Add bounds checking to netbios NS packet resolving code. This should
prevent natd from crashing on badly formed netbios packets (as might be
heard when the machine is sitting on a cable modem or certain DSL
networks), and also closes potential security holes that might have
exploited the lack of bounds checking in the previous version of the
code.
Fix bug with od/hd/hexdump. "*" lines are supposed to indicate one or
duplicates of the previous line, but a small file with less then 16
characters of zeros in it will be falsy identified as a repeat of
the (non-existant) previous line. i.e. the first line of output winds
up being a "*". Added a bit of code to handle the degenerate 'there is
no previous line' case for the first line.
Prevent cron from going crazy if the time steps. For example, if you
have a system with hundreds of users and lots of different crontabs
and your time steps back an hour, the old cron would then attempt to
run an hours worth of cron jobs in a few seconds.
Increase the size of a number of buffers and replace strcpy/strcat/sprintf
with snprintf(). There was a minor and possibly not exploitable security
hole related to one sprintf().
Update chpass(1) manual page. Change the definition of the class
field and also reorganize the field list to match that of the
/etc/master.passwd file, to avoid confusion.
Have pwd_mkdb lock the source file while rebuilding the database. When
called by programs such as vipw, the source file is a temporary file and
this does not conflict with the lock on /etc/master.passwd already held
by vipw. When run manually, however, master.passwd is typically specified
as the argument and the locking prevents other programs from messing with
master.passwd during the database rebuild.
Also pwd_mkdb uses a blocking exclusive lock as it may be called from
a script. The -N option was added to cause pwd_mkdb to get the lock
non-blocking and exit with an error if the attempt fails, again useful
for scripts.
- For transactions of 0 length, us a non-residual checking CCB type.
- Preserve command status if our interrupt handler completes a command
while we are polling for completion in aha_cmd.
