in PATH_MAX + 1 bytes from the file. In r281500, strrchr() is
used to strip possible path portion of the file name to mitigate
a possible attack. Unfortunately, strrchr() expects a buffer
that is NUL-terminated, and since we are processing potentially
untrusted data, we can not assert that be always true.
Solve this by reading in one less byte (now PATH_MAX) and
explicitly terminate the buffer after the read size with NUL.
Reported by: Coverity
CID: 1264915
X-MFC-with: 281500
MFC after: 13 days
In addition to adding `static' where possible:
- bin/date: Move `retval' into extern.h to make it visible to date.c.
- bin/ed: Move globally used variables into ed.h.
- sbin/camcontrol: Move `verbose' into camcontrol.h and fix shadow warnings.
- usr.bin/calendar: Remove unneeded variables.
- usr.bin/chat: Make `line' local instead of global.
- usr.bin/elfdump: Comment out unneeded function.
- usr.bin/rlogin: Use _Noreturn instead of __dead2.
- usr.bin/tset: Pull `Ospeed' into extern.h.
- usr.sbin/mfiutil: Put global variables in mfiutil.h.
- usr.sbin/pkg: Remove unused `os_corres'.
- usr.sbin/quotaon, usr.sbin/repquota: Remove unused `qfname'.
Third parties are encouraged to change the license on any files which have
a 4-clause license contributed to the NetBSD Foundation to a 2-clause
license. We would also encourage you to inform us about these files, so
that we can continue to track the many places in which NetBSD is used.
http://www.netbsd.org/about/redistribution.html#why2clause [1]
Requested by: joel@
When we are operating on a symbolic link pointing to an existing
file, bail out by default, but go ahead if -f is specified.
Submitted by: arundel
MFC after: 2 weeks
not optimal from a performance standpoint since the write buffer is
not necessarily be filled up when the inflate rountine reached the
end of input buffer and it's not the end of file.
This problem gets uncovered by trying to pipe gunzip -c output to
a GEOM device directly, which enforces the writes be multiple of
sector size.
Sponsored by: iXsystems, Inc.
Reported by: jpaetzel
MFC after: 2 weeks
handler, as the latter is not guaranteed to be signal safe, and we
do not really care about flushing the stream during SIGINT.
Suggested by: Maxim Konovalov <maxim.konovalov gmail com>
MFC after: 13 days
BZ_STREAM_END triggered re-init. Do it by introducing a new flag
to represent the 'cold' case after bzip2 state is reinitialized.
This fixes regression reported on -current@ as well as another one
I found during twiddling with gzip.
Reported by: swell.k gmail.com
MFC after: 1 week
- Limit suffix to be no more than 30 bytes long. This matches GNU
behavior.
- Correct usage of memcpy().
Note that this commit only corrects the stack underflow issue, we
still need some other fixes to cover other edges. [1]
Reported by: Ron Jude <ronj wytheville org>
Discussed with: Matthew Green (original NetBSD gzip author),
Eygene Ryabinkin <rea-fbsd codelabs ru> [1]
Approved by: re (kib)
- gzip -n does not store timestamp; [1]
- Reduce diff against NetBSD by moving some casts in our local
versions.
PR: bin/134955
Obtained from: NetBSD
MFC after: 1 month
in some commercial Unix systems, which utilizes Huffman minimum redundancy
code tree to compress files. This implementation supports the "new" pack
format only, just like GNU gzip did.
Thanks for oliver@'s archive set which I can test against, and Mingyan Guo
for providing helpful review of my code.
PR: bin/109567
MFC after: 1 month
- Reduce scope where return value can be referenced.
- Add a dummy access to timestamp to silence warning.
Submitted by: Mingyan Guo <guomingyan gmail com>
target file after the timestamp has been set; otherwise setting the
timestamp will fail if the flags don't permit it (i.e., uchg).
MFC after: 1 week
PR: 120208
Submitted by: Ighighi <ighighi at gmail.com>
being output in verbose mode when doing recursive[1].
- Use better representation of S:
PR: bin/114470
Submitted by: Ighighi <ighighi gmail com> [1]
Approved by: re (hrs)