Commit Graph

69 Commits

Author SHA1 Message Date
Warner Losh
ed4d1cf9cc Be more paranoid about unlinking files. From mhpower@MIT.EDU by way of
Theo de Raadt.

Likely 2.2.5R candidate.
Obtained from: OpenBSD
1997-10-06 03:58:48 +00:00
Philippe Charnier
9b3fe531b5 Use err(3). Add usage(). Various fixes in man pages. 1997-09-24 06:48:24 +00:00
Philippe Charnier
34384756cd environmental -> environment. 1997-09-18 06:55:21 +00:00
Joerg Wunsch
36d0e2a3e2 common_source: staticize private version of warn() so to not conflict
with libc's version.

lpd: use getopt(3), err(3), add usage(), allow specification of a port #
on the command line as the documentation suggested for more than 10 years.

PR:		docs/3290
1997-08-23 15:53:00 +00:00
Warner Losh
6ee8b26997 Two minor, pedantic fixes from bde for my last pedantic fixes, plus
the following from recent OpenBSD changes.  These changes (and all
I've made) should be merged back into 2.2 when they are vetted in
-current.

common.c:
OpenBSD 1.7: mickey: #if __STDC__ --> #ifdef __STDC__

displayq.c:
OpenBSD 1.8: deraadt: 1 byte oflows; millert

rmjob.c:
OpenBSD 1.8: deraadt: 1 byte oflows; millert

cmds.c:
OpenBSD 1.9: grr: restore traditional "all" keyword option - see lpc(8)
[[ This makes lpc status all work again -- imp ]]

printjob.c:
OpenBSD 1.17: deraadt: use sendmail -t
OpenBSD 1.16: mickey: #if __STDC__ --> #ifdef __STDC__
OpenBSD 1.15: deraadt: 1 byte oflow; Don.Lewis@tsc.tdk.com

recvjob.c:
OpenBSD 1.11: mickey: #if __STDC__ --> #ifdef __STDC__

lpr.c:
OpenBSD 1.19: mickey: #if __STDC__ --> #ifdef __STDC__

Obtained from: OpenBSD
1997-07-29 13:24:01 +00:00
Warner Losh
5f87a7b6b1 Fix boatloads of buffer overflows from the OpenBSD tree.
Be pedantic about always using sizeof(blah) vs sizeof (blah) or sizeof blah.
Obtained from:OpenBSD
1997-07-29 04:17:19 +00:00
Warner Losh
f8eb25da54 index -> strchr and rindex -> strrchr to reduce the number of gratuitous
diffes with NetBSD/OpenBSD.  These changes seem to predate the NetBSD/OpenBSD
split, so it is hard to give proper credit for them.
Obtained from: OpenBSD.
1997-07-23 20:53:41 +00:00
Warner Losh
360d4ad5ab Use setuid/seteuid around dangerous operations. Also a few buffer
overflow patches that were "near" to where these operations are taking
place.  The buffer overflows are from OpenBSD.  The setuid/seteuid patches
are from NetBSD by way of OpenBSD (they changed them a little), at least from
my read of the tree.

This is the first of a series of OpenBSD lpr/et al merges.  It (and them)
should be merged back into 2.2 and/or 2.1 (if requested) branches when they
have been shaken out in -current.
Obtained from: OpenBSD
1997-07-23 00:49:46 +00:00
Brian Somers
afd70290e7 Output name of duplicate spool dir.
Submitted by:	Wayne Scott <wscott@ichips.intel.com>
1997-07-21 22:40:04 +00:00
Warner Losh
eb6c72e98f Add code to make sure that we don't overflow the buffer that we copy
the hostname into.  In theory the bind library should do this, but
in practice the limites between system defines and bind defines make
an attack using this vector possible.  These patches have been in
use on my systems for three months now, so I am fairly confident about
them.  I plan on commiting this to 2.2 and 2.1 in the near future,
as well as many other patches of this nature.
1997-07-18 18:52:53 +00:00
Warner Losh
fb9108baa9 Fix a problem where remote files could be removed by exploiting race
conditions similar to those reported in CERT's CA-91:10a advisory.
Obtained from: Hiroshi NAKANO <nakano@rins.ryukoku.ac.jp> by way of CERT.
1997-07-18 18:33:15 +00:00
Poul-Henning Kamp
63cfc56271 Increase size of tmp hostname buffer.
PR:		3889
Reviewed by:	phk
Submitted by:	Yujiro MIYATA <miyata@bioele.nuee.nagoya-u.ac.jp>
1997-07-16 11:22:57 +00:00
Dima Ruban
d8ae132815 Fixed buffer overflow.
Reviewed by:	Warner
1997-07-08 21:03:16 +00:00
Joerg Wunsch
334a95086d Imply a 10-second connection timeout when querying remote queues, to
prevent lpq from hanging indefinately (well, 10 minutes are for sure
counting as `indefinately' in this case).
1997-06-23 10:00:01 +00:00
Joerg Wunsch
c1bae21c1e Fix a typo, so the -a option will by documented in the synopsis. 1997-06-21 09:17:45 +00:00
Brian Somers
6b7e3ca395 Check for duplicate spool dirs.
Submitted by:	eivind
1997-05-17 03:04:43 +00:00
Brian Somers
36abea5dc5 Don't output extraneous tab
Submitted by:	Garance A Drosehn <gad@eclipse.its.rpi.edu>
1997-05-13 20:52:31 +00:00
Brian Somers
9f38c2e591 Don't drop into the troff args after parsing -#.
Submitted by:	 Garance A Drosehn <gad@eclipse.its.rpi.edu>
1997-05-13 20:46:45 +00:00
Joerg Wunsch
e655e13a6b Kill a stale .pq line. 1997-05-08 15:31:39 +00:00
Brian Somers
49c7494bef Support input and output filters with remote printing.
Output filters are executed on a per-file basis as it's
necessary to supply the file size to the "other side".
1997-04-12 04:23:13 +00:00
Warner Losh
6c3f552a31 compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.
1997-03-31 05:11:47 +00:00
Mike Pritchard
156de774e2 Fix an off by one error when determing the default job name for
the banner page.

Closes PR# 1986.

Submitted by:	Mark Valentine <mark@linus.demon.co.uk>
1997-02-26 02:22:45 +00:00
Peter Wemm
476602a9d0 Revert $FreeBSD$ to $Id$ 1997-02-22 16:15:28 +00:00
Peter Wemm
e25aeca937 Revert $FreeBSD$ back to $Id$ 1997-02-22 13:26:29 +00:00
Warner Losh
d583a7c3cb Buffer overflow from OpenBSD:
Rev 1.4 deraadt: (partial from full commit, other files not done yet)
	proactive bounds checking; help from millert
Rev 1.5 millert:
	Possible buf oflow.

Plus minor style nits to keep the style police happy (I hope)
Obtained from: OpenBSD
1997-02-09 05:19:03 +00:00
Warner Losh
87751a8467 Buffer overflow from OpenBSD:
Rev 1.7 millert:
	possible oflow
Obtained from: OpenBSD
1997-02-09 05:04:17 +00:00
Wolfram Schneider
bfd34a4a60 Sort cross references. 1997-01-20 00:03:00 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
Wolfram Schneider
c69a537c8f Sort cross references. 1996-12-26 02:02:31 +00:00
Poul-Henning Kamp
7132822bb1 doc/1987, table heading in error.
Submitted by:	Mark Valentine Mark Valentine <mark@linus.demon.co.uk>
1996-11-12 13:37:51 +00:00
Warner Losh
bc407914f9 lpc/cmds.c:
From NetBSD via OpenBSD to fix NetBSD PR #506
	More descriptive message for printer status
	(OpenBSD: 1.2)

	Various warnings cleaned up (OpenBSD: 1.4)

lpc/lpc.c:
	Various warnings cleaned up (OpenBSD: 1.3)

lpd/lpd.c:
	Remove trailing blank lines (OpenBSD: 1.2)

	Potential umask problem with creating /dev/printer
	(OpenBSD: 1.4 and 1.5)

	Ftp bounce attack (untested on FreeBSD)
	(OpenBSD: 1.6, 1.8, 1.9)
	Fencepost in strncpy
	(OpenBSD: 1.6)

lpd/printjob.c:
	Fix from freebsd for waiting for an exiting filter, that
	appears not in the FreeBSD CVS tree.
	(OpenBSD: 1.6)

lpd/recvjob.c:
	Buffer overflow protection: use strncpy rather than strcpy.
	(OpenBSD: 1.3)

lpr/lpr.c:
	NetBSD change of return type for main()
	(OpenBSD: 1.2)

	Restrict time running as root
	(OpenBSD: 1.7)

	Use getcwd rather than getwd (from NetBSD)

	Use snprintf rather than sprintf
	(OpenBSD: 1.8)

	Minor tweak to end of loop and buffer overflow sanity.  card()
	overflow already in FreeBSD
	(OpenBSD: 1.9)

lptest/lptest.c:
	void -> int return type of main, from NetBSD via OpenBSD
	(OpenBSD: 1.2)

pac/pac.c:
	void -> int return type of main, from NetBSD via OpenBSD
	(OpenBSD: 1.3)

Obtained from: OpenBSD
1996-10-27 03:06:52 +00:00
Warner Losh
d1f8ff8c2e Fix transcription error I introduced in last patch. This created a
fencepost error that would run one off the end of the buffer.

Noticed by: Bruce Evans
1996-10-26 00:46:34 +00:00
Warner Losh
4f6653b930 Fix a problem where the command line could be used to overflow a stack
buffer which could be made to lead to a root shell.  This patch is
OpenBSD's solution to the problem, and will silently truncate the
output rather than overflow the buffer.

Obtained from: OpenBSD
1996-10-25 18:14:48 +00:00
Bruce Evans
3b72a1cdd4 Close files up to getdtablesize(), instead of up to NOFILE.
lpd was one of 3 programs in /usr/src that (mis)used NOFILE.
1996-09-29 19:12:55 +00:00
Alexander Langer
59a727f3c5 "appeared in 4.2BSD.." changed to "appeared in 4.2BSD." 1996-07-27 01:20:00 +00:00
Joerg Wunsch
35ab66af3b Correct the Unix programmer's error #1: "char c = getc();".
Closes PR # bin/1386: lpf Text Filter does not w...

Submitted by:	andreas@marvin.RoBIN.de
1996-07-17 20:14:42 +00:00
Wolfram Schneider
35da4f43ae People ask in Usenet, how to configure remoteprinting successfully
having a hosts.lpd(5) manpage and some references to it from
within lpd(8) might help here. Close PR docs/1277

Submitted by: andreas@knobel.gun.de (Andreas Klemm)
1996-06-01 23:22:36 +00:00
Joerg Wunsch
afc417e07b Convert the option parser to use getopt(3). This makes it more
orthogonal with the rest of the system (you can now use either -PPS or
-P PS), and makes the parser more intelligible.  The only drawback is
that the old semantics for the -i flag in case a non-numeric argument
is following are no longer fully supported (only if -i is the very
last arg at all), since getopt(3) doesn't support the discticnction
between numeric and non-numeric arguments.

Make lpr also understand dashes as input pseudo filenames.  This
finally makes lp(1) fully comply with Posix.2.
1996-05-11 19:00:55 +00:00
Joerg Wunsch
7e703be7cd Clean out the BUGS section/comments now that our lpr has a better
option parsing.
1996-05-11 18:56:11 +00:00
Joerg Wunsch
7f72cbbae9 Cleanup.
The removed files are no longer needed, they are actually labelled as
``Use only if you are not 4.4BSD''.  (Yeah, the ol' crufty printcap.c
is really gone!)

Properly declare all external objects in files ending in .h, as
opposed to embed them into files ending in .c.
1996-05-09 22:44:28 +00:00
Joerg Wunsch
5458e2f421 Pull a bunch of fixes from the 4.4BSD-Lite2 branch. It's really
surprising how many trivial errors there have been... :-)

Some more cleanup is needed, but i'd like to separate the Lite2 changes
from other work, that's why this goes into a different commit.

People with serial printers should see whether i have broken the stty-
style printcap options (i hope not).

Inspired by: Sergey Shkonda <serg@bcs1.bcs.zaporizhzhe.ua>
1996-05-05 22:40:51 +00:00
Joerg Wunsch
4ebd2ee491 Fix my botched 4.4Lite2 import, and revert these files to their HEAD
versions.
1996-05-05 19:28:34 +00:00
Joerg Wunsch
f519e3067e This commit was generated by cvs2svn to compensate for changes in r15637,
which included commits to RCS files with non-trunk default branches.
1996-05-05 14:04:33 +00:00
Joerg Wunsch
0b561052df Vendor-branch import of the 4.4BSD-Lite2 code for lpr. There are
several bugfixes in it that are worth considering.

Don't be alarmed about the import conflicts...

Obtained from: 4.4BSD-Lite2
1996-05-05 14:04:33 +00:00
Mike Pritchard
edf0e5b3f8 Correct some man page xrefs, and some other minor changes to bring some
man pages up to mdoc guidelines and fix some minor formatting glitches.
Also fixed a number of man pages to not abuse the .Xr macro to
display functions and path names and a lot of other junk.
1996-04-08 04:18:31 +00:00
Mike Pritchard
e229ffb7e9 Correct some cross references and some path names. 1996-04-06 09:47:30 +00:00
Sean Eric Fagan
e0048e9658 Makefile: Add new modes.c file to list of objects.
printjob.c:  Use termios instead of sgtty structs and ioctls; remove
support for fs/fc/xs/xc capabilities, and replace them with the ms
capability (stty-like words, instead of octal bit patterns).
modes.c:  Modified from stty's file, parses comma-seperated list of
tty modes (e.g., "cs8,-paren,-opost").

Reviewed by:	rgrimes, joerg
1996-04-03 22:49:15 +00:00
Sean Eric Fagan
a1e5d6f458 Remove definitions and declarations for FS, FC, XS, XC variables, and
replace them with MS char* variable.

Reviewed by:	rgrimes, joerg
1996-04-03 22:46:59 +00:00
Sean Eric Fagan
21b2a25cfb printcap.5: Remove fs,fc,xs,xc capability, and replace them with the ms
capability

Reviewed by:	rgrimes, joerg
1996-04-03 22:46:17 +00:00
Mike Pritchard
78b0b234eb Correct a bunch of man page cross references and generally
try and silence "manck".

ncurses, rpc, and some of the gnu stuff are still a big mess, however.
1996-02-11 22:38:05 +00:00