aboutsummaryrefslogtreecommitdiff
path: root/archival/tar.c
AgeCommit message (Collapse)Author
2004-08-26Tito writes:Eric Andersen
Hi, I've spent the half night staring at the devilish my_getpwuid and my_getgrgid functions trying to find out a way to avoid actual and future potential buffer overflow problems without breaking existing code. Finally I've found a not intrusive way to do this that surely doesn't break existing code and fixes a couple of problems too. The attached patch: 1) changes the behaviour of my_getpwuid and my_getgrgid to avoid potetntial buffer overflows 2) fixes all occurences of this function calls in tar.c , id.c , ls.c, whoami.c, logger.c, libbb.h. 3) The behaviour of tar, ls and logger is unchanged. 4) The behavior of ps with somewhat longer usernames messing up output is fixed. 5) The only bigger change was the increasing of size of the buffers in id.c to avoid false negatives (unknown user: xxxxxx) with usernames longer than 8 chars. The value i used ( 32 chars ) was taken from the tar header ( see gname and uname). Maybe this buffers can be reduced a bit ( to 16 or whatever ), this is up to you. 6) The increase of size of the binary is not so dramatic: size busybox text data bss dec hex filename 239568 2300 36816 278684 4409c busybox size busybox_fixed text data bss dec hex filename 239616 2300 36816 278732 440cc busybox 7) The behaviour of whoami changed: actually it prints out an username cut down to the size of the buffer. This could be fixed by increasing the size of the buffer as in id.c or avoid the use of my_getpwuid and use getpwuid directly instead. Maybe this colud be also remain unchanged...... Please apply if you think it is ok to do so. The diff applies on today's cvs tarball (2004-08-25). Thanks in advance, Ciao, Tito
2004-07-26BusyBox has no business hard coding the number of major and minor bits for aEric Andersen
dev_t. This is especially important now that the user space concept of a dev_t and the kernel concept of a dev_t are divergant. The only bit of user space allowed to know the number of major and minor bits is include/sys/sysmacros.h (i.e. part of libc). When used with a current C library and a 2.6.x kernel, this fix should allow BusyBox to support wide device major/minor numbers. -Erik
2004-07-21Fixup -T (--files-from) option, works for non-directories nowGlenn L McGrath
2004-05-05Steve Grubb writes:Eric Andersen
Hello, I found and patched 2 more bugs. The first is a misplaced semi-colon. The second one is a buffer overflow. I doubt the buffer overflow is triggered in real life. But you never know what those wily hackers are up to. Thanks, Steve Grubb
2004-04-25Update my email address, document some of my tasks in the AUTHORS fileGlenn L McGrath
2004-04-14Larry Doolittle writes:Eric Andersen
This is a bulk spelling fix patch against busybox-1.00-pre10. If anyone gets a corrupted copy (and cares), let me know and I will make alternate arrangements. Erik - please apply. Authors - please check that I didn't corrupt any meaning. Package importers - see if any of these changes should be passed to the upstream authors. I glossed over lots of sloppy capitalizations, missing apostrophes, mixed American/British spellings, and German-style compound words. What is "pretect redefined for test" in cmdedit.c? Good luck on the 1.00 release! - Larry
2004-03-27s/fileno\(stdin\)/STDIN_FILENO/gEric Andersen
s/fileno\(stdout\)/STDOUT_FILENO/g
2004-03-15Remove trailing whitespace. Update copyright to include 2004.Eric Andersen
2004-01-25Add the -h, --dereference option for archive creation.Glenn L McGrath
2003-12-26Isolate code better for unused options, config option to enable longGlenn L McGrath
options, add some conditions to the tar tests in testsuite.
2003-11-21As we no longer use function pointers for read in common archiving codeGlenn L McGrath
archive_xread can be replaced with bb_full_read, and archive_copy_file with bb_copyfd* bb_copyfd is split into two functions bb_copyfd_size and bb_copyfd_eof, they share a common backend.
2003-11-20Fix tar-handles-nested-exclude testcaseGlenn L McGrath
2003-11-20Check at least one context is specifiedGlenn L McGrath
2003-11-20Check there are files to add the archive before removing a specifiedGlenn L McGrath
tar file.
2003-11-18tar -Z, uncompress supportGlenn L McGrath
2003-11-18Make unlink old files default behaviour and add a new option -k toGlenn L McGrath
prevent overwritting existing files
2003-11-14Catch unsupported featuresGlenn L McGrath
2003-10-02Fix -C option when creating tar files.Glenn L McGrath
Need to chdir after the tar file is opened, so make common tar filename parsing and send the file descriptor rather than filename to writeTarFile. Modify the verboseFlag operation to determine wether to display on stderr or stdout at display time, simpler than doing it in tar_main.
2003-07-14Update a bunch of docs. Run a script to update my email addr.Eric Andersen
2003-07-05Be certain to not abort prematurely when reading stuff from pipes.Eric Andersen
2003-07-05As noted by Thomas Eckert:Eric Andersen
bb-tar "cjf" does not create a valid tbz2-archive -- if fact the result is a plain tar-file (no compression) -- but does not warn about the unrecognized parameter combination "cj" (bb does not have bzip2-compression yet, right?). to fix this I have added an error message stating this does not work. He also reported cosmetic: versose "-v" does not show any output when used with "create" which I have now fixed as well. -Erik
2003-07-05Glenn McGrath (bug1) isaway from my email till the 17th, but caught me on IRC.Eric Andersen
He took a look into the recent reports of tar problems, and found an obvious typo in last_patch91 from vodz which converted tar to use bb_getopt_ulflags.
2003-06-26last_patch91 from vodz to convert tar to use bb_getopt_ulflagsEric Andersen
2003-05-18Handle -O preceding -x.Matt Kraai
2003-04-26Always preserve dateGlenn L McGrath
2003-04-21unlink() an existing file, before opening it, simply truncating canGlenn L McGrath
cause nasty problems if overwriting glibc, spotted by waldi.
2003-03-19Major coreutils update.Manuel Novoa III
2002-12-08Move add_to_list from libunarchive to libbb so it can be of more general use ↵Glenn L McGrath
(eg ifupdown). Changed the name to llist_add_to as i plan on adding more llist_ functions as needed (e.g. llist_free).
2002-11-27Check that one and only one of the [cxt] options is givenGlenn L McGrath
2002-11-25Use vfork instead of fork, some more cleanup from Vladimir N. OleynikGlenn L McGrath
2002-11-16Remove #defines around get_header_ptr, we allways need it.Glenn L McGrath
2002-11-15Dont chdir untill after we open the archiveGlenn L McGrath
2002-11-13Minor cleanupsGlenn L McGrath
2002-11-08Fix reading from stdin (me), Fix tar segfault when no arguments specified ↵Glenn L McGrath
(Geoffrey Lee)
2002-11-05Fail silently if a partial tar header is read as tar.bz2 is leaving trailing ↵Glenn L McGrath
junk (not sure why), add some missing files
2002-11-03Abstract read and seek in unarchiving code, convert bunzip to file ↵Glenn L McGrath
descriptors, support tar -j
2002-10-26A bugfix from Danny Lepage:Eric Andersen
It seems that under busybox unstable, "tar -c -f - blabla" create a tar file named "-" instead of writing to stdout. The included patch should fix this.
2002-10-19Fix exclude/include problemGlenn L McGrath
2002-10-19Remove entries from the accept list as they are matched so we can determine ↵Glenn L McGrath
if any files that were specified in the list wernt found.
2002-10-19Dont use absolute pathname (dunno why i did that), fix tar filename/stdin ↵Glenn L McGrath
problems
2002-10-18Put bac kthe code that handles cases where a '-' wasnt specified prior to ↵Glenn L McGrath
the options.
2002-10-10last_patch61 from vodz:Eric Andersen
New complex patch for decrease size devel version. Requires previous patch. Also removed small problems from dutmp and tar applets. Also includes vodz' last_patch61_2: Last patch correcting comment for #endif and more integrated with libbb (very reduce size if used "cat" applet also). Requires last_patch61 for modutils/config.in.
2002-10-06Fix segfault when testing if reaidng from stdin "-"Glenn L McGrath
2002-09-30Vodz' last_patch57:Eric Andersen
Hi, Erik. my_getpw(uid/gid) and applets used it have problem: if username for uid not found, applets can`t detect it (but code pessent). Also "%8ld " format is bad: spaces not required (applets have self format or spec format (tar applet) and overflow for "id" applet...) This problem also pressent in stable version. Patch for unstable in attach. --w vodz
2002-09-28Fix for using '-' as the filename when reading from stdinGlenn L McGrath
2002-09-25New common unarchive code.Glenn L McGrath
2002-08-22Run through indent, use /* */ style comments, change extern to staticGlenn L McGrath
2002-08-21Tar inlining, #if 0 out unused functionAaron Lehmann
2002-07-23Added tar -cz support (creating gzipped tar files without a gzip pipe)Robert Griebl
2002-04-13Update some missing copyright noticesEric Andersen