aboutsummaryrefslogtreecommitdiff
path: root/include
AgeCommit message (Collapse)Author
2004-08-26Tito writes:Eric Andersen
Hi, I've spent the half night staring at the devilish my_getpwuid and my_getgrgid functions trying to find out a way to avoid actual and future potential buffer overflow problems without breaking existing code. Finally I've found a not intrusive way to do this that surely doesn't break existing code and fixes a couple of problems too. The attached patch: 1) changes the behaviour of my_getpwuid and my_getgrgid to avoid potetntial buffer overflows 2) fixes all occurences of this function calls in tar.c , id.c , ls.c, whoami.c, logger.c, libbb.h. 3) The behaviour of tar, ls and logger is unchanged. 4) The behavior of ps with somewhat longer usernames messing up output is fixed. 5) The only bigger change was the increasing of size of the buffers in id.c to avoid false negatives (unknown user: xxxxxx) with usernames longer than 8 chars. The value i used ( 32 chars ) was taken from the tar header ( see gname and uname). Maybe this buffers can be reduced a bit ( to 16 or whatever ), this is up to you. 6) The increase of size of the binary is not so dramatic: size busybox text data bss dec hex filename 239568 2300 36816 278684 4409c busybox size busybox_fixed text data bss dec hex filename 239616 2300 36816 278732 440cc busybox 7) The behaviour of whoami changed: actually it prints out an username cut down to the size of the buffer. This could be fixed by increasing the size of the buffer as in id.c or avoid the use of my_getpwuid and use getpwuid directly instead. Maybe this colud be also remain unchanged...... Please apply if you think it is ok to do so. The diff applies on today's cvs tarball (2004-08-25). Thanks in advance, Ciao, Tito
2004-08-19Patch from Tito documenting the '-q' optionEric Andersen
2004-08-18Fixup 'dc' usageEric Andersen
2004-08-03Tito, farmatito at tiscali dot it writes:Eric Andersen
Hi to all, This patch is useful for: 1) remove an unused var from extern char *find_real_root_device_name(const char* name) changing it to extern char *find_real_root_device_name(void). 2) fixes include/libbb.h, coreutils/df.c, util-linux/mount.c and util-linux/umount.c accordingly. 3) fixes a bug, really a false positive, in find_real_root_device_name() that happens if in the /dev directory exists a link named root (/dev/root) that should be skipped but is not. This affects applets like df that display wrong results
2004-07-23Patch from Felipe Kellermann, fixup usage for pidof, poweroff, remove Glenn L McGrath
some trailing '\n'
2004-07-23Patch from Felipe Kellermann, fixup usage for halt commandGlenn L McGrath
2004-07-23iUpdate reboot usage, patch by Felipe KellermannGlenn L McGrath
2004-07-23Patch from Felipe Kellermann to fix some typo'sGlenn L McGrath
2004-07-21Patch from Tito, ass usage for strings -a optionsGlenn L McGrath
2004-07-15Replace the old and somewhat buggy pwd_grp stuff with the shinyEric Andersen
new stuff mjn3 wrote for uClibc
2004-06-22Patch from Bastian Blank:Eric Andersen
On Sat, Jun 19, 2004 at 10:57:37PM +0200, Bastian Blank wrote: > The following patch changes klogd to use openlog/syslog themself > instead of calling syslog_msg which always calls the triple > openlog/syslog/closelog. Updated patch: get rid of syslog_msg entirely. Request from Erik Andersen. Bastian
2004-06-22Patch from Bastian Blank:Eric Andersen
The updated patch adds a config option to explicitely enable 64 bit arithmetic. Also it removes the arith prototype from libbb.h as it is not used outside of ash. Bastian this patch has been slightly modified by Erik for cleanliness.
2004-06-05Woops, the previous commit was an accident, its supplied in the patch,Glenn L McGrath
dont commit yet as we are in feature freeze
2004-06-05Device table support for makedevs, the previous behaviour can beenGlenn L McGrath
selected at configure time.
2004-05-26Ahem. ("I'm just tweaking a documentation string, I don't need to compileRob Landley
test it before checking in..." New entry for famous last words list.) Add the missing backslash at the end of the new sed doc string line. (This one actually compiled with "show verbose applet usage messages"...)
2004-05-26Update sed help. (Add -r option to long help, add -i option to brief help,Rob Landley
and alphabetizie the option list.)
2004-05-26As discussed, drop minit, which was not being supported in busybox.Eric Andersen
People wishing to use minit can obtain it and obtain support from http://www.fefe.de/minit/
2004-05-02Update dpkg-deb usage to match current practicesGlenn L McGrath
2004-05-01Do not use getpass(3)Eric Andersen
2004-04-14Steven Scholz writes:Eric Andersen
Hi there, the "-h" option of httpd is not described in the usage text. Please find the attached patch. Thanks. Steven
2004-04-14Larry Doolittle writes:Eric Andersen
This is a bulk spelling fix patch against busybox-1.00-pre10. If anyone gets a corrupted copy (and cares), let me know and I will make alternate arrangements. Erik - please apply. Authors - please check that I didn't corrupt any meaning. Package importers - see if any of these changes should be passed to the upstream authors. I glossed over lots of sloppy capitalizations, missing apostrophes, mixed American/British spellings, and German-style compound words. What is "pretect redefined for test" in cmdedit.c? Good luck on the 1.00 release! - Larry
2004-04-13Fix incorrect ipcalc usage textEric Andersen
2004-04-13Fix several problems with start-stop-daemon, add -m supportEric Andersen
2004-04-12Patch from Rob Landley to fix sed documentation.Eric Andersen
The -i option was not documented, and in genereal the formatting was a bit ugly.
2004-04-07Document insmod -oEric Andersen
2004-04-06Yet more doc updatesEric Andersen
2004-04-06Yet more doc cleanups. Many thanks to Robert P. J. Day forEric Andersen
kindly reviewing the existing docs and providing helpful feedback.
2004-04-06Seem not many people are using 'ipaddr' since it hasEric Andersen
never worked.... Most people use 'ip addr foo' I suppose.
2004-04-06yet-more doc updates and cleanupsEric Andersen
2004-03-29As noted by Martin Schwenke, the example for find was wrongEric Andersen
2004-03-27Yet more doc cleanupsEric Andersen
2004-03-15Remove trailing whitespace. Update copyright to include 2004.Eric Andersen
2004-03-13Update docs for start_stop_daemon to match reality. UpdateEric Andersen
the reality a bit to better match debian behavior.
2004-03-12Add prototypes for safe_strtol and friendsEric Andersen
2004-03-12Fix awk entry, which was not showing up in BusyBox.txt for some reasonEric Andersen
2004-03-10In spite of the feature freeze, check in a complete rework of route whichManuel Novoa III
fixes some bugs, adds some error checking, and removes _lots_ of bloat. Text size on i386... old new ipv6 5425 3523 no ipv6 3143 2193
2004-03-09Note that /proc must be mounted for filesystem type autodetectionEric Andersen
to work. Without /proc mounted, one must explicitly specify the type of every filesystem being mounted.
2004-03-06Woops, how did that get in thereGlenn L McGrath
2004-02-25Patch from Denis Dowling to fix a ocuple of usage entriesGlenn L McGrath
2004-02-22Fernando Silveira writes:Eric Andersen
Hi, Well, I made this patch a long time ago (08/2002) because it was a need of a project, but had no time to send it to you. It adds support to `autologin' option of the telnet protocol. It has been used since made with busybox 0.60.3 at production and I had no problems with it. I have ported it to the HEAD revision of the CVS server (20040211) and I hope you enjoy and apply it to the official sources. :) Thanks a lot!
2004-02-22Update usage for ftpget and ftpputGlenn L McGrath
2004-02-21Sometimes i get carried away with the use of function pointers, im sureGlenn L McGrath
it seemed like a good idea at the time.
2004-02-20Document missing cp optionsEric Andersen
2004-02-05Make sure stdlib.h is always included before dmalloc.h to avoid problemsManuel Novoa III
parsing problems.
2004-01-27New applet, seq. No options, just the basics.Glenn L McGrath
2004-01-17Modify bb_lookup_port to allow the protocol to be specified, allowingGlenn L McGrath
/etc/services support for inetd, netcat and tftp.
2004-01-15Patch by Tito, reduce size of deallocvt, also make the usage messageGlenn L McGrath
clearer (from N to [N]) and indirectly (through bb_xgetlarg) adds support for -h ;-)
2004-01-13Patch from Bastian Blank, allow the buildtime to be overriden with aGlenn L McGrath
different string, used by the debian busybox-cvs to specify the debian date based version number.
2003-12-28Update example slightlyEric Andersen
2003-12-28ws, show date setting formatTim Riker