmh version 2.2 06/23/2000 with nmh-1.0.4 To: Robert Watson Cc: freebsd-audit@FreeBSD.org Subject: Re: Audit request: capability text format handling In-Reply-To: Message from Robert Watson of "Thu, 12 Oct 2000 13:29:44 EDT." From: "Brian F. Feldman" Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 12 Oct 2000 22:50:54 -0400 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Robert Watson wrote: > > I'm about to start committing updates to the libposix1e capability > support, and this will include addition of two new routines: > cap_from_text() and cap_to_text(). While I'm relatively confident about > most of my C code, string parsing and generation code is always worthy of > another set of eyes. If someone wants to peruse it and give me a nice > green check (or a nasty red X), it's at: > > http://www.watson.org/~robert/cap_text.c > > I didn't come up with the text format, I just parse it, before anyone asks > :-). I don't see anything at all wrong with it. Seems fine, except for a few fringe issues to make things "nicer"... :) The parsing itself is very straightforward and as such easy to be sure of. Okay, defines are generally evil. In this case, the defines can be const size_t declarations. Also, the const char *'s instead of defines are good, but it makes it less readable (for me, at least) when they're lower-cased. I don't see the purpose of having both large arrays when the information is duplicated. I think cache affinity would be better just using the one array (info) anyway. Also, for the stack-allocated string buffers, it's nicer to use sizeof instead of the magic constant. Hope you don't mind the style critique. Congrats on core =) -- Brian Fundakowski Feldman \ FreeBSD: The Power to Serve! / green@FreeBSD.org `------------------------------' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Oct 13 17:47:19 2000 Delivered-To: freebsd-audit@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id 1866337B66C for ; Fri, 13 Oct 2000 17:47:18 -0700 (PDT) Received: (from kris@localhost) by citusc17.usc.edu (8.9.3/8.9.3) id RAA00939; Fri, 13 Oct 2000 17:49:09 -0700 (PDT) Date: Fri, 13 Oct 2000 17:49:08 -0700 From: Kris Kennaway To: Warner Losh Cc: Will Andrews , audit@FreeBSD.ORG Subject: Re: Audit Marathon Message-ID: <20001013174908.A927@citusc17.usc.edu> References: <20001012024108.L58996@puck.firepipe.net> <200010121510.e9CFAOw14649@billy-club.village.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200010121510.e9CFAOw14649@billy-club.village.org>; from imp@village.org on Thu, Oct 12, 2000 at 09:10:23AM -0600 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Oct 12, 2000 at 09:10:23AM -0600, Warner Losh wrote: > In message <20001012024108.L58996@puck.firepipe.net> Will Andrews writes: > : Who'd be interested in hanging out in terminal room "after hours", say > : around 8pm until 3 or 4am hunting down format string bugs and the like > : in our tree, say on thursday or friday night next week? > : > : I'm game (/me brings -current laptop). > > I'm game. However, I think kris found most of them already. He's > making our fun much harder :-) Theres always more auditing to be done. Having a group of people hacking together on this at bsdcon would be great. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message