CVS commit: src/libexec/ftpd
Module Name:src Committed By: shm Date: Sat Sep 30 18:10:55 UTC 2023 Modified Files: src/libexec/ftpd: version.h Log Message: NetBSD-ftpd 20230930 Update version to "NetBSD-ftpd 20230930" for changes: - fix uninitialized memory usage in count_users() - fix pam_set_item call with proper struct passed as PAM_SOCKADDR To generate a diff of this commit: cvs rdiff -u -r1.79 -r1.80 src/libexec/ftpd/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/ftpd/version.h diff -u src/libexec/ftpd/version.h:1.79 src/libexec/ftpd/version.h:1.80 --- src/libexec/ftpd/version.h:1.79 Fri Sep 22 21:57:55 2023 +++ src/libexec/ftpd/version.h Sat Sep 30 18:10:55 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: version.h,v 1.79 2023/09/22 21:57:55 lukem Exp $ */ +/* $NetBSD: version.h,v 1.80 2023/09/30 18:10:55 shm Exp $ */ /*- * Copyright (c) 1999-2023 The NetBSD Foundation, Inc. * All rights reserved. @@ -29,5 +29,5 @@ */ #ifndef FTPD_VERSION -#define FTPD_VERSION "NetBSD-ftpd 20230922" +#define FTPD_VERSION "NetBSD-ftpd 20230930" #endif
CVS commit: src/libexec/ftpd
Module Name:src Committed By: shm Date: Sat Sep 30 18:10:55 UTC 2023 Modified Files: src/libexec/ftpd: version.h Log Message: NetBSD-ftpd 20230930 Update version to "NetBSD-ftpd 20230930" for changes: - fix uninitialized memory usage in count_users() - fix pam_set_item call with proper struct passed as PAM_SOCKADDR To generate a diff of this commit: cvs rdiff -u -r1.79 -r1.80 src/libexec/ftpd/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/ftpd
Module Name:src Committed By: shm Date: Sat Sep 30 18:06:24 UTC 2023 Modified Files: src/libexec/ftpd: ftpd.c Log Message: pam_set_item PAM_SOCKADDR expects sockaddr_storage structure Instead, internal struct sockinet was used. Because it's length is shorter than sockaddr_storage, libpam was copying also memory outside of sockinet struct. To generate a diff of this commit: cvs rdiff -u -r1.207 -r1.208 src/libexec/ftpd/ftpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/ftpd/ftpd.c diff -u src/libexec/ftpd/ftpd.c:1.207 src/libexec/ftpd/ftpd.c:1.208 --- src/libexec/ftpd/ftpd.c:1.207 Sat Sep 2 12:16:29 2023 +++ src/libexec/ftpd/ftpd.c Sat Sep 30 18:06:24 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: ftpd.c,v 1.207 2023/09/02 12:16:29 lukem Exp $ */ +/* $NetBSD: ftpd.c,v 1.208 2023/09/30 18:06:24 shm Exp $ */ /* * Copyright (c) 1997-2023 The NetBSD Foundation, Inc. @@ -97,7 +97,7 @@ __COPYRIGHT("@(#) Copyright (c) 1985, 19 #if 0 static char sccsid[] = "@(#)ftpd.c 8.5 (Berkeley) 4/28/95"; #else -__RCSID("$NetBSD: ftpd.c,v 1.207 2023/09/02 12:16:29 lukem Exp $"); +__RCSID("$NetBSD: ftpd.c,v 1.208 2023/09/30 18:06:24 shm Exp $"); #endif #endif /* not lint */ @@ -3896,6 +3896,7 @@ auth_pam(void) int e; ftpd_cred_t auth_cred = { curname, 0 }; struct pam_conv conv = { _conv, _cred }; + struct sockaddr_storage ss; e = pam_start("ftpd", curname, , ); if (e != PAM_SUCCESS) { @@ -3918,7 +3919,9 @@ auth_pam(void) return -1; } - e = pam_set_item(pamh, PAM_SOCKADDR, _addr); + memset(, 0, sizeof(ss)); + memcpy(, _addr.si_su, his_addr.su_len); + e = pam_set_item(pamh, PAM_SOCKADDR, ); if (e != PAM_SUCCESS) { syslog(LOG_ERR, "pam_set_item(PAM_SOCKADDR): %s", pam_strerror(pamh, e));
CVS commit: src/libexec/ftpd
Module Name:src Committed By: shm Date: Sat Sep 30 18:06:24 UTC 2023 Modified Files: src/libexec/ftpd: ftpd.c Log Message: pam_set_item PAM_SOCKADDR expects sockaddr_storage structure Instead, internal struct sockinet was used. Because it's length is shorter than sockaddr_storage, libpam was copying also memory outside of sockinet struct. To generate a diff of this commit: cvs rdiff -u -r1.207 -r1.208 src/libexec/ftpd/ftpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/ftpd
Module Name:src Committed By: shm Date: Fri Sep 29 14:49:03 UTC 2023 Modified Files: src/libexec/ftpd: conf.c Log Message: Fix uninitialized memory usage in count_users() If the file was previously empty, pids table is not set, the code however used pids[0] which is uninitialized in this case. In some scenarios it may lead to propagate garbage value from pids[0] to the file and cause writing outside of allocated memory. OK lukem@ To generate a diff of this commit: cvs rdiff -u -r1.64 -r1.65 src/libexec/ftpd/conf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/ftpd/conf.c diff -u src/libexec/ftpd/conf.c:1.64 src/libexec/ftpd/conf.c:1.65 --- src/libexec/ftpd/conf.c:1.64 Sun Nov 4 20:46:46 2012 +++ src/libexec/ftpd/conf.c Fri Sep 29 14:49:03 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: conf.c,v 1.64 2012/11/04 20:46:46 christos Exp $ */ +/* $NetBSD: conf.c,v 1.65 2023/09/29 14:49:03 shm Exp $ */ /*- * Copyright (c) 1997-2009 The NetBSD Foundation, Inc. @@ -31,7 +31,7 @@ #include #ifndef lint -__RCSID("$NetBSD: conf.c,v 1.64 2012/11/04 20:46:46 christos Exp $"); +__RCSID("$NetBSD: conf.c,v 1.65 2023/09/29 14:49:03 shm Exp $"); #endif /* not lint */ #include @@ -909,7 +909,7 @@ count_users(void) goto cleanup_count; if (fstat(fd, ) == -1) goto cleanup_count; - if ((pids = malloc(sb.st_size + sizeof(pid_t))) == NULL) + if ((pids = calloc(sb.st_size + sizeof(pid_t), 1)) == NULL) goto cleanup_count; /* XXX: implement a better read loop */ scount = read(fd, pids, sb.st_size);
CVS commit: src/libexec/ftpd
Module Name:src Committed By: shm Date: Fri Sep 29 14:49:03 UTC 2023 Modified Files: src/libexec/ftpd: conf.c Log Message: Fix uninitialized memory usage in count_users() If the file was previously empty, pids table is not set, the code however used pids[0] which is uninitialized in this case. In some scenarios it may lead to propagate garbage value from pids[0] to the file and cause writing outside of allocated memory. OK lukem@ To generate a diff of this commit: cvs rdiff -u -r1.64 -r1.65 src/libexec/ftpd/conf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/telnetd
Module Name:src Committed By: shm Date: Fri Sep 22 15:28:36 UTC 2023 Modified Files: src/libexec/telnetd: state.c Log Message: Fix off by one in telrcv() In case of "\r" in the data buffer, the code was unconditionally looking ahead to next character, even if "\r" was last character in the buffer. That condition leads to read outside of the data (one byte after the array) Thanks christos@ for the review To generate a diff of this commit: cvs rdiff -u -r1.32 -r1.33 src/libexec/telnetd/state.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/telnetd/state.c diff -u src/libexec/telnetd/state.c:1.32 src/libexec/telnetd/state.c:1.33 --- src/libexec/telnetd/state.c:1.32 Mon Aug 9 21:38:04 2021 +++ src/libexec/telnetd/state.c Fri Sep 22 15:28:36 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: state.c,v 1.32 2021/08/09 21:38:04 andvar Exp $ */ +/* $NetBSD: state.c,v 1.33 2023/09/22 15:28:36 shm Exp $ */ /* * Copyright (c) 1989, 1993 @@ -34,7 +34,7 @@ #if 0 static char sccsid[] = "@(#)state.c 8.5 (Berkeley) 5/30/95"; #else -__RCSID("$NetBSD: state.c,v 1.32 2021/08/09 21:38:04 andvar Exp $"); +__RCSID("$NetBSD: state.c,v 1.33 2023/09/22 15:28:36 shm Exp $"); #endif #endif /* not lint */ @@ -100,9 +100,33 @@ telrcv(void) case TS_CR: state = TS_DATA; - /* Strip off \n or \0 after a \r */ - if ((c == 0) || (c == '\n')) { -break; + +#ifdef LINEMODE + /* + * If we are operating in linemode, + * convert to local end-of-line. + */ + if (linemode && (ncc > 0) && ((c == '\n') || + ((c == 0) && tty_iscrnl())) ) +c = '\n'; + else +#endif + { +/* + * We now map \r\n ==> \r for pragmatic reasons. + * Many client implementations send \r\n when + * the user hits the CarriageReturn key. + * + * We USED to map \r\n ==> \n, since \r\n says + * that we want to be in column 1 of the next + * printable line, and \n is the standard + * unix way of saying that (\r is only good + * if CRMOD is set, which it normally is). + */ + +/* Strip off \n or \0 after a \r */ +if ((c == 0) || (c == '\n')) + break; } /* FALL THROUGH */ @@ -111,42 +135,10 @@ telrcv(void) state = TS_IAC; break; } - /* - * We now map \r\n ==> \r for pragmatic reasons. - * Many client implementations send \r\n when - * the user hits the CarriageReturn key. - * - * We USED to map \r\n ==> \n, since \r\n says - * that we want to be in column 1 of the next - * printable line, and \n is the standard - * unix way of saying that (\r is only good - * if CRMOD is set, which it normally is). - */ - if ((c == '\r') && his_state_is_wont(TELOPT_BINARY)) { -int nc = *netip; -#ifdef ENCRYPTION -if (decrypt_input) - nc = (*decrypt_input)(nc & 0xff); -#endif /* ENCRYPTION */ -#ifdef LINEMODE -/* - * If we are operating in linemode, - * convert to local end-of-line. - */ -if (linemode && (ncc > 0) && (('\n' == nc) || - ((0 == nc) && tty_iscrnl())) ) { - netip++; ncc--; - c = '\n'; -} else -#endif -{ -#ifdef ENCRYPTION - if (decrypt_input) - (void)(*decrypt_input)(-1); -#endif /* ENCRYPTION */ - state = TS_CR; -} - } + + if ((c == '\r') && his_state_is_wont(TELOPT_BINARY)) +state = TS_CR; + *pfrontp++ = c; break;
CVS commit: src/libexec/telnetd
Module Name:src Committed By: shm Date: Fri Sep 22 15:28:36 UTC 2023 Modified Files: src/libexec/telnetd: state.c Log Message: Fix off by one in telrcv() In case of "\r" in the data buffer, the code was unconditionally looking ahead to next character, even if "\r" was last character in the buffer. That condition leads to read outside of the data (one byte after the array) Thanks christos@ for the review To generate a diff of this commit: cvs rdiff -u -r1.32 -r1.33 src/libexec/telnetd/state.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/ftpd
Module Name:src Committed By: shm Date: Fri Sep 22 11:23:28 UTC 2023 Modified Files: src/libexec/ftpd: ftpcmd.y Log Message: Add missing check_login checks for MLST and MLSD To generate a diff of this commit: cvs rdiff -u -r1.94 -r1.95 src/libexec/ftpd/ftpcmd.y Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/ftpd
Module Name:src Committed By: shm Date: Fri Sep 22 11:23:28 UTC 2023 Modified Files: src/libexec/ftpd: ftpcmd.y Log Message: Add missing check_login checks for MLST and MLSD To generate a diff of this commit: cvs rdiff -u -r1.94 -r1.95 src/libexec/ftpd/ftpcmd.y Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/ftpd/ftpcmd.y diff -u src/libexec/ftpd/ftpcmd.y:1.94 src/libexec/ftpd/ftpcmd.y:1.95 --- src/libexec/ftpd/ftpcmd.y:1.94 Mon Aug 10 07:45:50 2015 +++ src/libexec/ftpd/ftpcmd.y Fri Sep 22 11:23:28 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: ftpcmd.y,v 1.94 2015/08/10 07:45:50 shm Exp $ */ +/* $NetBSD: ftpcmd.y,v 1.95 2023/09/22 11:23:28 shm Exp $ */ /*- * Copyright (c) 1997-2009 The NetBSD Foundation, Inc. @@ -72,7 +72,7 @@ #if 0 static char sccsid[] = "@(#)ftpcmd.y 8.3 (Berkeley) 4/6/94"; #else -__RCSID("$NetBSD: ftpcmd.y,v 1.94 2015/08/10 07:45:50 shm Exp $"); +__RCSID("$NetBSD: ftpcmd.y,v 1.95 2023/09/22 11:23:28 shm Exp $"); #endif #endif /* not lint */ @@ -855,7 +855,8 @@ cmd | MLST check_login CRLF { - mlst(NULL); + if ($2) +mlst(NULL); } | MLSD check_login SP pathname CRLF @@ -868,7 +869,8 @@ cmd | MLSD check_login CRLF { - mlsd(NULL); + if ($2) +mlsd(NULL); } | error CRLF
CVS commit: src/libexec/telnetd
Module Name:src Committed By: shm Date: Thu Sep 21 14:00:34 UTC 2023 Modified Files: src/libexec/telnetd: telnetd.c Log Message: Fix memory leak - free resources allocated by getaddrinfo To generate a diff of this commit: cvs rdiff -u -r1.58 -r1.59 src/libexec/telnetd/telnetd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/telnetd/telnetd.c diff -u src/libexec/telnetd/telnetd.c:1.58 src/libexec/telnetd/telnetd.c:1.59 --- src/libexec/telnetd/telnetd.c:1.58 Fri Aug 26 19:30:44 2022 +++ src/libexec/telnetd/telnetd.c Thu Sep 21 14:00:34 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: telnetd.c,v 1.58 2022/08/26 19:30:44 dholland Exp $ */ +/* $NetBSD: telnetd.c,v 1.59 2023/09/21 14:00:34 shm Exp $ */ /* * Copyright (C) 1997 and 1998 WIDE Project. @@ -65,7 +65,7 @@ __COPYRIGHT("@(#) Copyright (c) 1989, 19 #if 0 static char sccsid[] = "@(#)telnetd.c 8.4 (Berkeley) 5/30/95"; #else -__RCSID("$NetBSD: telnetd.c,v 1.58 2022/08/26 19:30:44 dholland Exp $"); +__RCSID("$NetBSD: telnetd.c,v 1.59 2023/09/21 14:00:34 shm Exp $"); #endif #endif /* not lint */ @@ -400,6 +400,7 @@ main(int argc, char *argv[]) (void) dup2(ns, 0); (void) close(ns); (void) close(s); + freeaddrinfo(res); } else if (argc > 0) { usage(); /* NOT REACHED */
CVS commit: src/libexec/telnetd
Module Name:src Committed By: shm Date: Thu Sep 21 14:00:34 UTC 2023 Modified Files: src/libexec/telnetd: telnetd.c Log Message: Fix memory leak - free resources allocated by getaddrinfo To generate a diff of this commit: cvs rdiff -u -r1.58 -r1.59 src/libexec/telnetd/telnetd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/libc/gen
Module Name:src Committed By: shm Date: Thu Sep 21 13:46:12 UTC 2023 Modified Files: src/lib/libc/gen: getcap.c Log Message: Fix memory leak in getent() Memory was not freed if record was not found To generate a diff of this commit: cvs rdiff -u -r1.57 -r1.58 src/lib/libc/gen/getcap.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/gen/getcap.c diff -u src/lib/libc/gen/getcap.c:1.57 src/lib/libc/gen/getcap.c:1.58 --- src/lib/libc/gen/getcap.c:1.57 Sun Jun 18 03:56:39 2017 +++ src/lib/libc/gen/getcap.c Thu Sep 21 13:46:12 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: getcap.c,v 1.57 2017/06/18 03:56:39 manu Exp $ */ +/* $NetBSD: getcap.c,v 1.58 2023/09/21 13:46:12 shm Exp $ */ /*- * Copyright (c) 1992, 1993 @@ -41,7 +41,7 @@ #if 0 static char sccsid[] = "@(#)getcap.c 8.3 (Berkeley) 3/25/94"; #else -__RCSID("$NetBSD: getcap.c,v 1.57 2017/06/18 03:56:39 manu Exp $"); +__RCSID("$NetBSD: getcap.c,v 1.58 2023/09/21 13:46:12 shm Exp $"); #endif #endif /* LIBC_SCCS and not lint */ @@ -502,8 +502,10 @@ getent(char **cap, size_t *len, const ch break; } - if (!foundit) + if (!foundit) { + free(record); return -1; + } /* * Got the capability record, but now we have to expand all tc=name
CVS commit: src/lib/libc/gen
Module Name:src Committed By: shm Date: Thu Sep 21 13:46:12 UTC 2023 Modified Files: src/lib/libc/gen: getcap.c Log Message: Fix memory leak in getent() Memory was not freed if record was not found To generate a diff of this commit: cvs rdiff -u -r1.57 -r1.58 src/lib/libc/gen/getcap.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Wed Sep 20 08:41:35 UTC 2023 Modified Files: src/libexec/httpd: cgi-bozo.c Log Message: Removed unnecessary comment Thanks leot@ for pointing this out To generate a diff of this commit: cvs rdiff -u -r1.55 -r1.56 src/libexec/httpd/cgi-bozo.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/httpd/cgi-bozo.c diff -u src/libexec/httpd/cgi-bozo.c:1.55 src/libexec/httpd/cgi-bozo.c:1.56 --- src/libexec/httpd/cgi-bozo.c:1.55 Wed Sep 20 07:09:14 2023 +++ src/libexec/httpd/cgi-bozo.c Wed Sep 20 08:41:35 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: cgi-bozo.c,v 1.55 2023/09/20 07:09:14 shm Exp $ */ +/* $NetBSD: cgi-bozo.c,v 1.56 2023/09/20 08:41:35 shm Exp $ */ /* $eterna: cgi-bozo.c,v 1.40 2011/11/18 09:21:15 mrg Exp $ */ @@ -654,7 +654,6 @@ bozo_process_cgi(bozo_httpreq_t *request /* CGI programs should perform their own timeouts */ while ((rbytes = bozo_read(httpd, STDIN_FILENO, buf, sizeof buf)) > 0) { ssize_t wbytes; - /* char *bp = buf; */ while (rbytes) { wbytes = write(sv[0], buf, (size_t)rbytes);
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Wed Sep 20 08:41:35 UTC 2023 Modified Files: src/libexec/httpd: cgi-bozo.c Log Message: Removed unnecessary comment Thanks leot@ for pointing this out To generate a diff of this commit: cvs rdiff -u -r1.55 -r1.56 src/libexec/httpd/cgi-bozo.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Wed Sep 20 07:13:35 UTC 2023 Modified Files: src/libexec/httpd: bozohttpd.c Log Message: Fix off-by-one in bozo_decode_url_percent In case of strings that end with '%', debug function was reading past buffer. To generate a diff of this commit: cvs rdiff -u -r1.144 -r1.145 src/libexec/httpd/bozohttpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/httpd/bozohttpd.c diff -u src/libexec/httpd/bozohttpd.c:1.144 src/libexec/httpd/bozohttpd.c:1.145 --- src/libexec/httpd/bozohttpd.c:1.144 Thu Sep 7 06:40:56 2023 +++ src/libexec/httpd/bozohttpd.c Wed Sep 20 07:13:35 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: bozohttpd.c,v 1.144 2023/09/07 06:40:56 shm Exp $ */ +/* $NetBSD: bozohttpd.c,v 1.145 2023/09/20 07:13:35 shm Exp $ */ /* $eterna: bozohttpd.c,v 1.178 2011/11/18 09:21:15 mrg Exp $ */ @@ -1564,9 +1564,14 @@ bozo_decode_url_percent(bozo_httpreq_t * *t++ = *s++; break; } - debug((httpd, DEBUG_EXPLODING, - "fu_%%: got s == %%, s[1]s[2] == %c%c", - s[1], s[2])); + if ([2] < end) + debug((httpd, DEBUG_EXPLODING, +"fu_%%: got s == %%, s[1]s[2] == %c%c", +s[1], s[2])); + else + debug((httpd, DEBUG_EXPLODING, + "fu_%%: got s == %%, s[1] == %c s[2] is not set", +s[1])); if (s[1] == '\0' || s[2] == '\0') return bozo_http_error(httpd, 400, request, "percent hack missing two chars afterwards");
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Wed Sep 20 07:13:35 UTC 2023 Modified Files: src/libexec/httpd: bozohttpd.c Log Message: Fix off-by-one in bozo_decode_url_percent In case of strings that end with '%', debug function was reading past buffer. To generate a diff of this commit: cvs rdiff -u -r1.144 -r1.145 src/libexec/httpd/bozohttpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Wed Sep 20 07:09:14 UTC 2023 Modified Files: src/libexec/httpd: cgi-bozo.c Log Message: Remove unused variable (bp) To generate a diff of this commit: cvs rdiff -u -r1.54 -r1.55 src/libexec/httpd/cgi-bozo.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Wed Sep 20 07:09:14 UTC 2023 Modified Files: src/libexec/httpd: cgi-bozo.c Log Message: Remove unused variable (bp) To generate a diff of this commit: cvs rdiff -u -r1.54 -r1.55 src/libexec/httpd/cgi-bozo.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/httpd/cgi-bozo.c diff -u src/libexec/httpd/cgi-bozo.c:1.54 src/libexec/httpd/cgi-bozo.c:1.55 --- src/libexec/httpd/cgi-bozo.c:1.54 Thu Apr 8 07:02:12 2021 +++ src/libexec/httpd/cgi-bozo.c Wed Sep 20 07:09:14 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: cgi-bozo.c,v 1.54 2021/04/08 07:02:12 rillig Exp $ */ +/* $NetBSD: cgi-bozo.c,v 1.55 2023/09/20 07:09:14 shm Exp $ */ /* $eterna: cgi-bozo.c,v 1.40 2011/11/18 09:21:15 mrg Exp $ */ @@ -185,15 +185,13 @@ finish_cgi_output(bozohttpd_t *httpd, bo /* CGI programs should perform their own timeouts */ while ((rbytes = read(in, buf, sizeof buf)) > 0) { ssize_t wbytes; - char *bp = buf; while (rbytes) { wbytes = bozo_write(httpd, STDOUT_FILENO, buf, (size_t)rbytes); - if (wbytes > 0) { + if (wbytes > 0) rbytes -= wbytes; -bp += wbytes; - } else + else bozoerr(httpd, 1, "cgi output write failed: %s", strerror(errno)); @@ -656,14 +654,13 @@ bozo_process_cgi(bozo_httpreq_t *request /* CGI programs should perform their own timeouts */ while ((rbytes = bozo_read(httpd, STDIN_FILENO, buf, sizeof buf)) > 0) { ssize_t wbytes; - char *bp = buf; + /* char *bp = buf; */ while (rbytes) { wbytes = write(sv[0], buf, (size_t)rbytes); - if (wbytes > 0) { + if (wbytes > 0) rbytes -= wbytes; -bp += wbytes; - } else + else bozoerr(httpd, 1, "write failed: %s", strerror(errno)); }
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Tue Sep 19 07:51:43 UTC 2023 Modified Files: src/libexec/httpd: auth-bozo.c Log Message: Fix hr_authrealm memory leak hr_authrealm might be already set, so we need to free it before overwriting the value To generate a diff of this commit: cvs rdiff -u -r1.27 -r1.28 src/libexec/httpd/auth-bozo.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/httpd/auth-bozo.c diff -u src/libexec/httpd/auth-bozo.c:1.27 src/libexec/httpd/auth-bozo.c:1.28 --- src/libexec/httpd/auth-bozo.c:1.27 Wed May 5 07:41:48 2021 +++ src/libexec/httpd/auth-bozo.c Tue Sep 19 07:51:43 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: auth-bozo.c,v 1.27 2021/05/05 07:41:48 mrg Exp $ */ +/* $NetBSD: auth-bozo.c,v 1.28 2023/09/19 07:51:43 shm Exp $ */ /* $eterna: auth-bozo.c,v 1.17 2011/11/18 09:21:15 mrg Exp $ */ @@ -67,6 +67,11 @@ bozo_auth_check(bozo_httpreq_t *request, if (bozo_check_special_files(request, basename, true)) return 1; } + + /* we might be called from cgi code again with the hr_authrealm + * already set */ + if (request->hr_authrealm) + free(request->hr_authrealm); request->hr_authrealm = bozostrdup(httpd, request, dir); if ((size_t)snprintf(authfile, sizeof(authfile), "%s/%s", dir,
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Tue Sep 19 07:51:43 UTC 2023 Modified Files: src/libexec/httpd: auth-bozo.c Log Message: Fix hr_authrealm memory leak hr_authrealm might be already set, so we need to free it before overwriting the value To generate a diff of this commit: cvs rdiff -u -r1.27 -r1.28 src/libexec/httpd/auth-bozo.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.bin/mail
Module Name:src Committed By: shm Date: Fri Sep 8 20:46:45 UTC 2023 Modified Files: src/usr.bin/mail: support.c Log Message: Add check for space presence after comma in skin() Check if comma is followed by space, otherwise it may lead to overflow in the output buffer as space might be extra appended to the output buffer without consuming anything from the input. This condition breaks the assumption that length(input) >= length(output) while the code relies on it. To generate a diff of this commit: cvs rdiff -u -r1.26 -r1.27 src/usr.bin/mail/support.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.bin/mail
Module Name:src Committed By: shm Date: Fri Sep 8 20:46:45 UTC 2023 Modified Files: src/usr.bin/mail: support.c Log Message: Add check for space presence after comma in skin() Check if comma is followed by space, otherwise it may lead to overflow in the output buffer as space might be extra appended to the output buffer without consuming anything from the input. This condition breaks the assumption that length(input) >= length(output) while the code relies on it. To generate a diff of this commit: cvs rdiff -u -r1.26 -r1.27 src/usr.bin/mail/support.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/mail/support.c diff -u src/usr.bin/mail/support.c:1.26 src/usr.bin/mail/support.c:1.27 --- src/usr.bin/mail/support.c:1.26 Fri Sep 8 20:37:07 2023 +++ src/usr.bin/mail/support.c Fri Sep 8 20:46:45 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: support.c,v 1.26 2023/09/08 20:37:07 shm Exp $ */ +/* $NetBSD: support.c,v 1.27 2023/09/08 20:46:45 shm Exp $ */ /* * Copyright (c) 1980, 1993 @@ -34,7 +34,7 @@ #if 0 static char sccsid[] = "@(#)aux.c 8.1 (Berkeley) 6/6/93"; #else -__RCSID("$NetBSD: support.c,v 1.26 2023/09/08 20:37:07 shm Exp $"); +__RCSID("$NetBSD: support.c,v 1.27 2023/09/08 20:46:45 shm Exp $"); #endif #endif /* not lint */ @@ -537,7 +537,7 @@ skin(char *name) *cp2++ = ' '; } *cp2++ = c; - if (c == ',' && !gotlt) { + if (c == ',' && *cp == ' ' && !gotlt) { *cp2++ = ' '; for (/*EMPTY*/; *cp == ' '; cp++) continue;
CVS commit: src/usr.bin/mail
Module Name:src Committed By: shm Date: Fri Sep 8 20:37:07 UTC 2023 Modified Files: src/usr.bin/mail: support.c Log Message: Fix writing outside of the nbuf buffer in skin() Data provided to skin() can be longer than LINEBUF (if same header is provided multiple times, hfield returns concatenated data). Thanks to riastradh@ for the review and comments To generate a diff of this commit: cvs rdiff -u -r1.25 -r1.26 src/usr.bin/mail/support.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/mail/support.c diff -u src/usr.bin/mail/support.c:1.25 src/usr.bin/mail/support.c:1.26 --- src/usr.bin/mail/support.c:1.25 Thu Nov 9 20:27:50 2017 +++ src/usr.bin/mail/support.c Fri Sep 8 20:37:07 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: support.c,v 1.25 2017/11/09 20:27:50 christos Exp $ */ +/* $NetBSD: support.c,v 1.26 2023/09/08 20:37:07 shm Exp $ */ /* * Copyright (c) 1980, 1993 @@ -34,7 +34,7 @@ #if 0 static char sccsid[] = "@(#)aux.c 8.1 (Berkeley) 6/6/93"; #else -__RCSID("$NetBSD: support.c,v 1.25 2017/11/09 20:27:50 christos Exp $"); +__RCSID("$NetBSD: support.c,v 1.26 2023/09/08 20:37:07 shm Exp $"); #endif #endif /* not lint */ @@ -456,13 +456,15 @@ skin(char *name) char *cp, *cp2; char *bufend; int gotlt, lastsp; - char nbuf[LINESIZE]; + char *nbuf, *ret; if (name == NULL) return NULL; if (strchr(name, '(') == NULL && strchr(name, '<') == NULL && strchr(name, ' ') == NULL) return name; + + nbuf = emalloc(strlen(name) + 1); gotlt = 0; lastsp = 0; bufend = nbuf; @@ -545,8 +547,11 @@ skin(char *name) } } *cp2 = 0; + + ret = savestr(nbuf); + free(nbuf); - return savestr(nbuf); + return ret; } /*
CVS commit: src/usr.bin/mail
Module Name:src Committed By: shm Date: Fri Sep 8 20:37:07 UTC 2023 Modified Files: src/usr.bin/mail: support.c Log Message: Fix writing outside of the nbuf buffer in skin() Data provided to skin() can be longer than LINEBUF (if same header is provided multiple times, hfield returns concatenated data). Thanks to riastradh@ for the review and comments To generate a diff of this commit: cvs rdiff -u -r1.25 -r1.26 src/usr.bin/mail/support.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.bin/mail
Module Name:src Committed By: shm Date: Fri Sep 8 14:34:02 UTC 2023 Modified Files: src/usr.bin/mail: format.c Log Message: Fix check_bufsize() incorrect behaviour The function ensures that that buffer is large enough to store the data (if not, it reallocates it). It doubled the buffer every time the buffer was too small, but in some cases it wasn't enough, which might lead to heap overflows. Rewrite of this function handles int overflow scenarios as well as ensures the buffer is big enough to handle the data. Thanks riastradh@ for the review and comments To generate a diff of this commit: cvs rdiff -u -r1.17 -r1.18 src/usr.bin/mail/format.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/mail/format.c diff -u src/usr.bin/mail/format.c:1.17 src/usr.bin/mail/format.c:1.18 --- src/usr.bin/mail/format.c:1.17 Sun Aug 7 10:12:19 2022 +++ src/usr.bin/mail/format.c Fri Sep 8 14:34:02 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: format.c,v 1.17 2022/08/07 10:12:19 andvar Exp $ */ +/* $NetBSD: format.c,v 1.18 2023/09/08 14:34:02 shm Exp $ */ /*- * Copyright (c) 2006 The NetBSD Foundation, Inc. @@ -31,7 +31,7 @@ #include #ifndef __lint__ -__RCSID("$NetBSD: format.c,v 1.17 2022/08/07 10:12:19 andvar Exp $"); +__RCSID("$NetBSD: format.c,v 1.18 2023/09/08 14:34:02 shm Exp $"); #endif /* not __lint__ */ #include @@ -54,13 +54,21 @@ __RCSID("$NetBSD: format.c,v 1.17 2022/0 static void check_bufsize(char **buf, size_t *bufsize, char **p, size_t cnt) { - char *q; - if (*p + cnt < *buf + *bufsize) + size_t offset = (size_t)(*p - *buf); + + /* enough buffer allocated already */ + if (cnt < *bufsize - offset) return; - *bufsize *= 2; - q = erealloc(*buf, *bufsize); - *p = q + (*p - *buf); - *buf = q; + + /* expand buffer till it's sufficient to handle the data */ + while (cnt >= *bufsize - offset) { + if (*bufsize > SIZE_MAX/2) + errx(1, "out of memory"); + *bufsize *= 2; + } + + *buf = erealloc(*buf, *bufsize); + *p = *buf + offset; } static const char *
CVS commit: src/usr.bin/mail
Module Name:src Committed By: shm Date: Fri Sep 8 14:34:02 UTC 2023 Modified Files: src/usr.bin/mail: format.c Log Message: Fix check_bufsize() incorrect behaviour The function ensures that that buffer is large enough to store the data (if not, it reallocates it). It doubled the buffer every time the buffer was too small, but in some cases it wasn't enough, which might lead to heap overflows. Rewrite of this function handles int overflow scenarios as well as ensures the buffer is big enough to handle the data. Thanks riastradh@ for the review and comments To generate a diff of this commit: cvs rdiff -u -r1.17 -r1.18 src/usr.bin/mail/format.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.bin/mail
Module Name:src Committed By: shm Date: Fri Sep 8 14:22:04 UTC 2023 Modified Files: src/usr.bin/mail: vars.c Log Message: Fixed undefined behaviour in hash() Shift left on large int values was causing an undefined behaviour, fix it by operating on unsigned int type instead. This patch changes behaviour of the hash() slightly - if the computed hash is INT_MIN, the function previously returned 0, but this case is negligible. To generate a diff of this commit: cvs rdiff -u -r1.18 -r1.19 src/usr.bin/mail/vars.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/mail/vars.c diff -u src/usr.bin/mail/vars.c:1.18 src/usr.bin/mail/vars.c:1.19 --- src/usr.bin/mail/vars.c:1.18 Sat Oct 27 15:14:51 2007 +++ src/usr.bin/mail/vars.c Fri Sep 8 14:22:04 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: vars.c,v 1.18 2007/10/27 15:14:51 christos Exp $ */ +/* $NetBSD: vars.c,v 1.19 2023/09/08 14:22:04 shm Exp $ */ /* * Copyright (c) 1980, 1993 @@ -34,7 +34,7 @@ #if 0 static char sccsid[] = "@(#)vars.c 8.1 (Berkeley) 6/6/93"; #else -__RCSID("$NetBSD: vars.c,v 1.18 2007/10/27 15:14:51 christos Exp $"); +__RCSID("$NetBSD: vars.c,v 1.19 2023/09/08 14:22:04 shm Exp $"); #endif #endif /* not lint */ @@ -86,14 +86,12 @@ vcopy(const char str[]) PUBLIC int hash(const char *name) { - int h = 0; + unsigned int h = 0; while (*name) { h <<= 2; h += *name++; } - if (h < 0 && (h = -h) < 0) - h = 0; return h % HSHSIZE; }
CVS commit: src/usr.bin/mail
Module Name:src Committed By: shm Date: Fri Sep 8 14:22:04 UTC 2023 Modified Files: src/usr.bin/mail: vars.c Log Message: Fixed undefined behaviour in hash() Shift left on large int values was causing an undefined behaviour, fix it by operating on unsigned int type instead. This patch changes behaviour of the hash() slightly - if the computed hash is INT_MIN, the function previously returned 0, but this case is negligible. To generate a diff of this commit: cvs rdiff -u -r1.18 -r1.19 src/usr.bin/mail/vars.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Thu Sep 7 06:40:56 UTC 2023 Modified Files: src/libexec/httpd: bozohttpd.c Log Message: Fix memory leaks in bozo_cleanup To generate a diff of this commit: cvs rdiff -u -r1.143 -r1.144 src/libexec/httpd/bozohttpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/httpd/bozohttpd.c diff -u src/libexec/httpd/bozohttpd.c:1.143 src/libexec/httpd/bozohttpd.c:1.144 --- src/libexec/httpd/bozohttpd.c:1.143 Wed Jun 7 20:12:31 2023 +++ src/libexec/httpd/bozohttpd.c Thu Sep 7 06:40:56 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: bozohttpd.c,v 1.143 2023/06/07 20:12:31 mrg Exp $ */ +/* $NetBSD: bozohttpd.c,v 1.144 2023/09/07 06:40:56 shm Exp $ */ /* $eterna: bozohttpd.c,v 1.178 2011/11/18 09:21:15 mrg Exp $ */ @@ -2728,6 +2728,11 @@ bozo_cleanup(bozohttpd_t *httpd, bozopre free(httpd->errorbuf); free(httpd->getln_buffer); free(httpd->slashdir); + free(httpd->bindport); + free(httpd->pidfile); + free(httpd->cgibin); + free(httpd->virtbase); + free(httpd->dynamic_content_map); #define bozo_unconst(x) ((void *)(uintptr_t)x) free(bozo_unconst(httpd->server_software)); free(bozo_unconst(httpd->index_html));
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Thu Sep 7 06:40:56 UTC 2023 Modified Files: src/libexec/httpd: bozohttpd.c Log Message: Fix memory leaks in bozo_cleanup To generate a diff of this commit: cvs rdiff -u -r1.143 -r1.144 src/libexec/httpd/bozohttpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/mail.local
Module Name:src Committed By: shm Date: Wed Sep 6 08:12:09 UTC 2023 Modified Files: src/libexec/mail.local: mail.local.c Log Message: - remove lock file on error - clarify diagnostic messages - initialize struct stat if lstat(2) failed (from mhal at rbox dot co) - ensure appending to a regular file To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 src/libexec/mail.local/mail.local.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/mail.local
Module Name:src Committed By: shm Date: Wed Sep 6 08:12:09 UTC 2023 Modified Files: src/libexec/mail.local: mail.local.c Log Message: - remove lock file on error - clarify diagnostic messages - initialize struct stat if lstat(2) failed (from mhal at rbox dot co) - ensure appending to a regular file To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 src/libexec/mail.local/mail.local.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/mail.local/mail.local.c diff -u src/libexec/mail.local/mail.local.c:1.29 src/libexec/mail.local/mail.local.c:1.30 --- src/libexec/mail.local/mail.local.c:1.29 Tue May 17 11:18:58 2022 +++ src/libexec/mail.local/mail.local.c Wed Sep 6 08:12:09 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: mail.local.c,v 1.29 2022/05/17 11:18:58 kre Exp $ */ +/* $NetBSD: mail.local.c,v 1.30 2023/09/06 08:12:09 shm Exp $ */ /*- * Copyright (c) 1990, 1993, 1994 @@ -36,7 +36,7 @@ __COPYRIGHT("@(#) Copyright (c) 1990, 19 #if 0 static char sccsid[] = "@(#)mail.local.c 8.22 (Berkeley) 6/21/95"; #else -__RCSID("$NetBSD: mail.local.c,v 1.29 2022/05/17 11:18:58 kre Exp $"); +__RCSID("$NetBSD: mail.local.c,v 1.30 2023/09/06 08:12:09 shm Exp $"); #endif #endif /* not lint */ @@ -51,6 +51,7 @@ __RCSID("$NetBSD: mail.local.c,v 1.29 20 #include #include #include +#include #include #include #include @@ -137,7 +138,7 @@ store(const char *from) tn = strdup(_PATH_LOCTMP); if (!tn) - logerr(EX_OSERR, "not enough core"); + logerr(EX_OSERR, "not enough memory"); if ((fd = mkstemp(tn)) == -1 || !(fp = fdopen(fd, "w+"))) logerr(EX_OSERR, "unable to open temporary file"); (void)unlink(tn); @@ -175,13 +176,28 @@ store(const char *from) return(fd); } +static bool +badfile(const char *path, const struct stat *sb) +{ + if (!S_ISREG(sb->st_mode)) { + logwarn("%s: not a regular file", path); + return true; + } + + if (sb->st_nlink != 1) { + logwarn("%s: linked file", path); + return true; + } + return false; +} + static int deliver(int fd, char *name, int lockfile) { struct stat sb, nsb; struct passwd pwres, *pw; char pwbuf[1024]; - int created = 0, mbfd, nr, nw, off, rval=EX_OK, lfd = -1; + int created = 0, mbfd = -1, nr, nw, off, rval=EX_OK, lfd = -1; char biffmsg[100], buf[8*1024], path[MAXPATHLEN], lpath[MAXPATHLEN]; off_t curoff; @@ -211,10 +227,17 @@ deliver(int fd, char *name, int lockfile } } - if ((lstat(path, ) != -1) && - (sb.st_nlink != 1 || S_ISLNK(sb.st_mode))) { - logwarn("%s: linked file", path); - return(EX_OSERR); + if (lstat(path, ) == -1) { + if (errno != ENOENT) { + logwarn("%s: %s", path, strerror(errno)); + rval = EX_OSERR; + goto bad; + } + memset(, 0, sizeof(sb)); + sb.st_dev = NODEV; + } else if (badfile(path, )) { + rval = EX_OSERR; + goto bad; } if ((mbfd = open(path, O_APPEND|O_WRONLY|O_EXLOCK|O_NOFOLLOW, @@ -235,8 +258,14 @@ deliver(int fd, char *name, int lockfile goto bad; } + if (badfile(path, )) { + rval = EX_OSERR; + goto bad; + } + /* file is not what we expected */ if (nsb.st_ino != sb.st_ino || nsb.st_dev != sb.st_dev) { + logwarn("%s: file has changed", path); rval = EX_OSERR; goto bad; }
CVS commit: src/sys/miscfs/procfs
Module Name:src Committed By: shm Date: Fri Jun 17 14:30:37 UTC 2022 Modified Files: src/sys/miscfs/procfs: procfs_vnops.c Log Message: Add missing permission check To generate a diff of this commit: cvs rdiff -u -r1.228 -r1.229 src/sys/miscfs/procfs/procfs_vnops.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/miscfs/procfs/procfs_vnops.c diff -u src/sys/miscfs/procfs/procfs_vnops.c:1.228 src/sys/miscfs/procfs/procfs_vnops.c:1.229 --- src/sys/miscfs/procfs/procfs_vnops.c:1.228 Sun Mar 27 17:10:56 2022 +++ src/sys/miscfs/procfs/procfs_vnops.c Fri Jun 17 14:30:37 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: procfs_vnops.c,v 1.228 2022/03/27 17:10:56 christos Exp $ */ +/* $NetBSD: procfs_vnops.c,v 1.229 2022/06/17 14:30:37 shm Exp $ */ /*- * Copyright (c) 2006, 2007, 2008, 2020 The NetBSD Foundation, Inc. @@ -105,7 +105,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: procfs_vnops.c,v 1.228 2022/03/27 17:10:56 christos Exp $"); +__KERNEL_RCSID(0, "$NetBSD: procfs_vnops.c,v 1.229 2022/06/17 14:30:37 shm Exp $"); #include #include @@ -976,6 +976,9 @@ procfs_lookup(void *v) *vpp = NULL; + if ((error = VOP_ACCESS(dvp, VEXEC, cnp->cn_cred)) != 0) + return (error); + if (cnp->cn_nameiop == DELETE || cnp->cn_nameiop == RENAME) return (EROFS);
CVS commit: src/sys/miscfs/procfs
Module Name:src Committed By: shm Date: Fri Jun 17 14:30:37 UTC 2022 Modified Files: src/sys/miscfs/procfs: procfs_vnops.c Log Message: Add missing permission check To generate a diff of this commit: cvs rdiff -u -r1.228 -r1.229 src/sys/miscfs/procfs/procfs_vnops.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/libsaslc/dist/src
Module Name:src Committed By: shm Date: Tue Jan 30 15:28:39 UTC 2018 Modified Files: src/crypto/external/bsd/libsaslc/dist/src: mech_digestmd5.c Log Message: Fixed memory leak (CID: 977744) To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 \ src/crypto/external/bsd/libsaslc/dist/src/mech_digestmd5.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/libsaslc/dist/src/mech_digestmd5.c diff -u src/crypto/external/bsd/libsaslc/dist/src/mech_digestmd5.c:1.12 src/crypto/external/bsd/libsaslc/dist/src/mech_digestmd5.c:1.13 --- src/crypto/external/bsd/libsaslc/dist/src/mech_digestmd5.c:1.12 Tue Jan 30 13:11:28 2018 +++ src/crypto/external/bsd/libsaslc/dist/src/mech_digestmd5.c Tue Jan 30 15:28:39 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: mech_digestmd5.c,v 1.12 2018/01/30 13:11:28 shm Exp $ */ +/* $NetBSD: mech_digestmd5.c,v 1.13 2018/01/30 15:28:39 shm Exp $ */ /* Copyright (c) 2010 The NetBSD Foundation, Inc. * All rights reserved. @@ -35,7 +35,7 @@ * POSSIBILITY OF SUCH DAMAGE. */ #include -__RCSID("$NetBSD: mech_digestmd5.c,v 1.12 2018/01/30 13:11:28 shm Exp $"); +__RCSID("$NetBSD: mech_digestmd5.c,v 1.13 2018/01/30 15:28:39 shm Exp $"); #include @@ -860,7 +860,7 @@ choose_realm(saslc_sess_t *sess, const c { const char *user_realms; list_t *l; - char *p; + char *p = NULL; /*/ /* The realm containing the user's account. This directive is */ @@ -926,6 +926,7 @@ choose_realm(saslc_sess_t *sess, const c return p; } use_1st_realm: + free(p); if ((p = strdup(realms->value)) == NULL) goto nomem; return p;
CVS commit: src/crypto/external/bsd/libsaslc/dist/src
Module Name:src Committed By: shm Date: Tue Jan 30 15:28:39 UTC 2018 Modified Files: src/crypto/external/bsd/libsaslc/dist/src: mech_digestmd5.c Log Message: Fixed memory leak (CID: 977744) To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 \ src/crypto/external/bsd/libsaslc/dist/src/mech_digestmd5.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/libsaslc/dist/src
Module Name:src Committed By: shm Date: Tue Jan 30 13:11:28 UTC 2018 Modified Files: src/crypto/external/bsd/libsaslc/dist/src: mech_digestmd5.c Log Message: Fixed potential NULL pointer dereference (CID: 978477) To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 \ src/crypto/external/bsd/libsaslc/dist/src/mech_digestmd5.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/libsaslc/dist/src/mech_digestmd5.c diff -u src/crypto/external/bsd/libsaslc/dist/src/mech_digestmd5.c:1.11 src/crypto/external/bsd/libsaslc/dist/src/mech_digestmd5.c:1.12 --- src/crypto/external/bsd/libsaslc/dist/src/mech_digestmd5.c:1.11 Fri Jun 28 15:04:35 2013 +++ src/crypto/external/bsd/libsaslc/dist/src/mech_digestmd5.c Tue Jan 30 13:11:28 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: mech_digestmd5.c,v 1.11 2013/06/28 15:04:35 joerg Exp $ */ +/* $NetBSD: mech_digestmd5.c,v 1.12 2018/01/30 13:11:28 shm Exp $ */ /* Copyright (c) 2010 The NetBSD Foundation, Inc. * All rights reserved. @@ -35,7 +35,7 @@ * POSSIBILITY OF SUCH DAMAGE. */ #include -__RCSID("$NetBSD: mech_digestmd5.c,v 1.11 2013/06/28 15:04:35 joerg Exp $"); +__RCSID("$NetBSD: mech_digestmd5.c,v 1.12 2018/01/30 13:11:28 shm Exp $"); #include @@ -2294,7 +2294,7 @@ saslc__mech_digestmd5_cont(saslc_sess_t } *out = saslc__mech_digestmd5_reply(sess, response); free(response); - if (out == NULL) + if (*out == NULL) return MECH_ERROR; *outlen = strlen(*out);
CVS commit: src/crypto/external/bsd/libsaslc/dist/src
Module Name:src Committed By: shm Date: Tue Jan 30 13:11:28 UTC 2018 Modified Files: src/crypto/external/bsd/libsaslc/dist/src: mech_digestmd5.c Log Message: Fixed potential NULL pointer dereference (CID: 978477) To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 \ src/crypto/external/bsd/libsaslc/dist/src/mech_digestmd5.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.sbin/mrinfo
Module Name:src Committed By: shm Date: Thu Nov 17 09:29:01 UTC 2016 Modified Files: src/usr.sbin/mrinfo: mrinfo.c Log Message: Add couple FALLTHROUGHs CIDs: 976559, 976560, 976561 No functional change. To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 src/usr.sbin/mrinfo/mrinfo.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.sbin/mrinfo/mrinfo.c diff -u src/usr.sbin/mrinfo/mrinfo.c:1.29 src/usr.sbin/mrinfo/mrinfo.c:1.30 --- src/usr.sbin/mrinfo/mrinfo.c:1.29 Wed Aug 31 13:32:38 2011 +++ src/usr.sbin/mrinfo/mrinfo.c Thu Nov 17 09:29:01 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: mrinfo.c,v 1.29 2011/08/31 13:32:38 joerg Exp $ */ +/* $NetBSD: mrinfo.c,v 1.30 2016/11/17 09:29:01 shm Exp $ */ /* * This tool requests configuration info from a multicast router @@ -80,7 +80,7 @@ static char rcsid[] = "@(#) Header: mrinfo.c,v 1.6 93/04/08 15:14:16 van Exp (LBL)"; #else -__RCSID("$NetBSD: mrinfo.c,v 1.29 2011/08/31 13:32:38 joerg Exp $"); +__RCSID("$NetBSD: mrinfo.c,v 1.30 2016/11/17 09:29:01 shm Exp $"); #endif #endif @@ -147,12 +147,15 @@ logit(int severity, int syserr, const ch case 0: if (severity > LOG_WARNING) return; + /* FALLTHROUGH */ case 1: if (severity > LOG_NOTICE) return; + /* FALLTHROUGH */ case 2: if (severity > LOG_INFO) return; + /* FALLTHROUGH */ default: if (severity == LOG_WARNING) fprintf(stderr, "warning - ");
CVS commit: src/usr.sbin/mrinfo
Module Name:src Committed By: shm Date: Thu Nov 17 09:29:01 UTC 2016 Modified Files: src/usr.sbin/mrinfo: mrinfo.c Log Message: Add couple FALLTHROUGHs CIDs: 976559, 976560, 976561 No functional change. To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 src/usr.sbin/mrinfo/mrinfo.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.sbin/traceroute6
Module Name:src Committed By: shm Date: Thu Nov 17 09:21:34 UTC 2016 Modified Files: src/usr.sbin/traceroute6: traceroute6.c Log Message: CID 978587: Removed unnecessary check against NULL. To generate a diff of this commit: cvs rdiff -u -r1.43 -r1.44 src/usr.sbin/traceroute6/traceroute6.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.sbin/traceroute6/traceroute6.c diff -u src/usr.sbin/traceroute6/traceroute6.c:1.43 src/usr.sbin/traceroute6/traceroute6.c:1.44 --- src/usr.sbin/traceroute6/traceroute6.c:1.43 Mon Dec 10 18:11:33 2012 +++ src/usr.sbin/traceroute6/traceroute6.c Thu Nov 17 09:21:34 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: traceroute6.c,v 1.43 2012/12/10 18:11:33 christos Exp $ */ +/* $NetBSD: traceroute6.c,v 1.44 2016/11/17 09:21:34 shm Exp $ */ /* $KAME: traceroute6.c,v 1.67 2004/01/25 03:24:39 itojun Exp $ */ /* @@ -75,7 +75,7 @@ static char sccsid[] = "@(#)traceroute.c #else #include #ifndef lint -__RCSID("$NetBSD: traceroute6.c,v 1.43 2012/12/10 18:11:33 christos Exp $"); +__RCSID("$NetBSD: traceroute6.c,v 1.44 2016/11/17 09:21:34 shm Exp $"); #endif #endif @@ -569,7 +569,7 @@ main(int argc, char *argv[]) ep = NULL; errno = 0; datalen = strtoul(*argv, , 0); - if (errno || !*argv || *ep) + if (errno || *ep) errx(1, "Invalid packet length `%s'", *argv); } if (useicmp)
CVS commit: src/usr.sbin/traceroute6
Module Name:src Committed By: shm Date: Thu Nov 17 09:21:34 UTC 2016 Modified Files: src/usr.sbin/traceroute6: traceroute6.c Log Message: CID 978587: Removed unnecessary check against NULL. To generate a diff of this commit: cvs rdiff -u -r1.43 -r1.44 src/usr.sbin/traceroute6/traceroute6.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/mail.local
Module Name:src Committed By: shm Date: Thu Jul 21 12:29:37 UTC 2016 Modified Files: src/libexec/mail.local: mail.local.c Log Message: Fix error checks in open(2) calls. To generate a diff of this commit: cvs rdiff -u -r1.27 -r1.28 src/libexec/mail.local/mail.local.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/tftpd
Module Name:src Committed By: shm Date: Wed Jul 20 20:18:21 UTC 2016 Modified Files: src/libexec/tftpd: tftpd.c Log Message: CID 976523: add FALLTHROUGH To generate a diff of this commit: cvs rdiff -u -r1.44 -r1.45 src/libexec/tftpd/tftpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/tftpd/tftpd.c diff -u src/libexec/tftpd/tftpd.c:1.44 src/libexec/tftpd/tftpd.c:1.45 --- src/libexec/tftpd/tftpd.c:1.44 Tue May 5 05:50:31 2015 +++ src/libexec/tftpd/tftpd.c Wed Jul 20 20:18:21 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: tftpd.c,v 1.44 2015/05/05 05:50:31 buhrow Exp $ */ +/* $NetBSD: tftpd.c,v 1.45 2016/07/20 20:18:21 shm Exp $ */ /* * Copyright (c) 1983, 1993 @@ -36,7 +36,7 @@ __COPYRIGHT("@(#) Copyright (c) 1983, 19 #if 0 static char sccsid[] = "@(#)tftpd.c 8.1 (Berkeley) 6/4/93"; #else -__RCSID("$NetBSD: tftpd.c,v 1.44 2015/05/05 05:50:31 buhrow Exp $"); +__RCSID("$NetBSD: tftpd.c,v 1.45 2016/07/20 20:18:21 shm Exp $"); #endif #endif /* not lint */ @@ -1018,6 +1018,7 @@ send_data: (void) synchnet(peer, tftp_blksize); if (ap->th_block == (u_short)(block - 1)) goto send_data; +/* FALLTHROUGH */ default: syslog(LOG_INFO, "Received %s in sendfile\n", opcode(dp->th_opcode));
CVS commit: src/libexec/tftpd
Module Name:src Committed By: shm Date: Wed Jul 20 20:18:21 UTC 2016 Modified Files: src/libexec/tftpd: tftpd.c Log Message: CID 976523: add FALLTHROUGH To generate a diff of this commit: cvs rdiff -u -r1.44 -r1.45 src/libexec/tftpd/tftpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/ftpd
Module Name:src Committed By: shm Date: Tue Jul 19 21:25:38 UTC 2016 Modified Files: src/libexec/ftpd: ftpd.c Log Message: CID 603440: ensure that closing socket exists To generate a diff of this commit: cvs rdiff -u -r1.202 -r1.203 src/libexec/ftpd/ftpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/ftpd/ftpd.c diff -u src/libexec/ftpd/ftpd.c:1.202 src/libexec/ftpd/ftpd.c:1.203 --- src/libexec/ftpd/ftpd.c:1.202 Mon Aug 10 07:32:49 2015 +++ src/libexec/ftpd/ftpd.c Tue Jul 19 21:25:38 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: ftpd.c,v 1.202 2015/08/10 07:32:49 shm Exp $ */ +/* $NetBSD: ftpd.c,v 1.203 2016/07/19 21:25:38 shm Exp $ */ /* * Copyright (c) 1997-2009 The NetBSD Foundation, Inc. @@ -97,7 +97,7 @@ __COPYRIGHT("@(#) Copyright (c) 1985, 19 #if 0 static char sccsid[] = "@(#)ftpd.c 8.5 (Berkeley) 4/28/95"; #else -__RCSID("$NetBSD: ftpd.c,v 1.202 2015/08/10 07:32:49 shm Exp $"); +__RCSID("$NetBSD: ftpd.c,v 1.203 2016/07/19 21:25:38 shm Exp $"); #endif #endif /* not lint */ @@ -1967,7 +1967,8 @@ getdatasock(const char *fmode) t = errno; if (! dropprivs) (void) seteuid((uid_t)pw->pw_uid); - (void) close(s); + if (s >= 0) + (void) close(s); errno = t; return (NULL); }
CVS commit: src/libexec/ftpd
Module Name:src Committed By: shm Date: Tue Jul 19 21:25:38 UTC 2016 Modified Files: src/libexec/ftpd: ftpd.c Log Message: CID 603440: ensure that closing socket exists To generate a diff of this commit: cvs rdiff -u -r1.202 -r1.203 src/libexec/ftpd/ftpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/mail.local
Module Name:src Committed By: shm Date: Tue Jul 19 13:11:39 UTC 2016 Modified Files: src/libexec/mail.local: mail.local.c Log Message: Fix race condition in deliver(), fix resource leak. To generate a diff of this commit: cvs rdiff -u -r1.26 -r1.27 src/libexec/mail.local/mail.local.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/mail.local/mail.local.c diff -u src/libexec/mail.local/mail.local.c:1.26 src/libexec/mail.local/mail.local.c:1.27 --- src/libexec/mail.local/mail.local.c:1.26 Sat Aug 27 15:40:31 2011 +++ src/libexec/mail.local/mail.local.c Tue Jul 19 13:11:38 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: mail.local.c,v 1.26 2011/08/27 15:40:31 joerg Exp $ */ +/* $NetBSD: mail.local.c,v 1.27 2016/07/19 13:11:38 shm Exp $ */ /*- * Copyright (c) 1990, 1993, 1994 @@ -36,7 +36,7 @@ __COPYRIGHT("@(#) Copyright (c) 1990, 19 #if 0 static char sccsid[] = "@(#)mail.local.c 8.22 (Berkeley) 6/21/95"; #else -__RCSID("$NetBSD: mail.local.c,v 1.26 2011/08/27 15:40:31 joerg Exp $"); +__RCSID("$NetBSD: mail.local.c,v 1.27 2016/07/19 13:11:38 shm Exp $"); #endif #endif /* not lint */ @@ -169,7 +169,8 @@ store(const char *from) (void)fflush(fp); if (ferror(fp)) logerr(EX_OSERR, "temporary file write error"); - fd = dup(fd); + if ((fd = dup(fd)) == -1) + logerr(EX_OSERR, "dup failed"); (void)fclose(fp); return(fd); } @@ -177,10 +178,10 @@ store(const char *from) static int deliver(int fd, char *name, int lockfile) { - struct stat sb; + struct stat sb, nsb; struct passwd pwres, *pw; char pwbuf[1024]; - int created, mbfd, nr, nw, off, rval=EX_OK, lfd=-1; + int created = 0, mbfd, nr, nw, off, rval=EX_OK, lfd = -1; char biffmsg[100], buf[8*1024], path[MAXPATHLEN], lpath[MAXPATHLEN]; off_t curoff; @@ -210,22 +211,42 @@ deliver(int fd, char *name, int lockfile } } - if (!(created = lstat(path, )) && + if ((lstat(path, ) != -1) && (sb.st_nlink != 1 || S_ISLNK(sb.st_mode))) { logwarn("%s: linked file", path); return(EX_OSERR); } if ((mbfd = open(path, O_APPEND|O_WRONLY|O_EXLOCK, - S_IRUSR|S_IWUSR)) < 0) { + S_IRUSR|S_IWUSR)) != -1) { + /* create file */ if ((mbfd = open(path, O_APPEND|O_CREAT|O_WRONLY|O_EXLOCK, - S_IRUSR|S_IWUSR)) < 0) { + S_IRUSR|S_IWUSR)) != -1) { logwarn("%s: %s", path, strerror(errno)); - return(EX_OSERR); + rval = EX_OSERR; + goto bad; + } + created = 1; + } else { + /* opened existing file, check for TOCTTOU */ + if (fstat(mbfd, ) == -1) { + rval = EX_OSERR; + goto bad; + } + + /* file is not what we expected */ + if (nsb.st_ino != sb.st_ino || nsb.st_dev != sb.st_dev) { + rval = EX_OSERR; + goto bad; } } - curoff = lseek(mbfd, 0, SEEK_END); + if ((curoff = lseek(mbfd, 0, SEEK_END)) == (off_t)-1) { + logwarn("%s: %s", path, strerror(errno)); + rval = EX_OSERR; + goto bad; + } + (void)snprintf(biffmsg, sizeof biffmsg, "%s@%lld\n", name, (long long)curoff); if (lseek(fd, 0, SEEK_SET) == (off_t)-1) { @@ -259,11 +280,14 @@ bad: close(lfd); } } - if (created) - (void)fchown(mbfd, pw->pw_uid, pw->pw_gid); - (void)fsync(mbfd); /* Don't wait for update. */ - (void)close(mbfd); /* Implicit unlock. */ + if (mbfd >= 0) { + if (created) + (void)fchown(mbfd, pw->pw_uid, pw->pw_gid); + + (void)fsync(mbfd); /* Don't wait for update. */ + (void)close(mbfd); /* Implicit unlock. */ + } if (rval == EX_OK) notifybiff(biffmsg);
CVS commit: src/libexec/mail.local
Module Name:src Committed By: shm Date: Tue Jul 19 13:11:39 UTC 2016 Modified Files: src/libexec/mail.local: mail.local.c Log Message: Fix race condition in deliver(), fix resource leak. To generate a diff of this commit: cvs rdiff -u -r1.26 -r1.27 src/libexec/mail.local/mail.local.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Tue Jul 19 09:27:40 UTC 2016 Modified Files: src/libexec/httpd: content-bozo.c Log Message: Do not send encoding header for compressed formats. To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/libexec/httpd/content-bozo.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Tue Jul 19 09:27:40 UTC 2016 Modified Files: src/libexec/httpd: content-bozo.c Log Message: Do not send encoding header for compressed formats. To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/libexec/httpd/content-bozo.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/httpd/content-bozo.c diff -u src/libexec/httpd/content-bozo.c:1.13 src/libexec/httpd/content-bozo.c:1.14 --- src/libexec/httpd/content-bozo.c:1.13 Mon Dec 28 07:37:59 2015 +++ src/libexec/httpd/content-bozo.c Tue Jul 19 09:27:40 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: content-bozo.c,v 1.13 2015/12/28 07:37:59 mrg Exp $ */ +/* $NetBSD: content-bozo.c,v 1.14 2016/07/19 09:27:40 shm Exp $ */ /* $eterna: content-bozo.c,v 1.17 2011/11/18 09:21:15 mrg Exp $ */ @@ -62,16 +62,16 @@ static bozo_content_map_t static_content { ".pac", "application/x-ns-proxy-autoconfig", "", "", NULL }, { ".pa", "application/x-ns-proxy-autoconfig", "", "", NULL }, { ".tar", "multipart/x-tar", "", "", NULL }, - { ".gtar", "multipart/x-gtar", "", "", NULL }, - { ".tar.Z", "multipart/x-tar", "x-compress", "compress", NULL }, - { ".tar.gz", "multipart/x-tar", "x-gzip", "gzip", NULL }, - { ".taz", "multipart/x-tar", "x-gzip", "gzip", NULL }, - { ".tgz", "multipart/x-tar", "x-gzip", "gzip", NULL }, - { ".tar.z", "multipart/x-tar", "x-pack", "x-pack", NULL }, - { ".Z", "application/x-compress", "x-compress", "compress", NULL }, - { ".gz", "application/x-gzip", "x-gzip", "gzip", NULL }, - { ".z", "unknown", "x-pack", "x-pack", NULL }, - { ".bz2", "application/x-bzip2", "x-bzip2", "x-bzip2", NULL }, + { ".gtar", "application/x-gtar-compressed", "", "", NULL }, + { ".tar.Z", "application/x-gtar-compressed", "", "", NULL }, + { ".tar.gz", "application/x-gtar-compressed", "", "", NULL }, + { ".taz", "application/x-gtar-compressed", "", "", NULL }, + { ".tgz", "application/x-gtar-compressed", "", "", NULL }, + { ".tar.z", "application/x-gtar-compressed", "", "", NULL }, + { ".Z", "application/x-compress", "", "", NULL }, + { ".gz", "application/x-gzip", "", "", NULL }, + { ".z", "unknown", "", "", NULL }, + { ".bz2", "application/x-bzip2", "", "", NULL }, { ".ogg", "application/x-ogg", "", "", NULL }, { ".mkv", "video/x-matroska", "", "", NULL }, { ".xbel", "text/xml", "", "", NULL },
CVS commit: src/usr.bin/newgrp
Module Name:src Committed By: shm Date: Wed Jul 13 13:10:55 UTC 2016 Modified Files: src/usr.bin/newgrp: Makefile Log Message: Add USE_FORT support. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/usr.bin/newgrp/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.sbin/sliplogin
Module Name:src Committed By: shm Date: Wed Jul 13 13:10:04 UTC 2016 Modified Files: src/usr.sbin/sliplogin: Makefile Log Message: Add USE_FORT support. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/usr.sbin/sliplogin/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.sbin/sliplogin/Makefile diff -u src/usr.sbin/sliplogin/Makefile:1.5 src/usr.sbin/sliplogin/Makefile:1.6 --- src/usr.sbin/sliplogin/Makefile:1.5 Fri Oct 17 13:36:36 1997 +++ src/usr.sbin/sliplogin/Makefile Wed Jul 13 13:10:04 2016 @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.5 1997/10/17 13:36:36 lukem Exp $ +# $NetBSD: Makefile,v 1.6 2016/07/13 13:10:04 shm Exp $ # from: @(#)Makefile 8.1 (Berkeley) 7/19/93 +USE_FORT?= yes # setuid PROG= sliplogin MAN= sliplogin.8 BINOWN= root
CVS commit: src/usr.sbin/sliplogin
Module Name:src Committed By: shm Date: Wed Jul 13 13:10:04 UTC 2016 Modified Files: src/usr.sbin/sliplogin: Makefile Log Message: Add USE_FORT support. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/usr.sbin/sliplogin/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/arch/amd64/amd64
Module Name:src Committed By: shm Date: Fri Mar 25 10:14:43 UTC 2016 Modified Files: src/sys/arch/amd64/amd64: db_disasm.c Log Message: Add support for clac and stac instructions. To generate a diff of this commit: cvs rdiff -u -r1.22 -r1.23 src/sys/arch/amd64/amd64/db_disasm.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/amd64/amd64/db_disasm.c diff -u src/sys/arch/amd64/amd64/db_disasm.c:1.22 src/sys/arch/amd64/amd64/db_disasm.c:1.23 --- src/sys/arch/amd64/amd64/db_disasm.c:1.22 Tue May 12 23:16:47 2015 +++ src/sys/arch/amd64/amd64/db_disasm.c Fri Mar 25 10:14:43 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: db_disasm.c,v 1.22 2015/05/12 23:16:47 christos Exp $ */ +/* $NetBSD: db_disasm.c,v 1.23 2016/03/25 10:14:43 shm Exp $ */ /* * Mach Operating System @@ -33,7 +33,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: db_disasm.c,v 1.22 2015/05/12 23:16:47 christos Exp $"); +__KERNEL_RCSID(0, "$NetBSD: db_disasm.c,v 1.23 2016/03/25 10:14:43 shm Exp $"); #ifndef _KERNEL #include @@ -1317,6 +1317,12 @@ db_disasm(db_addr_t loc, bool altfmt) if (ip->i_extra == (const char *)db_Grp7 && regmodrm == 0xf8) { i_name = "swapgs"; i_mode = 0; + } else if (ip->i_extra == (const char *)db_Grp7 && regmodrm == 0xcb) { + i_name = "stac"; + i_mode = 0; + } else if (ip->i_extra == (const char *)db_Grp7 && regmodrm == 0xca) { + i_name = "clac"; + i_mode = 0; } else { i_name = ((const char * const *)ip->i_extra) [f_reg(rex, regmodrm)];
CVS commit: src/sys/arch/amd64/amd64
Module Name:src Committed By: shm Date: Fri Mar 25 10:14:43 UTC 2016 Modified Files: src/sys/arch/amd64/amd64: db_disasm.c Log Message: Add support for clac and stac instructions. To generate a diff of this commit: cvs rdiff -u -r1.22 -r1.23 src/sys/arch/amd64/amd64/db_disasm.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/historical/nawk/dist
Module Name:src Committed By: shm Date: Tue Nov 3 14:15:08 UTC 2015 Modified Files: src/external/historical/nawk/dist: run.c Log Message: PR/50199 - fix for strftime called with empty string. Patch written by Juho Salminen To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 src/external/historical/nawk/dist/run.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/historical/nawk/dist/run.c diff -u src/external/historical/nawk/dist/run.c:1.8 src/external/historical/nawk/dist/run.c:1.9 --- src/external/historical/nawk/dist/run.c:1.8 Sun Dec 15 06:41:18 2013 +++ src/external/historical/nawk/dist/run.c Tue Nov 3 14:15:08 2015 @@ -1660,7 +1660,7 @@ Cell *bltin(Node **a, int n) /* builtin do { if ((buf = realloc(buf, (sz *= 2))) == NULL) FATAL("out of memory in strftime"); - } while(strftime(buf, sz, fmt, tm) == 0); + } while(strftime(buf, sz, fmt, tm) == 0 && fmt[0] != '\0'); y = gettemp(); setsval(y, buf);
CVS commit: src/external/historical/nawk/dist
Module Name:src Committed By: shm Date: Tue Nov 3 14:15:08 UTC 2015 Modified Files: src/external/historical/nawk/dist: run.c Log Message: PR/50199 - fix for strftime called with empty string. Patch written by Juho Salminen To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 src/external/historical/nawk/dist/run.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.bin/login
Module Name:src Committed By: shm Date: Thu Oct 29 11:31:52 UTC 2015 Modified Files: src/usr.bin/login: login_pam.c Log Message: - Added error checks for initgroups(3) and setgroups(2). - Reorder functions in privilege regain - setgroups(2) should be called after seteuid(2). OK christos@ To generate a diff of this commit: cvs rdiff -u -r1.24 -r1.25 src/usr.bin/login/login_pam.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.bin/login
Module Name:src Committed By: shm Date: Thu Oct 29 11:31:52 UTC 2015 Modified Files: src/usr.bin/login: login_pam.c Log Message: - Added error checks for initgroups(3) and setgroups(2). - Reorder functions in privilege regain - setgroups(2) should be called after seteuid(2). OK christos@ To generate a diff of this commit: cvs rdiff -u -r1.24 -r1.25 src/usr.bin/login/login_pam.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/login/login_pam.c diff -u src/usr.bin/login/login_pam.c:1.24 src/usr.bin/login/login_pam.c:1.25 --- src/usr.bin/login/login_pam.c:1.24 Wed Nov 12 22:23:38 2014 +++ src/usr.bin/login/login_pam.c Thu Oct 29 11:31:52 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: login_pam.c,v 1.24 2014/11/12 22:23:38 aymeric Exp $ */ +/* $NetBSD: login_pam.c,v 1.25 2015/10/29 11:31:52 shm Exp $ */ /*- * Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994 @@ -39,7 +39,7 @@ __COPYRIGHT("@(#) Copyright (c) 1980, 19 #if 0 static char sccsid[] = "@(#)login.c 8.4 (Berkeley) 4/2/94"; #endif -__RCSID("$NetBSD: login_pam.c,v 1.24 2014/11/12 22:23:38 aymeric Exp $"); +__RCSID("$NetBSD: login_pam.c,v 1.25 2015/10/29 11:31:52 shm Exp $"); #endif /* not lint */ /* @@ -420,7 +420,11 @@ skip_auth: nsaved_gids = getgroups(NGROUPS_MAX, saved_gids); (void)setegid(pwd->pw_gid); - initgroups(username, pwd->pw_gid); + if (initgroups(username, pwd->pw_gid) == -1) { + syslog(LOG_ERR, "initgroups failed"); + pam_end(pamh, PAM_SUCCESS); + exit(EXIT_FAILURE); + } (void)seteuid(pwd->pw_uid); if (chdir(pwd->pw_dir) != 0) { @@ -446,9 +450,13 @@ skip_auth: } /* regain special privileges */ - setegid(saved_gid); - setgroups(nsaved_gids, saved_gids); - seteuid(saved_uid); + (void)setegid(saved_gid); + (void)seteuid(saved_uid); + if (setgroups(nsaved_gids, saved_gids) == -1) { + syslog(LOG_ERR, "setgroups failed: %m"); + pam_end(pamh, PAM_SUCCESS); + exit(EXIT_FAILURE); + } (void)getgrnam_r(TTYGRPNAME, , grbuf, sizeof(grbuf), ); (void)chown(ttyn, pwd->pw_uid,
CVS commit: src/usr.bin/rlogin
Module Name:src Committed By: shm Date: Wed Oct 28 08:15:53 UTC 2015 Modified Files: src/usr.bin/rlogin: rlogin.c Log Message: Added missing sa_mask initialization (CID 979636) OK kamil@ mrg@ To generate a diff of this commit: cvs rdiff -u -r1.43 -r1.44 src/usr.bin/rlogin/rlogin.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/rlogin/rlogin.c diff -u src/usr.bin/rlogin/rlogin.c:1.43 src/usr.bin/rlogin/rlogin.c:1.44 --- src/usr.bin/rlogin/rlogin.c:1.43 Sat Mar 2 18:37:19 2013 +++ src/usr.bin/rlogin/rlogin.c Wed Oct 28 08:15:53 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: rlogin.c,v 1.43 2013/03/02 18:37:19 wiz Exp $ */ +/* $NetBSD: rlogin.c,v 1.44 2015/10/28 08:15:53 shm Exp $ */ /* * Copyright (c) 1983, 1990, 1993 @@ -39,7 +39,7 @@ __COPYRIGHT("@(#) Copyright (c) 1983, 19 #if 0 static char sccsid[] = "@(#)rlogin.c 8.4 (Berkeley) 4/29/95"; #else -__RCSID("$NetBSD: rlogin.c,v 1.43 2013/03/02 18:37:19 wiz Exp $"); +__RCSID("$NetBSD: rlogin.c,v 1.44 2015/10/28 08:15:53 shm Exp $"); #endif #endif /* not lint */ @@ -741,6 +741,7 @@ lostpeer(int signo) struct sigaction sa; sa.sa_flags = SA_RESTART; sa.sa_handler = SIG_IGN; + sigemptyset(_mask); (void)sigaction(SIGPIPE, , (struct sigaction *)0); msg("\aconnection closed."); done(1);
CVS commit: src/usr.bin/rlogin
Module Name:src Committed By: shm Date: Wed Oct 28 08:15:53 UTC 2015 Modified Files: src/usr.bin/rlogin: rlogin.c Log Message: Added missing sa_mask initialization (CID 979636) OK kamil@ mrg@ To generate a diff of this commit: cvs rdiff -u -r1.43 -r1.44 src/usr.bin/rlogin/rlogin.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.bin/login
Module Name:src Committed By: shm Date: Wed Oct 28 07:27:24 UTC 2015 Modified Files: src/usr.bin/login: common.c Log Message: Fixed off-by-one in decode_ss (CID 977426) To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/usr.bin/login/common.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/login/common.c diff -u src/usr.bin/login/common.c:1.7 src/usr.bin/login/common.c:1.8 --- src/usr.bin/login/common.c:1.7 Tue Oct 27 14:53:00 2015 +++ src/usr.bin/login/common.c Wed Oct 28 07:27:24 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: common.c,v 1.7 2015/10/27 14:53:00 shm Exp $ */ +/* $NetBSD: common.c,v 1.8 2015/10/28 07:27:24 shm Exp $ */ /*- * Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994 @@ -29,7 +29,7 @@ * SUCH DAMAGE. */ #include -__RCSID("$NetBSD: common.c,v 1.7 2015/10/27 14:53:00 shm Exp $"); +__RCSID("$NetBSD: common.c,v 1.8 2015/10/28 07:27:24 shm Exp $"); #include #include @@ -390,7 +390,7 @@ decode_ss(const char *arg) if (len > sizeof(*ssp) * 4 + 1 || len < sizeof(*ssp)) errx(EXIT_FAILURE, "Bad argument"); - if ((ssp = malloc(len)) == NULL) + if ((ssp = malloc(len + 1)) == NULL) err(EXIT_FAILURE, NULL); if (strunvis((char *)ssp, arg) != sizeof(*ssp))
CVS commit: src/usr.bin/login
Module Name:src Committed By: shm Date: Wed Oct 28 07:27:24 UTC 2015 Modified Files: src/usr.bin/login: common.c Log Message: Fixed off-by-one in decode_ss (CID 977426) To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/usr.bin/login/common.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Wed Oct 28 09:20:15 UTC 2015 Modified Files: src/libexec/httpd: CHANGES auth-bozo.c bozohttpd.8 bozohttpd.c bozohttpd.h cgi-bozo.c dir-index-bozo.c main.c tilde-luzah-bozo.c src/libexec/httpd/lua: bozo.lua Log Message: * add CGI support for ~user translation (-E switch) * add redirects to ~user translation * fix bugs around ~user translation * add schema detection for absolute redirects * fixed few memory leaks * bunch of minor tweaks * removed -r support * smarter redirects OK mrg@ To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/libexec/httpd/CHANGES cvs rdiff -u -r1.16 -r1.17 src/libexec/httpd/auth-bozo.c cvs rdiff -u -r1.53 -r1.54 src/libexec/httpd/bozohttpd.8 cvs rdiff -u -r1.66 -r1.67 src/libexec/httpd/bozohttpd.c cvs rdiff -u -r1.37 -r1.38 src/libexec/httpd/bozohttpd.h cvs rdiff -u -r1.27 -r1.28 src/libexec/httpd/cgi-bozo.c cvs rdiff -u -r1.21 -r1.22 src/libexec/httpd/dir-index-bozo.c cvs rdiff -u -r1.8 -r1.9 src/libexec/httpd/main.c cvs rdiff -u -r1.11 -r1.12 src/libexec/httpd/tilde-luzah-bozo.c cvs rdiff -u -r1.1.1.1 -r1.2 src/libexec/httpd/lua/bozo.lua Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/httpd/CHANGES diff -u src/libexec/httpd/CHANGES:1.20 src/libexec/httpd/CHANGES:1.21 --- src/libexec/httpd/CHANGES:1.20 Fri Mar 20 19:54:53 2015 +++ src/libexec/httpd/CHANGES Wed Oct 28 09:20:15 2015 @@ -1,5 +1,15 @@ $eterna: CHANGES,v 1.78 2011/11/18 01:25:11 mrg Exp $ +changes in bozohttpd 20151028: + o add CGI support for ~user translation (-E switch) + o add redirects to ~user translation + o fix bugs around ~user translation + o add schema detection for absolute redirects + o fixed few memory leaks + o bunch of minor tweaks + o removed -r support + o smarter redirects + changes in bozohttpd 20150320: o fix redirection handling o support transport stream (.ts) and video object (.vob) files Index: src/libexec/httpd/auth-bozo.c diff -u src/libexec/httpd/auth-bozo.c:1.16 src/libexec/httpd/auth-bozo.c:1.17 --- src/libexec/httpd/auth-bozo.c:1.16 Fri Dec 26 19:52:00 2014 +++ src/libexec/httpd/auth-bozo.c Wed Oct 28 09:20:15 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: auth-bozo.c,v 1.16 2014/12/26 19:52:00 mrg Exp $ */ +/* $NetBSD: auth-bozo.c,v 1.17 2015/10/28 09:20:15 shm Exp $ */ /* $eterna: auth-bozo.c,v 1.17 2011/11/18 09:21:15 mrg Exp $ */ @@ -190,8 +190,7 @@ bozo_auth_check_401(bozo_httpreq_t *requ if (code == 401) bozo_printf(httpd, "WWW-Authenticate: Basic realm=\"%s\"\r\n", - (request && request->hr_authrealm) ? -request->hr_authrealm : "default realm"); + request->hr_authrealm ? request->hr_authrealm : "default realm"); } #ifndef NO_CGIBIN_SUPPORT Index: src/libexec/httpd/bozohttpd.8 diff -u src/libexec/httpd/bozohttpd.8:1.53 src/libexec/httpd/bozohttpd.8:1.54 --- src/libexec/httpd/bozohttpd.8:1.53 Thu Aug 13 12:30:08 2015 +++ src/libexec/httpd/bozohttpd.8 Wed Oct 28 09:20:15 2015 @@ -1,4 +1,4 @@ -.\" $NetBSD: bozohttpd.8,v 1.53 2015/08/13 12:30:08 wiz Exp $ +.\" $NetBSD: bozohttpd.8,v 1.54 2015/10/28 09:20:15 shm Exp $ .\" .\" $eterna: bozohttpd.8,v 1.101 2011/11/18 01:25:11 mrg Exp $ .\" @@ -111,9 +111,11 @@ is a valid CGI program in the directory. In other words, all CGI URL's must begin with .Em \%/cgi-bin/ . -Note that the CGI/1.1 interface is not available with +Note that the CGI/1.1 interface is available with .Em ~user -translation. +translation using +.Fl E +switch. .It Fl e Causes .Nm @@ -223,15 +225,6 @@ translations from .Dq public_html to .Ar pubdir . -.It Fl r -Forces pages besides the -.Dq index.html -(see the -.Fl X -option) page to require that the Referrer: header be present and -refer to this web server, otherwise a redirect to the -.Dq index.html -page will be returned instead. .It Fl S Ar server_software Sets the internal server version to .Ar server_software . @@ -270,6 +263,12 @@ into the directory (but see the .Fl p option above). +.It Fl E +Enables CGI/1.1 interface for +.Em ~user +translation. +Note that enabling this support implies that users can run +commands as web server user, this may have security implications. .It Fl V Sets the default virtual host directory to .Ar slashdir . @@ -462,12 +461,23 @@ symbolic link is found, .Nm will perform a smart redirect to the target of this symlink. The target is assumed to live on the same server. +If target starts with slash then absolute redirection is performed, +otherwise it's handled as relative. If a .Pa .bzabsredirect symbolic link is found, .Nm will redirect to the absolute url pointed to by this symlink. This is useful to redirect to different servers. +Two forms of redirection are supported - symbolic link without schema will use +.Em http:// +as default i.e. link to +.Em NetBSD.org +will redirect to +.Em http://NetBSD.org/ +Otherwise provided
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Wed Oct 28 09:20:15 UTC 2015 Modified Files: src/libexec/httpd: CHANGES auth-bozo.c bozohttpd.8 bozohttpd.c bozohttpd.h cgi-bozo.c dir-index-bozo.c main.c tilde-luzah-bozo.c src/libexec/httpd/lua: bozo.lua Log Message: * add CGI support for ~user translation (-E switch) * add redirects to ~user translation * fix bugs around ~user translation * add schema detection for absolute redirects * fixed few memory leaks * bunch of minor tweaks * removed -r support * smarter redirects OK mrg@ To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/libexec/httpd/CHANGES cvs rdiff -u -r1.16 -r1.17 src/libexec/httpd/auth-bozo.c cvs rdiff -u -r1.53 -r1.54 src/libexec/httpd/bozohttpd.8 cvs rdiff -u -r1.66 -r1.67 src/libexec/httpd/bozohttpd.c cvs rdiff -u -r1.37 -r1.38 src/libexec/httpd/bozohttpd.h cvs rdiff -u -r1.27 -r1.28 src/libexec/httpd/cgi-bozo.c cvs rdiff -u -r1.21 -r1.22 src/libexec/httpd/dir-index-bozo.c cvs rdiff -u -r1.8 -r1.9 src/libexec/httpd/main.c cvs rdiff -u -r1.11 -r1.12 src/libexec/httpd/tilde-luzah-bozo.c cvs rdiff -u -r1.1.1.1 -r1.2 src/libexec/httpd/lua/bozo.lua Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.bin/chpass
Module Name:src Committed By: shm Date: Tue Oct 27 14:47:45 UTC 2015 Modified Files: src/usr.bin/chpass: edit.c Log Message: Fixed memory leak (CID 978341) OK kamil@ To generate a diff of this commit: cvs rdiff -u -r1.21 -r1.22 src/usr.bin/chpass/edit.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.bin/chpass
Module Name:src Committed By: shm Date: Tue Oct 27 14:47:45 UTC 2015 Modified Files: src/usr.bin/chpass: edit.c Log Message: Fixed memory leak (CID 978341) OK kamil@ To generate a diff of this commit: cvs rdiff -u -r1.21 -r1.22 src/usr.bin/chpass/edit.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/chpass/edit.c diff -u src/usr.bin/chpass/edit.c:1.21 src/usr.bin/chpass/edit.c:1.22 --- src/usr.bin/chpass/edit.c:1.21 Wed Aug 31 16:24:57 2011 +++ src/usr.bin/chpass/edit.c Tue Oct 27 14:47:45 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: edit.c,v 1.21 2011/08/31 16:24:57 plunky Exp $ */ +/* $NetBSD: edit.c,v 1.22 2015/10/27 14:47:45 shm Exp $ */ /*- * Copyright (c) 1990, 1993, 1994 @@ -34,7 +34,7 @@ #if 0 static char sccsid[] = "@(#)edit.c 8.3 (Berkeley) 4/2/94"; #else -__RCSID("$NetBSD: edit.c,v 1.21 2011/08/31 16:24:57 plunky Exp $"); +__RCSID("$NetBSD: edit.c,v 1.22 2015/10/27 14:47:45 shm Exp $"); #endif #endif /* not lint */ @@ -139,6 +139,7 @@ display(char *tempname, int fd, struct p (void)fchown(fd, getuid(), getgid()); (void)fclose(fp); + free(bp); } int
CVS commit: src/usr.bin/login
Module Name:src Committed By: shm Date: Tue Oct 27 14:53:00 UTC 2015 Modified Files: src/usr.bin/login: common.c Log Message: Added namelen initialization in getpeername(3) call (CID 979631) OK kamil@ To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/usr.bin/login/common.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.bin/login
Module Name:src Committed By: shm Date: Tue Oct 27 14:53:00 UTC 2015 Modified Files: src/usr.bin/login: common.c Log Message: Added namelen initialization in getpeername(3) call (CID 979631) OK kamil@ To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/usr.bin/login/common.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/login/common.c diff -u src/usr.bin/login/common.c:1.6 src/usr.bin/login/common.c:1.7 --- src/usr.bin/login/common.c:1.6 Sat May 19 00:02:44 2012 +++ src/usr.bin/login/common.c Tue Oct 27 14:53:00 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: common.c,v 1.6 2012/05/19 00:02:44 christos Exp $ */ +/* $NetBSD: common.c,v 1.7 2015/10/27 14:53:00 shm Exp $ */ /*- * Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994 @@ -29,7 +29,7 @@ * SUCH DAMAGE. */ #include -__RCSID("$NetBSD: common.c,v 1.6 2012/05/19 00:02:44 christos Exp $"); +__RCSID("$NetBSD: common.c,v 1.7 2015/10/27 14:53:00 shm Exp $"); #include #include @@ -173,6 +173,7 @@ update_db(int quietlog, int rootlogin, i int remote; hname = (hostname == NULL) ? "?" : hostname; + alen = sizeof(ass); if (getpeername(STDIN_FILENO, (struct sockaddr *), ) != -1) { (void)sockaddr_snprintf(assbuf, sizeof(assbuf), "%A (%a)", (void *));
CVS commit: src/usr.sbin/traceroute
Module Name:src Committed By: shm Date: Mon Oct 26 08:53:45 UTC 2015 Modified Files: src/usr.sbin/traceroute: traceroute.c Log Message: Added missed break statement. (Missed break in -z option implicitly implies -P option) To generate a diff of this commit: cvs rdiff -u -r1.81 -r1.82 src/usr.sbin/traceroute/traceroute.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.sbin/traceroute
Module Name:src Committed By: shm Date: Mon Oct 26 08:53:45 UTC 2015 Modified Files: src/usr.sbin/traceroute: traceroute.c Log Message: Added missed break statement. (Missed break in -z option implicitly implies -P option) To generate a diff of this commit: cvs rdiff -u -r1.81 -r1.82 src/usr.sbin/traceroute/traceroute.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.sbin/traceroute/traceroute.c diff -u src/usr.sbin/traceroute/traceroute.c:1.81 src/usr.sbin/traceroute/traceroute.c:1.82 --- src/usr.sbin/traceroute/traceroute.c:1.81 Thu Aug 16 00:40:28 2012 +++ src/usr.sbin/traceroute/traceroute.c Mon Oct 26 08:53:45 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: traceroute.c,v 1.81 2012/08/16 00:40:28 zafer Exp $ */ +/* $NetBSD: traceroute.c,v 1.82 2015/10/26 08:53:45 shm Exp $ */ /* * Copyright (c) 1988, 1989, 1991, 1994, 1995, 1996, 1997, 1998, 1999, 2000 @@ -30,7 +30,7 @@ static const char rcsid[] = __COPYRIGHT("@(#) Copyright (c) 1988, 1989, 1991, 1994, 1995, 1996, 1997,\ 1998, 1999, 2000\ The Regents of the University of California. All rights reserved."); -__RCSID("$NetBSD: traceroute.c,v 1.81 2012/08/16 00:40:28 zafer Exp $"); +__RCSID("$NetBSD: traceroute.c,v 1.82 2015/10/26 08:53:45 shm Exp $"); #endif #endif @@ -607,6 +607,7 @@ main(int argc, char **argv) case 'z': pausemsecs = str2val(optarg, "pause msecs", 0, 60 * 60 * 1000); + break; case 'P': off = IP_DF;
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Thu Aug 13 09:00:29 UTC 2015 Modified Files: src/libexec/httpd: bozohttpd.8 Log Message: Extend AUTHORS section. Nobody likes a braggart. OK mrg@ To generate a diff of this commit: cvs rdiff -u -r1.51 -r1.52 src/libexec/httpd/bozohttpd.8 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/httpd/bozohttpd.8 diff -u src/libexec/httpd/bozohttpd.8:1.51 src/libexec/httpd/bozohttpd.8:1.52 --- src/libexec/httpd/bozohttpd.8:1.51 Sat May 2 11:35:48 2015 +++ src/libexec/httpd/bozohttpd.8 Thu Aug 13 09:00:29 2015 @@ -1,4 +1,4 @@ -.\ $NetBSD: bozohttpd.8,v 1.51 2015/05/02 11:35:48 mrg Exp $ +.\ $NetBSD: bozohttpd.8,v 1.52 2015/08/13 09:00:29 shm Exp $ .\ .\ $eterna: bozohttpd.8,v 1.101 2011/11/18 01:25:11 mrg Exp $ .\ @@ -597,8 +597,9 @@ provided many fixes and enhancements for .It .An Mateusz Kocielski .Aq Mt s...@netbsd.org -fixed memory leaks, information disclosure issues and added support -for using CGI handlers with directory indexing. +fixed memory leaks, various issues with userdir support, +information disclosure issues, added support for using CGI handlers +with directory indexing and provided various other fixes. .It .An Arnaud Lacombe .Aq Mt a...@netbsd.org
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Thu Aug 13 09:00:29 UTC 2015 Modified Files: src/libexec/httpd: bozohttpd.8 Log Message: Extend AUTHORS section. Nobody likes a braggart. OK mrg@ To generate a diff of this commit: cvs rdiff -u -r1.51 -r1.52 src/libexec/httpd/bozohttpd.8 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/ftpd
Module Name:src Committed By: shm Date: Mon Aug 10 07:45:50 UTC 2015 Modified Files: src/libexec/ftpd: ftpcmd.y Log Message: Use explicit_memset(3) instead of memset(3) to clear password To generate a diff of this commit: cvs rdiff -u -r1.93 -r1.94 src/libexec/ftpd/ftpcmd.y Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/ftpd
Module Name:src Committed By: shm Date: Mon Aug 10 07:45:50 UTC 2015 Modified Files: src/libexec/ftpd: ftpcmd.y Log Message: Use explicit_memset(3) instead of memset(3) to clear password To generate a diff of this commit: cvs rdiff -u -r1.93 -r1.94 src/libexec/ftpd/ftpcmd.y Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/ftpd/ftpcmd.y diff -u src/libexec/ftpd/ftpcmd.y:1.93 src/libexec/ftpd/ftpcmd.y:1.94 --- src/libexec/ftpd/ftpcmd.y:1.93 Fri Sep 16 16:13:17 2011 +++ src/libexec/ftpd/ftpcmd.y Mon Aug 10 07:45:50 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: ftpcmd.y,v 1.93 2011/09/16 16:13:17 plunky Exp $ */ +/* $NetBSD: ftpcmd.y,v 1.94 2015/08/10 07:45:50 shm Exp $ */ /*- * Copyright (c) 1997-2009 The NetBSD Foundation, Inc. @@ -72,7 +72,7 @@ #if 0 static char sccsid[] = @(#)ftpcmd.y 8.3 (Berkeley) 4/6/94; #else -__RCSID($NetBSD: ftpcmd.y,v 1.93 2011/09/16 16:13:17 plunky Exp $); +__RCSID($NetBSD: ftpcmd.y,v 1.94 2015/08/10 07:45:50 shm Exp $); #endif #endif /* not lint */ @@ -193,7 +193,7 @@ cmd | PASS SP password CRLF { pass($3); - memset($3, 0, strlen($3)); + explicit_memset($3, 0, strlen($3)); free($3); }
CVS commit: src/libexec/ftpd
Module Name:src Committed By: shm Date: Mon Aug 10 07:32:49 UTC 2015 Modified Files: src/libexec/ftpd: cmds.c ftpd.c Log Message: Fix directory stream leaks To generate a diff of this commit: cvs rdiff -u -r1.33 -r1.34 src/libexec/ftpd/cmds.c cvs rdiff -u -r1.201 -r1.202 src/libexec/ftpd/ftpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/ftpd/cmds.c diff -u src/libexec/ftpd/cmds.c:1.33 src/libexec/ftpd/cmds.c:1.34 --- src/libexec/ftpd/cmds.c:1.33 Wed Jul 3 14:15:47 2013 +++ src/libexec/ftpd/cmds.c Mon Aug 10 07:32:49 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: cmds.c,v 1.33 2013/07/03 14:15:47 christos Exp $ */ +/* $NetBSD: cmds.c,v 1.34 2015/08/10 07:32:49 shm Exp $ */ /* * Copyright (c) 1999-2009 The NetBSD Foundation, Inc. @@ -90,7 +90,7 @@ #include sys/cdefs.h #ifndef lint -__RCSID($NetBSD: cmds.c,v 1.33 2013/07/03 14:15:47 christos Exp $); +__RCSID($NetBSD: cmds.c,v 1.34 2015/08/10 07:32:49 shm Exp $); #endif /* not lint */ #include sys/param.h @@ -249,8 +249,10 @@ mlsd(const char *path) goto mlsdperror; dout = dataconn(MLSD, (off_t)-1, w); - if (dout == NULL) + if (dout == NULL) { + (void) closedir(dirp); return; + } memset(f, 0, sizeof(f)); f.stat = sb; Index: src/libexec/ftpd/ftpd.c diff -u src/libexec/ftpd/ftpd.c:1.201 src/libexec/ftpd/ftpd.c:1.202 --- src/libexec/ftpd/ftpd.c:1.201 Sun Jan 25 15:53:49 2015 +++ src/libexec/ftpd/ftpd.c Mon Aug 10 07:32:49 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: ftpd.c,v 1.201 2015/01/25 15:53:49 christos Exp $ */ +/* $NetBSD: ftpd.c,v 1.202 2015/08/10 07:32:49 shm Exp $ */ /* * Copyright (c) 1997-2009 The NetBSD Foundation, Inc. @@ -97,7 +97,7 @@ __COPYRIGHT(@(#) Copyright (c) 1985, 19 #if 0 static char sccsid[] = @(#)ftpd.c 8.5 (Berkeley) 4/28/95; #else -__RCSID($NetBSD: ftpd.c,v 1.201 2015/01/25 15:53:49 christos Exp $); +__RCSID($NetBSD: ftpd.c,v 1.202 2015/08/10 07:32:49 shm Exp $); #endif #endif /* not lint */ @@ -3482,8 +3482,10 @@ send_file_list(const char *whichf) while ((dir = readdir(dirp)) != NULL) { char nbuf[MAXPATHLEN]; - if (urgflag handleoobcmd()) + if (urgflag handleoobcmd()) { +(void) closedir(dirp); goto cleanup_send_file_list; + } if (ISDOTDIR(dir-d_name) || ISDOTDOTDIR(dir-d_name)) continue; @@ -3506,8 +3508,10 @@ send_file_list(const char *whichf) if (dout == NULL) { dout = dataconn(file list, (off_t)-1, w); - if (dout == NULL) + if (dout == NULL) { + (void) closedir(dirp); goto cleanup_send_file_list; + } transflag = 1; } p = nbuf;
CVS commit: src/libexec/ftpd
Module Name:src Committed By: shm Date: Mon Aug 10 07:32:49 UTC 2015 Modified Files: src/libexec/ftpd: cmds.c ftpd.c Log Message: Fix directory stream leaks To generate a diff of this commit: cvs rdiff -u -r1.33 -r1.34 src/libexec/ftpd/cmds.c cvs rdiff -u -r1.201 -r1.202 src/libexec/ftpd/ftpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.bin/error
Module Name:src Committed By: shm Date: Sun Aug 9 09:49:25 UTC 2015 Modified Files: src/usr.bin/error: filter.c Log Message: Remove unnecessary fclose(3) call To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 src/usr.bin/error/filter.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/error/filter.c diff -u src/usr.bin/error/filter.c:1.15 src/usr.bin/error/filter.c:1.16 --- src/usr.bin/error/filter.c:1.15 Thu Aug 13 05:53:58 2009 +++ src/usr.bin/error/filter.c Sun Aug 9 09:49:25 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: filter.c,v 1.15 2009/08/13 05:53:58 dholland Exp $ */ +/* $NetBSD: filter.c,v 1.16 2015/08/09 09:49:25 shm Exp $ */ /* * Copyright (c) 1980, 1993 @@ -34,7 +34,7 @@ #if 0 static char sccsid[] = @(#)filter.c 8.1 (Berkeley) 6/6/93; #endif -__RCSID($NetBSD: filter.c,v 1.15 2009/08/13 05:53:58 dholland Exp $); +__RCSID($NetBSD: filter.c,v 1.16 2015/08/09 09:49:25 shm Exp $); #endif /* not lint */ #include sys/param.h @@ -108,7 +108,6 @@ getignored(const char *auxname) fgets(inbuffer, sizeof(inbuffer)-1, fyle) != NULL; nignored++) continue; names_ignored = Calloc(nignored+1, sizeof (char *)); - fclose(fyle); if (freopen(filename, r, fyle) == NULL) { #ifdef FULLDEBUG fprintf(stderr, %s: Failure to open \%s\ for second read.\n,
CVS commit: src/usr.bin/error
Module Name:src Committed By: shm Date: Sun Aug 9 09:49:25 UTC 2015 Modified Files: src/usr.bin/error: filter.c Log Message: Remove unnecessary fclose(3) call To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 src/usr.bin/error/filter.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/ftpd
Module Name:src Committed By: shm Date: Sun Aug 9 12:17:30 UTC 2015 Modified Files: src/libexec/ftpd: logwtmp.c Log Message: Clear utmpx struct before writing it to wtmpx files To generate a diff of this commit: cvs rdiff -u -r1.25 -r1.26 src/libexec/ftpd/logwtmp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/ftpd/logwtmp.c diff -u src/libexec/ftpd/logwtmp.c:1.25 src/libexec/ftpd/logwtmp.c:1.26 --- src/libexec/ftpd/logwtmp.c:1.25 Sat Sep 23 16:03:50 2006 +++ src/libexec/ftpd/logwtmp.c Sun Aug 9 12:17:30 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: logwtmp.c,v 1.25 2006/09/23 16:03:50 xtraeme Exp $ */ +/* $NetBSD: logwtmp.c,v 1.26 2015/08/09 12:17:30 shm Exp $ */ /* * Copyright (c) 1988, 1993 @@ -36,7 +36,7 @@ #if 0 static char sccsid[] = @(#)logwtmp.c 8.1 (Berkeley) 6/4/93; #else -__RCSID($NetBSD: logwtmp.c,v 1.25 2006/09/23 16:03:50 xtraeme Exp $); +__RCSID($NetBSD: logwtmp.c,v 1.26 2015/08/09 12:17:30 shm Exp $); #endif #endif /* not lint */ @@ -124,6 +124,7 @@ ftpd_logwtmpx(const char *line, const ch if (fdx 0) return; if (fstat(fdx, buf) == 0) { + (void)memset(ut, 0, sizeof(ut)); (void)strncpy(ut.ut_line, line, sizeof(ut.ut_line)); (void)strncpy(ut.ut_name, name, sizeof(ut.ut_name)); (void)strncpy(ut.ut_host, host, sizeof(ut.ut_host));
CVS commit: src/libexec/ftpd
Module Name:src Committed By: shm Date: Sun Aug 9 12:17:30 UTC 2015 Modified Files: src/libexec/ftpd: logwtmp.c Log Message: Clear utmpx struct before writing it to wtmpx files To generate a diff of this commit: cvs rdiff -u -r1.25 -r1.26 src/libexec/ftpd/logwtmp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.bin/su
Module Name:src Committed By: shm Date: Sun Aug 9 09:39:21 UTC 2015 Modified Files: src/usr.bin/su: su_pam.c Log Message: Do not use pamh after pam_end. It's cosmetic change since pam_strerror ignores that parameter. To generate a diff of this commit: cvs rdiff -u -r1.19 -r1.20 src/usr.bin/su/su_pam.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/su/su_pam.c diff -u src/usr.bin/su/su_pam.c:1.19 src/usr.bin/su/su_pam.c:1.20 --- src/usr.bin/su/su_pam.c:1.19 Sat Jun 29 05:08:35 2013 +++ src/usr.bin/su/su_pam.c Sun Aug 9 09:39:21 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: su_pam.c,v 1.19 2013/06/29 05:08:35 mlelstv Exp $ */ +/* $NetBSD: su_pam.c,v 1.20 2015/08/09 09:39:21 shm Exp $ */ /* * Copyright (c) 1988 The Regents of the University of California. @@ -39,7 +39,7 @@ __COPYRIGHT(@(#) Copyright (c) 1988\ #if 0 static char sccsid[] = @(#)su.c 8.3 (Berkeley) 4/2/94;*/ #else -__RCSID($NetBSD: su_pam.c,v 1.19 2013/06/29 05:08:35 mlelstv Exp $); +__RCSID($NetBSD: su_pam.c,v 1.20 2015/08/09 09:39:21 shm Exp $); #endif #endif /* not lint */ @@ -253,7 +253,7 @@ main(int argc, char **argv) syslog(LOG_WARNING, BAD SU %s to %s%s: %s, username, user, ontty(), safe_pam_strerror(pamh, pam_err)); (void)pam_end(pamh, pam_err); - errx(EXIT_FAILURE, Sorry: %s, safe_pam_strerror(pamh, pam_err)); + errx(EXIT_FAILURE, Sorry: %s, safe_pam_strerror(NULL, pam_err)); } /*
CVS commit: src/usr.bin/su
Module Name:src Committed By: shm Date: Sun Aug 9 09:39:21 UTC 2015 Modified Files: src/usr.bin/su: su_pam.c Log Message: Do not use pamh after pam_end. It's cosmetic change since pam_strerror ignores that parameter. To generate a diff of this commit: cvs rdiff -u -r1.19 -r1.20 src/usr.bin/su/su_pam.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/ftpd
Module Name:src Committed By: shm Date: Sun Aug 9 20:34:24 UTC 2015 Modified Files: src/libexec/ftpd: logwtmp.c Log Message: Removed unnecessary memset(3) call To generate a diff of this commit: cvs rdiff -u -r1.26 -r1.27 src/libexec/ftpd/logwtmp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/ftpd/logwtmp.c diff -u src/libexec/ftpd/logwtmp.c:1.26 src/libexec/ftpd/logwtmp.c:1.27 --- src/libexec/ftpd/logwtmp.c:1.26 Sun Aug 9 12:17:30 2015 +++ src/libexec/ftpd/logwtmp.c Sun Aug 9 20:34:24 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: logwtmp.c,v 1.26 2015/08/09 12:17:30 shm Exp $ */ +/* $NetBSD: logwtmp.c,v 1.27 2015/08/09 20:34:24 shm Exp $ */ /* * Copyright (c) 1988, 1993 @@ -36,7 +36,7 @@ #if 0 static char sccsid[] = @(#)logwtmp.c 8.1 (Berkeley) 6/4/93; #else -__RCSID($NetBSD: logwtmp.c,v 1.26 2015/08/09 12:17:30 shm Exp $); +__RCSID($NetBSD: logwtmp.c,v 1.27 2015/08/09 20:34:24 shm Exp $); #endif #endif /* not lint */ @@ -130,8 +130,6 @@ ftpd_logwtmpx(const char *line, const ch (void)strncpy(ut.ut_host, host, sizeof(ut.ut_host)); if (haddr) (void)memcpy(ut.ut_ss, haddr-si_su, haddr-su_len); - else - (void)memset(ut.ut_ss, 0, sizeof(ut.ut_ss)); ut.ut_type = utx_type; if (WIFEXITED(status)) ut.ut_exit.e_exit = (uint16_t)WEXITSTATUS(status);
CVS commit: src/libexec/ftpd
Module Name:src Committed By: shm Date: Sun Aug 9 20:34:24 UTC 2015 Modified Files: src/libexec/ftpd: logwtmp.c Log Message: Removed unnecessary memset(3) call To generate a diff of this commit: cvs rdiff -u -r1.26 -r1.27 src/libexec/ftpd/logwtmp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/libsaslc/dist/src
Module Name:src Committed By: shm Date: Sat Aug 8 12:34:33 UTC 2015 Modified Files: src/crypto/external/bsd/libsaslc/dist/src: parser.c Log Message: Fixed memory leak on comments To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/libsaslc/dist/src/parser.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/libsaslc/dist/src
Module Name:src Committed By: shm Date: Sat Aug 8 10:38:35 UTC 2015 Modified Files: src/crypto/external/bsd/libsaslc/dist/src: xsess.c Log Message: Fix various minor memory leaks on errors To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/libsaslc/dist/src/xsess.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/libsaslc/dist/src/xsess.c diff -u src/crypto/external/bsd/libsaslc/dist/src/xsess.c:1.7 src/crypto/external/bsd/libsaslc/dist/src/xsess.c:1.8 --- src/crypto/external/bsd/libsaslc/dist/src/xsess.c:1.7 Fri Jun 28 15:04:35 2013 +++ src/crypto/external/bsd/libsaslc/dist/src/xsess.c Sat Aug 8 10:38:35 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: xsess.c,v 1.7 2013/06/28 15:04:35 joerg Exp $ */ +/* $NetBSD: xsess.c,v 1.8 2015/08/08 10:38:35 shm Exp $ */ /* * Copyright (c) 2010 The NetBSD Foundation, Inc. @@ -36,7 +36,7 @@ * POSSIBILITY OF SUCH DAMAGE. */ #include sys/cdefs.h -__RCSID($NetBSD: xsess.c,v 1.7 2013/06/28 15:04:35 joerg Exp $); +__RCSID($NetBSD: xsess.c,v 1.8 2015/08/08 10:38:35 shm Exp $); #include assert.h #include saslc.h @@ -556,8 +556,10 @@ saslc__sess_xxcode(saslc_sess_t *sess, s ate = 0; do { len = xxcode(sess, in, inlen, pkt, pktlen); - if (len == -1) /* error */ + if (len == -1) { + free(buf); return -1; + } ate += len; in = (const char *)in + len; @@ -570,7 +572,10 @@ saslc__sess_xxcode(saslc_sess_t *sess, s continue; buflen += pktlen; + p = buf; if ((buf = realloc(buf, buflen)) == NULL) { + /* we should free memory if realloc(2) failed */ + free(p); saslc__error_set_errno(ERR(sess), ERROR_NOMEM); return -1; }
CVS commit: src/usr.bin/config
Module Name:src Committed By: shm Date: Sat Aug 8 15:52:41 UTC 2015 Modified Files: src/usr.bin/config: main.c Log Message: Add missed munmap(2) in extract_config To generate a diff of this commit: cvs rdiff -u -r1.75 -r1.76 src/usr.bin/config/main.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.bin/config/main.c diff -u src/usr.bin/config/main.c:1.75 src/usr.bin/config/main.c:1.76 --- src/usr.bin/config/main.c:1.75 Tue Jun 16 21:12:19 2015 +++ src/usr.bin/config/main.c Sat Aug 8 15:52:41 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: main.c,v 1.75 2015/06/16 21:12:19 christos Exp $ */ +/* $NetBSD: main.c,v 1.76 2015/08/08 15:52:41 shm Exp $ */ /* * Copyright (c) 1992, 1993 @@ -45,7 +45,7 @@ #endif #include sys/cdefs.h -__RCSID($NetBSD: main.c,v 1.75 2015/06/16 21:12:19 christos Exp $); +__RCSID($NetBSD: main.c,v 1.76 2015/08/08 15:52:41 shm Exp $); #ifndef MAKE_BOOTSTRAP #include sys/cdefs.h @@ -1582,6 +1582,7 @@ static int extract_config(const char *kname, const char *cname, int cfd) { char *ptr; + void *base; int found, kfd; struct stat st; off_t i; @@ -1594,10 +1595,11 @@ extract_config(const char *kname, const err(EXIT_FAILURE, cannot open %s, kname); if (fstat(kfd, st) == -1) err(EXIT_FAILURE, cannot stat %s, kname); - ptr = mmap(0, (size_t)st.st_size, PROT_READ, MAP_FILE | MAP_SHARED, + base = mmap(0, (size_t)st.st_size, PROT_READ, MAP_FILE | MAP_SHARED, kfd, 0); - if (ptr == MAP_FAILED) + if (base == MAP_FAILED) err(EXIT_FAILURE, cannot mmap %s, kname); + ptr = base; /* Scan mmap(2)'ed region, extracting kernel configuration */ for (i = 0; i st.st_size; i++) { @@ -1629,7 +1631,8 @@ extract_config(const char *kname, const } (void)close(kfd); - + (void)munmap(base, (size_t)st.st_size); + return found; }
CVS commit: src/usr.bin/config
Module Name:src Committed By: shm Date: Sat Aug 8 15:52:41 UTC 2015 Modified Files: src/usr.bin/config: main.c Log Message: Add missed munmap(2) in extract_config To generate a diff of this commit: cvs rdiff -u -r1.75 -r1.76 src/usr.bin/config/main.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/libsaslc/dist/src
Module Name:src Committed By: shm Date: Sat Aug 8 10:38:35 UTC 2015 Modified Files: src/crypto/external/bsd/libsaslc/dist/src: xsess.c Log Message: Fix various minor memory leaks on errors To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/libsaslc/dist/src/xsess.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Thu Jul 16 12:19:23 UTC 2015 Modified Files: src/libexec/httpd: bozohttpd.c tilde-luzah-bozo.c Log Message: Fix handling path with multiple slashes at the beginning Fix redirections escaping for user support OK mrg@ To generate a diff of this commit: cvs rdiff -u -r1.65 -r1.66 src/libexec/httpd/bozohttpd.c cvs rdiff -u -r1.10 -r1.11 src/libexec/httpd/tilde-luzah-bozo.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Thu Jul 16 12:19:23 UTC 2015 Modified Files: src/libexec/httpd: bozohttpd.c tilde-luzah-bozo.c Log Message: Fix handling path with multiple slashes at the beginning Fix redirections escaping for user support OK mrg@ To generate a diff of this commit: cvs rdiff -u -r1.65 -r1.66 src/libexec/httpd/bozohttpd.c cvs rdiff -u -r1.10 -r1.11 src/libexec/httpd/tilde-luzah-bozo.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/httpd/bozohttpd.c diff -u src/libexec/httpd/bozohttpd.c:1.65 src/libexec/httpd/bozohttpd.c:1.66 --- src/libexec/httpd/bozohttpd.c:1.65 Thu Jul 9 12:32:16 2015 +++ src/libexec/httpd/bozohttpd.c Thu Jul 16 12:19:23 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: bozohttpd.c,v 1.65 2015/07/09 12:32:16 shm Exp $ */ +/* $NetBSD: bozohttpd.c,v 1.66 2015/07/16 12:19:23 shm Exp $ */ /* $eterna: bozohttpd.c,v 1.178 2011/11/18 09:21:15 mrg Exp $ */ @@ -895,8 +895,12 @@ bozo_escape_rfc3986(bozohttpd_t *httpd, case ';': case '=': case '%': + case '\n': + case '\r': + case ' ': + case '': encode_it: - snprintf(d, 4, %%%2X, *s++); + snprintf(d, 4, %%%02X, *s++); d += 3; len += 3; break; @@ -1332,6 +1336,10 @@ transform_request(bozo_httpreq_t *reques goto bad_done; } + /* omit additional slashes at the beginning */ + while (file[1] == '/') + file++; + switch(check_bzredirect(request)) { case -1: goto bad_done; Index: src/libexec/httpd/tilde-luzah-bozo.c diff -u src/libexec/httpd/tilde-luzah-bozo.c:1.10 src/libexec/httpd/tilde-luzah-bozo.c:1.11 --- src/libexec/httpd/tilde-luzah-bozo.c:1.10 Thu Jan 2 08:21:38 2014 +++ src/libexec/httpd/tilde-luzah-bozo.c Thu Jul 16 12:19:23 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: tilde-luzah-bozo.c,v 1.10 2014/01/02 08:21:38 mrg Exp $ */ +/* $NetBSD: tilde-luzah-bozo.c,v 1.11 2015/07/16 12:19:23 shm Exp $ */ /* $eterna: tilde-luzah-bozo.c,v 1.16 2011/11/18 09:21:15 mrg Exp $ */ @@ -36,6 +36,7 @@ #include sys/param.h +#include assert.h #include errno.h #include pwd.h #include stdlib.h @@ -58,20 +59,28 @@ int bozo_user_transform(bozo_httpreq_t *request, int *isindex) { bozohttpd_t *httpd = request-hr_httpd; - char c, *s, *file = NULL; + char c, *s, *file = NULL, *user; struct passwd *pw; *isindex = 0; - if ((s = strchr(request-hr_file + 2, '/')) != NULL) { + /* find username */ + user = strchr(request-hr_file + 2, '~'); + + /* this shouldn't happen, but better paranoid than sorry */ + assert(user != NULL); + + user++; + + if ((s = strchr(user, '/')) != NULL) { *s++ = '\0'; c = s[strlen(s)-1]; *isindex = (c == '/' || c == '\0'); } debug((httpd, DEBUG_OBESE, looking for user %s, - request-hr_file + 2)); - pw = getpwnam(request-hr_file + 2); + user)); + pw = getpwnam(user); /* fix this up immediately */ if (s) s[-1] = '/';
CVS commit: src/crypto/external/bsd/libsaslc/dist/man
Module Name:src Committed By: shm Date: Mon Jul 13 13:57:45 UTC 2015 Modified Files: src/crypto/external/bsd/libsaslc/dist/man: libsaslc.3 Log Message: PR#49876 - fix typos, from Dieter Roelants. To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 \ src/crypto/external/bsd/libsaslc/dist/man/libsaslc.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/libsaslc/dist/man/libsaslc.3 diff -u src/crypto/external/bsd/libsaslc/dist/man/libsaslc.3:1.15 src/crypto/external/bsd/libsaslc/dist/man/libsaslc.3:1.16 --- src/crypto/external/bsd/libsaslc/dist/man/libsaslc.3:1.15 Tue May 14 15:33:21 2013 +++ src/crypto/external/bsd/libsaslc/dist/man/libsaslc.3 Mon Jul 13 13:57:44 2015 @@ -1,4 +1,4 @@ -.\ $NetBSD: libsaslc.3,v 1.15 2013/05/14 15:33:21 elric Exp $ +.\ $NetBSD: libsaslc.3,v 1.16 2015/07/13 13:57:44 shm Exp $ .\ .\ Copyright (c) 2010 The NetBSD Foundation, Inc. .\ All rights reserved. @@ -34,7 +34,7 @@ .\ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\ POSSIBILITY OF SUCH DAMAGE. .\ -.Dd September 23, 2011 +.Dd May 3, 2015 .Dt LIBSASLC 3 .Os .Sh NAME @@ -240,7 +240,7 @@ and functions are used to provide the integrity .Pq Qq auth-int and confidentiality -.Pq Qq auth-int +.Pq Qq auth-conf layers for mechanisms that provide them. They encode and, respectively, decode .Ar inlen @@ -322,7 +322,7 @@ files, while the session dictionary is l .Pp The configuration file .Pa cfgpath/appname/saslc.conf -is used for the configuration context. +is used for the context configuration. The .Pa cfgpath/appname/mech/mechanism.conf file is used for the mechanism configuration.
CVS commit: src/crypto/external/bsd/libsaslc/dist/man
Module Name:src Committed By: shm Date: Mon Jul 13 13:57:45 UTC 2015 Modified Files: src/crypto/external/bsd/libsaslc/dist/man: libsaslc.3 Log Message: PR#49876 - fix typos, from Dieter Roelants. To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 \ src/crypto/external/bsd/libsaslc/dist/man/libsaslc.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Thu Jul 9 12:32:16 UTC 2015 Modified Files: src/libexec/httpd: bozohttpd.c Log Message: Remove d_namelen as it's an BSD extension. Fix building bozohttpd on SunOS. OK mrg@ To generate a diff of this commit: cvs rdiff -u -r1.64 -r1.65 src/libexec/httpd/bozohttpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/libexec/httpd
Module Name:src Committed By: shm Date: Thu Jul 9 12:32:16 UTC 2015 Modified Files: src/libexec/httpd: bozohttpd.c Log Message: Remove d_namelen as it's an BSD extension. Fix building bozohttpd on SunOS. OK mrg@ To generate a diff of this commit: cvs rdiff -u -r1.64 -r1.65 src/libexec/httpd/bozohttpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/libexec/httpd/bozohttpd.c diff -u src/libexec/httpd/bozohttpd.c:1.64 src/libexec/httpd/bozohttpd.c:1.65 --- src/libexec/httpd/bozohttpd.c:1.64 Sat May 2 11:35:48 2015 +++ src/libexec/httpd/bozohttpd.c Thu Jul 9 12:32:16 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: bozohttpd.c,v 1.64 2015/05/02 11:35:48 mrg Exp $ */ +/* $NetBSD: bozohttpd.c,v 1.65 2015/07/09 12:32:16 shm Exp $ */ /* $eterna: bozohttpd.c,v 1.178 2011/11/18 09:21:15 mrg Exp $ */ @@ -1093,8 +1093,7 @@ check_virtual(bozo_httpreq_t *request) } debug((httpd, DEBUG_OBESE, looking at dir``%s'', d-d_name)); -if (d-d_namlen == len strcmp(d-d_name, -request-hr_host) == 0) { +if (strcmp(d-d_name, request-hr_host) == 0) { /* found it, punch it */ debug((httpd, DEBUG_OBESE, found it punch it)); request-hr_virthostname =
CVS commit: src/share/man/man7
Module Name:src Committed By: shm Date: Wed May 13 11:36:12 UTC 2015 Modified Files: src/share/man/man7: security.7 Log Message: 0 mappings are currently disabled on all architectures. To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 src/share/man/man7/security.7 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/share/man/man7/security.7 diff -u src/share/man/man7/security.7:1.11 src/share/man/man7/security.7:1.12 --- src/share/man/man7/security.7:1.11 Tue Mar 18 18:20:40 2014 +++ src/share/man/man7/security.7 Wed May 13 11:36:12 2015 @@ -1,4 +1,4 @@ -.\ $NetBSD: security.7,v 1.11 2014/03/18 18:20:40 riastradh Exp $ +.\ $NetBSD: security.7,v 1.12 2015/05/13 11:36:12 shm Exp $ .\ .\ Copyright (c) 2006, 2011 Elad Efrat e...@netbsd.org .\ All rights reserved. @@ -351,8 +351,7 @@ In .Nx it is possible to restrict whether user processes are allowed to make mappings at the zero address. -By default, address 0 mappings are restricted -on the i386 and amd64 architectures. +By default, address 0 mappings are restricted on all architectures. It is however known that some third-party programs may not function properly with the restriction. Such mappings can be allowed either by using the