Age | Commit message (Collapse) | Author |
|
find_pid_by_name() was returning 0 or -1 in last array element,
but -1 was never checked. We can use just 0 intead.
|
|
|
|
|
|
things like xasprintf() into xfuncs.c, remove xprint_file_by_name() (it only
had one user), clean up lots of #includes... General cleanup pass. What I've
been doing for the last couple days.
And it conflicts! I've removed httpd.c from this checkin due to somebody else
touching that file. It builds for me. I have to catch a bus. (Now you know
why I'm looking forward to Mercurial.)
|
|
|
|
|
|
|
|
|
|
- use shorter boilerplate while at it
|
|
|
|
text data bss dec hex filename
889445 9392 1035784 1934621 1d851d busybox.gcc-4.2.orig
889297 9392 1035784 1934473 1d8489 busybox.gcc-4.2
889009 9820 1037860 1936689 1d8d31 busybox.gcc-4.1.orig
888817 9820 1037860 1936497 1d8c71 busybox.gcc-4.1
|
|
definitions. (That should only be on prototypes.)
|
|
|
|
|
|
my_getpwnam -> bb_xgetpwnam /* dies on error */
my_getgrnam -> bb_xgetgrnam /* dies on error */
my_getgrgid -> bb_getgrgid
my_getpwuid -> bb_getpwuid
my_getug -> bb_getug
|
|
|
|
|
|
|
|
Hi,
I've spent the half night staring at the devilish my_getpwuid and my_getgrgid functions
trying to find out a way to avoid actual and future potential buffer overflow problems
without breaking existing code.
Finally I've found a not intrusive way to do this that surely doesn't break existing code
and fixes a couple of problems too.
The attached patch:
1) changes the behaviour of my_getpwuid and my_getgrgid to avoid potetntial buffer overflows
2) fixes all occurences of this function calls in tar.c , id.c , ls.c, whoami.c, logger.c, libbb.h.
3) The behaviour of tar, ls and logger is unchanged.
4) The behavior of ps with somewhat longer usernames messing up output is fixed.
5) The only bigger change was the increasing of size of the buffers in id.c to avoid
false negatives (unknown user: xxxxxx) with usernames longer than 8 chars.
The value i used ( 32 chars ) was taken from the tar header ( see gname and uname).
Maybe this buffers can be reduced a bit ( to 16 or whatever ), this is up to you.
6) The increase of size of the binary is not so dramatic:
size busybox
text data bss dec hex filename
239568 2300 36816 278684 4409c busybox
size busybox_fixed
text data bss dec hex filename
239616 2300 36816 278732 440cc busybox
7) The behaviour of whoami changed:
actually it prints out an username cut down to the size of the buffer.
This could be fixed by increasing the size of the buffer as in id.c or
avoid the use of my_getpwuid and use getpwuid directly instead.
Maybe this colud be also remain unchanged......
Please apply if you think it is ok to do so.
The diff applies on today's cvs tarball (2004-08-25).
Thanks in advance,
Ciao,
Tito
|
|
|
|
does not provide PAGE_SHIFT for userland (because now mips-linux kernel
supports PAGESIZE other than 4K).
|
|
|
|
|
|
|
|
I've attached my latest SE Linux patch for busybox against the latest CVS
version of busybox.
|
|
|
|
|
|
maintaining it anymore, and it is now terribly out of date.
-Erik
|
|
|
|
Oleynik
|
|
|
|
code into libbb so it can be shared by ps, top, etc, saving over 1.5k.
|