summaryrefslogtreecommitdiff
path: root/coreutils
AgeCommit message (Collapse)Author
2004-08-26Tito writes:Eric Andersen
Hi, I've spent the half night staring at the devilish my_getpwuid and my_getgrgid functions trying to find out a way to avoid actual and future potential buffer overflow problems without breaking existing code. Finally I've found a not intrusive way to do this that surely doesn't break existing code and fixes a couple of problems too. The attached patch: 1) changes the behaviour of my_getpwuid and my_getgrgid to avoid potetntial buffer overflows 2) fixes all occurences of this function calls in tar.c , id.c , ls.c, whoami.c, logger.c, libbb.h. 3) The behaviour of tar, ls and logger is unchanged. 4) The behavior of ps with somewhat longer usernames messing up output is fixed. 5) The only bigger change was the increasing of size of the buffers in id.c to avoid false negatives (unknown user: xxxxxx) with usernames longer than 8 chars. The value i used ( 32 chars ) was taken from the tar header ( see gname and uname). Maybe this buffers can be reduced a bit ( to 16 or whatever ), this is up to you. 6) The increase of size of the binary is not so dramatic: size busybox text data bss dec hex filename 239568 2300 36816 278684 4409c busybox size busybox_fixed text data bss dec hex filename 239616 2300 36816 278732 440cc busybox 7) The behaviour of whoami changed: actually it prints out an username cut down to the size of the buffer. This could be fixed by increasing the size of the buffer as in id.c or avoid the use of my_getpwuid and use getpwuid directly instead. Maybe this colud be also remain unchanged...... Please apply if you think it is ok to do so. The diff applies on today's cvs tarball (2004-08-25). Thanks in advance, Ciao, Tito
2004-08-11Patch from Bastian Blank to add 64 bit support to the test command.Glenn L McGrath
Example of broken usage: ./busybox test 2147483648 -gt 2147483648
2004-08-03Tito, farmatito at tiscali dot it writes:Eric Andersen
Hi to all, This patch is useful for: 1) remove an unused var from extern char *find_real_root_device_name(const char* name) changing it to extern char *find_real_root_device_name(void). 2) fixes include/libbb.h, coreutils/df.c, util-linux/mount.c and util-linux/umount.c accordingly. 3) fixes a bug, really a false positive, in find_real_root_device_name() that happens if in the /dev directory exists a link named root (/dev/root) that should be skipped but is not. This affects applets like df that display wrong results
2004-07-30Fixup getty, login, etc so the utmp and wtmp are updated, allowingEric Andersen
the 'who' and 'last' applets among other things to work as expected. -Erik
2004-07-26BusyBox has no business hard coding the number of major and minor bits for aEric Andersen
dev_t. This is especially important now that the user space concept of a dev_t and the kernel concept of a dev_t are divergant. The only bit of user space allowed to know the number of major and minor bits is include/sys/sysmacros.h (i.e. part of libc). When used with a current C library and a 2.6.x kernel, this fix should allow BusyBox to support wide device major/minor numbers. -Erik
2004-07-23Patch from Felipe Kellermann, fix endless loop when first > last andGlenn L McGrath
increment > 0.
2004-07-23Felipe Kellermann writes,Glenn L McGrath
"As noticed today by Steven Scholz, the od's `-v' was broken. I've fixed that and now both the flags `-v' and `-a' are OK" Fixes a segfault in echo "uuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu\02bar\4"| ./busybox od -av
2004-05-26If read were to return with an error, bad things would happen. Fix it.Manuel Novoa III
Also, make sure read errors are reflected in the applet exit code.
2004-05-26Use STDIN_FILENO rather than '0'Eric Andersen
2004-05-26Rob Landley writes:Eric Andersen
Run this test, against both busybox and a non-busybox version of "tee". while true; do i=$[$i+1]; echo "hello $i"; sleep 1; done | ./busybox tee Now run the busybox one again with the following small patch applied:
2004-05-05Steve Grubb writes:Eric Andersen
Hi, I just re-reviewed the patch I just sent...and it needed to be BUFSIZ-3 in dos2unix.c . tempFn is BUFSIZ so the last addressable spot it BUFSIZ-1. The loop increments by 2. That's why it should be BUFSIZ-3. Best Regards, Steve Grubb
2004-05-05Steve Grubb writes:Eric Andersen
Hello, I found and patched 2 more bugs. The first is a misplaced semi-colon. The second one is a buffer overflow. I doubt the buffer overflow is triggered in real life. But you never know what those wily hackers are up to. Thanks, Steve Grubb
2004-04-25Update my email address, document some of my tasks in the AUTHORS fileGlenn L McGrath
2004-04-16Thats odd. I guess this was cut-n-paste error, but vodzEric Andersen
email address was wrong!
2004-04-14Larry Doolittle writes:Eric Andersen
This is a bulk spelling fix patch against busybox-1.00-pre10. If anyone gets a corrupted copy (and cares), let me know and I will make alternate arrangements. Erik - please apply. Authors - please check that I didn't corrupt any meaning. Package importers - see if any of these changes should be passed to the upstream authors. I glossed over lots of sloppy capitalizations, missing apostrophes, mixed American/British spellings, and German-style compound words. What is "pretect redefined for test" in cmdedit.c? Good luck on the 1.00 release! - Larry
2004-04-06Fix non standard 'date -R' formattingEric Andersen
2004-03-27s/fileno\(stdin\)/STDIN_FILENO/gEric Andersen
s/fileno\(stdout\)/STDOUT_FILENO/g
2004-03-23Brian Pomerantz writes:Eric Andersen
I've noticed a bug in the "autowidth" feature more, and is probably in others. The call to the function get_terminal_width_height() passes in a file descriptor but that file descriptor is never used, instead the ioctl() is called with 0. In more_main() the call to get_terminal_width_height() passes 0 as the file descriptor instead of fileno(cin). This isn't a problem when you more a file (e.g. "more /etc/passwd") but when you pipe a file to it (e.g. "cat /etc/passwd | more") the size of the terminal cannot be determined because file descriptor 0 is not a terminal. The fix is simple, I've attached a patch for more.c and get_terminal_width_height.c. BAPper
2004-03-15Remove trailing whitespace. Update copyright to include 2004.Eric Andersen
2004-03-12Hideki IWAMOTO writes:Eric Andersen
Current `tr' implementation has a problem, if `plain char' is signed. [current cvs version] >echo a | _install/usr/bin/tr '\0' '\377' Segmentation fault (core dumped) [patched version] >echo a | _install/usr/bin/tr '\0' '\377' a
2004-03-10When displaying the size in 1kB blocks round up if an odd number ofGlenn L McGrath
blocks
2004-03-10Patch by Seth W. Klein, the -l switch was reversedGlenn L McGrath
2004-03-08Fix broken sort order flags.Manuel Novoa III
2004-03-06Fix/eliminate use of atolEric Andersen
2004-03-06Patch from Matt Kraai to fix debian bug number 231994.Glenn L McGrath
There was an extra blank line preceding the first directory.
2004-03-05Close bracket in description from Peter Willis's eject appletGlenn L McGrath
2004-02-22Return 1 upon failureGlenn L McGrath
2004-02-21Use return instead of exit, use == instead of & ==, left justify labels,Glenn L McGrath
adjustment of whitespace.
2004-02-17Add the -r option, patch from Rob with some help from myself.Glenn L McGrath
2004-02-17Woops, im getting ahead of myself, we dont have the -r (refernece)Glenn L McGrath
option yet
2004-02-17define option names to be clearer, simplify nested if statements, removeGlenn L McGrath
un-needed if statement, minor indenting change
2004-02-05Vladimir N. Oleynik writes:Eric Andersen
Hi, Glenn. Current CVS "ls" applet have small problem: some options ignoring. Last patch attached ;-) --w vodz
2004-02-04Jean Wolter writes:Eric Andersen
Hello, when calling seq with seq 1 1 it generates an "endless" list of numbers until the counter wraps and reaches 1 again. The follwoing small patch should introduce the expected behavior (output of 1 and termination): regards, Jean
2004-02-01Use bb_xstrdup() instead of strdup().Manuel Novoa III
2004-01-30Avoid symbol naming conflict with libmEric Andersen
2004-01-27New applet, seq. No options, just the basics.Glenn L McGrath
2004-01-27Align using spaces to furthurest character and then one tab, now theyGlenn L McGrath
should always be aligned.
2004-01-26Pascal Brisset writes:Eric Andersen
uuencode fails to encode binary data because it right-shifts bytes as signed chars and keeps the duplicated sign bits. The original base64_encode() from wget/http.c is broken as well, but it is only used to encode ascii data. -- Pascal
2004-01-25Be stricter when converting strings to integers. Should fix the problemManuel Novoa III
reported by Rob.
2004-01-25Add the -r option as a synonym of -RGlenn L McGrath
2004-01-23Enable long options, adds 150 bytes.Glenn L McGrath
2004-01-23Check valid options were givenGlenn L McGrath
2004-01-23Dont change ownership unless we created the directory.Glenn L McGrath
2004-01-23Remove unneeded conditions and logic, fix bug where ownership didntGlenn L McGrath
change. Dont use bb_make_directory it doesnt have the features, and its ugly to work around it.
2004-01-18Fix a bug where `ls -le` would print the time twice.Glenn L McGrath
2004-01-18Use bb_getopt_ulflags, save 200-300 bytesGlenn L McGrath
2004-01-08Patch from Bastian Blank to fix debian bug #226722, test case: Glenn L McGrath
mkdir foo touch foo/bar ln -s bar foo/baz
2003-12-31Batch from Bastian Blank to fix debian bug #216435;Glenn L McGrath
When linking a non existing file busybox ln will report the target missind and not the source:
2003-12-08Bring usage upto date, patch by Steven ScholzGlenn L McGrath
2003-11-27Fix a bug, ignore the source path when installing to a directory.Glenn L McGrath
We may be installing symlinks, so use lstat/lchown. Make use of bb_getopt_ulflags and cp_mv_stat2, save 100 bytes.