From owner-freebsd-audit Sun Aug 12 10:47:13 2001 Delivered-To: freebsd-audit@freebsd.org Received: from coffee.q9media.com (coffee.q9media.com [216.94.229.19]) by hub.freebsd.org (Postfix) with ESMTP id 2BEDB37B407 for ; Sun, 12 Aug 2001 10:47:09 -0700 (PDT) (envelope-from mike@coffee.q9media.com) Received: (from mike@localhost) by coffee.q9media.com (8.11.2/8.11.2) id f7CI7o429228; Sun, 12 Aug 2001 14:07:50 -0400 (EDT) (envelope-from mike) Date: Sun, 12 Aug 2001 14:07:50 -0400 From: Mike Barcroft To: Akinori MUSHA Cc: audit@FreeBSD.org Subject: Re: adding -P option to pkg_delete(1) Message-ID: <20010812140750.B29132@coffee.q9media.com> References: <86elqphctp.wl@archon.local.idaemons.org> <86d761hijs.wl@archon.local.idaemons.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <86d761hijs.wl@archon.local.idaemons.org>; from knu@iDaemons.org on Sun, Aug 12, 2001 at 03:57:27PM +0900 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Aug 12, 2001 at 03:57:27PM +0900, Akinori MUSHA wrote: > Please review the attached patch, which adds a new option "-P" to > pkg_delete(1) which preserves shared library files. This is useful > when one suspects that s/he still have some binaries that depend on > the shared library that's being deleted. Probably pkg_version(1) may > want to use the option for the -c feature. > Index: lib/plist.c > =================================================================== > RCS file: /home/ncvs/src/usr.sbin/pkg_install/lib/plist.c,v > retrieving revision 1.34 > diff -u -r1.34 plist.c > --- lib/plist.c 2001/08/02 12:38:29 1.34 > +++ lib/plist.c 2001/08/05 17:53:29 > @@ -346,13 +346,48 @@ > } > > /* > + * Check if the given filename looks like a shared library. > + */ > +static Boolean > +is_shlib(char *filename) > +{ > + char *p, *q; > + > + /* basename */ > + if (NULL != (p = strrchr(filename, '/'))) > + p++; > + else > + p = filename; > + > + /* empty filename or dotfile? */ > + if (*p == '\0' || *p == '.') > + return FALSE; > + > + /* do "strrstr" for .so */ > + if (NULL == (q = strstr(p + 1, ".so"))) > + return FALSE; > + while (NULL != (p = strstr(q += 3, ".so"))) > + q = p; > + > + /* skip version numbers */ > + while (*q) { > + if (*q != '.' || !isdigit(*++q)) > + return FALSE; > + while (isdigit(*++q)) > + ; > + } > + > + return TRUE; > +} [...] This could probably be written better, so that you don't have to walk filename so many times. [...] > - sprintf(tmp, "%s/%s", Where, p->name); > + sprintf(tmp, "%s/%s", Where, last_file); [...] I don't see any checks to ensure that this won't overflow tmp, so you should probably use snprintf(3) instead. The rest of the patch looks reasonable, but I agree with Sheldon that this shouldn't be merged into -STABLE until after 4.4-RELEASE. Best regards, Mike Barcroft To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message