summaryrefslogtreecommitdiff
path: root/libbb
AgeCommit message (Collapse)Author
2004-08-26Tito writes:Eric Andersen
Hi, I've spent the half night staring at the devilish my_getpwuid and my_getgrgid functions trying to find out a way to avoid actual and future potential buffer overflow problems without breaking existing code. Finally I've found a not intrusive way to do this that surely doesn't break existing code and fixes a couple of problems too. The attached patch: 1) changes the behaviour of my_getpwuid and my_getgrgid to avoid potetntial buffer overflows 2) fixes all occurences of this function calls in tar.c , id.c , ls.c, whoami.c, logger.c, libbb.h. 3) The behaviour of tar, ls and logger is unchanged. 4) The behavior of ps with somewhat longer usernames messing up output is fixed. 5) The only bigger change was the increasing of size of the buffers in id.c to avoid false negatives (unknown user: xxxxxx) with usernames longer than 8 chars. The value i used ( 32 chars ) was taken from the tar header ( see gname and uname). Maybe this buffers can be reduced a bit ( to 16 or whatever ), this is up to you. 6) The increase of size of the binary is not so dramatic: size busybox text data bss dec hex filename 239568 2300 36816 278684 4409c busybox size busybox_fixed text data bss dec hex filename 239616 2300 36816 278732 440cc busybox 7) The behaviour of whoami changed: actually it prints out an username cut down to the size of the buffer. This could be fixed by increasing the size of the buffer as in id.c or avoid the use of my_getpwuid and use getpwuid directly instead. Maybe this colud be also remain unchanged...... Please apply if you think it is ok to do so. The diff applies on today's cvs tarball (2004-08-25). Thanks in advance, Ciao, Tito
2004-08-26Felipe Kellermann writes:Eric Andersen
Unfortunatelly I've not followed the last two or three weeks commits (new semester started and so now I rarely have time to fix my personal bridge) but tonight I synched my tree and immediately noticed a rather nasty bug! [Using libbb/interface.c:1.24] # grep eth0 /proc/net/dev | xargs eth0:311708397 237346 1670 0 1789 1670 0 0 22580308 120297 0 0 0 102 0 0 # ifconfig eth0 eth0 Link encap:Ethernet HWaddr 00:20:AF:7C:EA:B7 inet addr:10.0.0.1 Bcast:10.0.0.127 Mask:255.255.255.128 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) Interrupt:5 Base address:0x320 All values `ifconfig' is showing are `zeroed' -- I quickly looked at the last commits I missed and noticed that there were a commit relating to ifconfig, libbb/interface.c:1.23->1.24 (PatchSet 4338). I've reversed the patch and now everything is working again. I compared the get_name's return values from the 1.23 and 1.24 and quickly noticed that the new revision is leaving `p' right on the sep while the rev 1.23 was leaving it right on the starting of the values... 1-line, 1/3-minute patch attached :-)
2004-08-16Use __kernel_old_dev_t for 2.6.x kernelsEric Andersen
2004-08-16Aurelien Jacobs writes:Eric Andersen
with a quick conversion you will see that 132608 == 0x20600 so noticed that the elif will never be matched ! Apparently there was already a try to modify this in CVS which was reverted (it was plain wrong). I don't know when __kernel_old_dev_t is needed, but with a 2.6.7 or a 2.6.8 this is __kernel_dev_t wich is needed. I corrected this with the following patch but maybe older 2.6 still need __kernel_old_dev_t ? I think this should be corrected before 1.0. Thanks Aurel
2004-08-12Patch from solar to fix problems with get_name()Eric Andersen
2004-08-11Patch from Tito to fix memory leak upon error.Glenn L McGrath
2004-08-03Tito, farmatito at tiscali dot it writes:Eric Andersen
Hi to all, This patch is useful for: 1) remove an unused var from extern char *find_real_root_device_name(const char* name) changing it to extern char *find_real_root_device_name(void). 2) fixes include/libbb.h, coreutils/df.c, util-linux/mount.c and util-linux/umount.c accordingly. 3) fixes a bug, really a false positive, in find_real_root_device_name() that happens if in the /dev directory exists a link named root (/dev/root) that should be skipped but is not. This affects applets like df that display wrong results
2004-07-29Clean up hex escape support.Manuel Novoa III
2004-07-27Felipe Kellermann noticed a missing `break'.Eric Andersen
2004-07-26bother. unrevert my fix.Eric Andersen
2004-07-26Allow hex escape sequencesEric Andersen
2004-07-26Allow hex escape sequencesEric Andersen
2004-07-23Fix for a bug identied by Harald Kuthe, when using many interfaces (29 Glenn L McGrath
in this case) the order was incorrect and there were duplicate entries.
2004-07-23Patch from Felipe Kellermann, "There is a call to printf using `*pr-cchar'Glenn L McGrath
referencing a string and using a single char, when *p <= 0x1f."
2004-06-25Revert my previous commitGlenn L McGrath
2004-06-25Fix compile error under 2.6, check for newer versions first or all theGlenn L McGrath
checks wont be considered.
2004-06-22Patch from Bastian Blank:Eric Andersen
On Sat, Jun 19, 2004 at 10:57:37PM +0200, Bastian Blank wrote: > The following patch changes klogd to use openlog/syslog themself > instead of calling syslog_msg which always calls the triple > openlog/syslog/closelog. Updated patch: get rid of syslog_msg entirely. Request from Erik Andersen. Bastian
2004-05-02Add part of a patch from Vernon Sauder that i missed a while backGlenn L McGrath
2004-05-01Do not use getpass(3)Eric Andersen
2004-04-19Dont try and preserve hard links to directories.Glenn L McGrath
The linux kernel doesnt allow hard links to directories, SUS says its implementation specific. cramfs gives empty directories and 0 length files the same node it makies it difficult to distinguish from hard links.
2004-04-14remove a warningEric Andersen
2004-04-14Larry Doolittle writes:Eric Andersen
This is a bulk spelling fix patch against busybox-1.00-pre10. If anyone gets a corrupted copy (and cares), let me know and I will make alternate arrangements. Erik - please apply. Authors - please check that I didn't corrupt any meaning. Package importers - see if any of these changes should be passed to the upstream authors. I glossed over lots of sloppy capitalizations, missing apostrophes, mixed American/British spellings, and German-style compound words. What is "pretect redefined for test" in cmdedit.c? Good luck on the 1.00 release! - Larry
2004-04-07Vladimir N. Oleynik writes:Eric Andersen
Hi. Last changes (rev 1.12) to recursive_actions() by Christian Grigis have problem. Test for demonstrate: $ mkdir aaa bbb ccc $ su # chown root bbb # chmod 700 bbb # exit $ busybox chmod 777 -R . ./bbb: Permision denied But "./ccc" mode not changed. Previous variant works fine, errors skiped and continued recursion. --w vodz
2004-04-06Christian Grigis, christian.grigis at smartdata dot ch writes:Eric Andersen
Hello everyone, Busybox's insmod fails to locate a module when that module is the only one existing in the /lib/modules directory (with a unique name). Example: # find /lib/modules/ -type f /lib/modules/kernel/drivers/char/bios.o # insmod bios insmod: bios.o: no module by that name found # touch /lib/modules/dummy # find /lib/modules/ -type f /lib/modules/kernel/drivers/char/bios.o /lib/modules/dummy # insmod bios Using /lib/modules/kernel/drivers/char/bios.o As long as there is another file in the /lib/modules directory, insmod finds it OK. I tracked the problem down to 'check_module_name_match()' in insmod.c: It returns TRUE when a match is found, and FALSE otherwise. In the case where there is only one module in the /lib/modules directory (or more that one module, but all with the same name), 'recursive_action()' will return TRUE and we end up on line 4196 in 'insmod.c' which returns an error. [The reason it works with more than one module with different names is that in this case there will always be one not matching, 'recursive_action()' will return FALSE and we end up in line 4189.] Now, from the implementation of 'recursive_action()' and from other usages of it (tar.c, etc.), it seems to me that FALSE should be returned to indicate that we want to stop the recursion, so TRUE and FALSE should be inverted in 'check_module_name_match()'. At the same time, 'recursive_action()' continues to recurse even after the recursive call has returned FALSE; again in my understanding and other usages of it, we can safely stop recursing at this point. Here is my patch against 1.00-pre8:
2004-03-27Add missing include filesEric Andersen
2004-03-27s/fileno\(stdin\)/STDIN_FILENO/gEric Andersen
s/fileno\(stdout\)/STDOUT_FILENO/g
2004-03-23Brian Pomerantz writes:Eric Andersen
I've noticed a bug in the "autowidth" feature more, and is probably in others. The call to the function get_terminal_width_height() passes in a file descriptor but that file descriptor is never used, instead the ioctl() is called with 0. In more_main() the call to get_terminal_width_height() passes 0 as the file descriptor instead of fileno(cin). This isn't a problem when you more a file (e.g. "more /etc/passwd") but when you pipe a file to it (e.g. "cat /etc/passwd | more") the size of the terminal cannot be determined because file descriptor 0 is not a terminal. The fix is simple, I've attached a patch for more.c and get_terminal_width_height.c. BAPper
2004-03-15Remove trailing whitespace. Update copyright to include 2004.Eric Andersen
2004-03-10In spite of the feature freeze, check in a complete rework of route whichManuel Novoa III
fixes some bugs, adds some error checking, and removes _lots_ of bloat. Text size on i386... old new ipv6 5425 3523 no ipv6 3143 2193
2004-03-08My bug. :-(Manuel Novoa III
2004-03-06Fix/eliminate use of atolEric Andersen
2004-03-06Don't build these support functions for uClibc, as it always suppliesManuel Novoa III
versions.
2004-03-05Patch from Vernon Sauder.Glenn L McGrath
The off_t type is not a consistent size; it depends on the kernel options (something about large file support). Therefore, the format string for printing an address is not always the same.
2004-02-23bb_full_fd_action was incorrectly returning an error message causingGlenn L McGrath
major breaking.
2004-02-22For the time being, revert the changes for detecting copyingEric Andersen
a directory into itself. It is harder to do this correctly than it appears. Not trying at all seems a better compromise for the time being, untill we can implement this correctly.
2004-02-21Sometimes i get carried away with the use of function pointers, im sureGlenn L McGrath
it seemed like a good idea at the time.
2004-02-19Chris Larson (kergoth) writes:Eric Andersen
As Manuel points out, this is a flawed fix, and doesnt fix the following: mkdir -p cpa cpb cpc cp -a cpa cpa/cpb/cpc Attached what appears to be a more sane fix. Apply on top of previous. Please confirm sanity.
2004-02-19Chris Larson (kergoth) writes:Eric Andersen
I was adding -s/--symbolic-link support to busybox cp when I noticed a bug with -r/-a. Test case: mkdir -p test/out cd test busybox cp -a * out/ Will never return until we run out of open files or similar. Coreutils cp on the other hand will error with "cannot copy a directory, `out', into itself, `out'". Patch attached.
2004-02-13Accomodate the fact that newer libc versions may in fact notEric Andersen
contain query_module and friends and more
2004-02-06Make the loop support stuff be much less evil, and make it copeEric Andersen
with 2.6.x asm/posix_types.h, which has done singularly evil thing by yanking __kernel_dev_t and renaming it. The loop interface was really poorly designed in the first place. The new 64 bit loop interface looks to be somewhat less horrible, too bad it is only present in 2.6.x kernels. -Erik
2004-02-05Vladimir N. Oleynik writes:Eric Andersen
Ok. I found my mistake :( The trivial patch attached. --w vodz
2004-02-04The variable 'complementaly' used to be allocated with calloc, which zeroed itEric Andersen
out during the allocation process. When vodz changed it to be allocated on the stack, he forgot to explicitly zero it, leaving its value filled with whatever used to be sitting on the stack. It would garbage values, depending on the garbage that happened to be sitting on the stack when the function was called. The result was that applets using bb_getopt_ulflags() were showing unpredictable behavior (such as segfaults), which naturally broke many things.
2004-01-30s/u_int/unsigned int/gEric Andersen
s/u_short/unsigned short/g
2004-01-30Use proper C99 types throughout. So not use silly typedefs.Eric Andersen
2004-01-30Support new uClibc stdio core.Manuel Novoa III
2004-01-29Apply a couple of optimizationsEric Andersen
2004-01-27Teach busybox ps to get the correct uid when displaying stuffEric Andersen
2004-01-22Vodz, last_patch_123, patch have new version getopt_ulflags.Glenn L McGrath
- size reduced 34 bytes - don`t use dynamic memory allocation - small indent correction.
2004-01-21Patch from Atsushi Nemoto, recent MIPS kernel headersGlenn L McGrath
does not provide PAGE_SHIFT for userland (because now mips-linux kernel supports PAGESIZE other than 4K).
2004-01-17Modify bb_lookup_port to allow the protocol to be specified, allowingGlenn L McGrath
/etc/services support for inetd, netcat and tftp.