Commit Graph

3168 Commits

Author SHA1 Message Date
pfg
690479eac4 ed(1): Prevent possible string overflows
Use strlcpy instead of strncpy to guarantee NULL termination.

Pointed out by:	imp
CID:		1007252
X-MFC with:	r292454
2015-12-18 23:05:36 +00:00
pfg
0ba92f8ec1 ed(1): Prevent possible string overflows
CID:		1007252
MFC after:	2 weeks
2015-12-18 21:58:42 +00:00
jilles
75b5654b2a sh: Fix use-after-free when attempting to modify a read-only variable.
Reported by:	bapt
MFC after:	1 week
2015-12-16 20:33:47 +00:00
bapt
4ede56bd51 Fix ls -l alignement with new locales
Latest update of locales introduced abbreviated month that follows the regionale
rules meaning that they can be of variable length instead of being arbitrary
truncated to top 3 characters.

To fix alignement, ls now computes the visible length of the abbreviated month,
pads the shorter month with spaces in order to make sure everything is properly
aligned

Reviewed by:	ache, ed, jilles
Differential Revision:	https://reviews.freebsd.org/D4239
2015-12-07 20:48:28 +00:00
bdrewery
c47f6cc82b Add missing CLEANFILES.
MFC after:	1 week
Sponsored by:	EMC / Isilon Storage Division
2015-12-07 16:08:13 +00:00
ngie
2e48022141 Enable bin/ls testcases disabled previously because of issues with how
kyua 0.11's version of report-junit was rendering non-printable characters

Upgrade to kyua 0.12 to obtain a fixed version of the command

Output verified with python 2.7.10's xml.dom.minidom module

MFC after: 3 days
Sponsored by: EMC / Isilon Storage Division
2015-12-07 04:03:01 +00:00
jilles
bfe5e9c164 sh: Add limited test for ${#@} and ${#*}.
POSIX leaves the result of expanding ${#@} and ${#*} unspecified, but ensure
it is numeric.
2015-12-06 14:09:31 +00:00
jilles
dfc5b1f4e5 sh: Link tests/parameters/positional8.0 to the build.
This was forgotten in r291025.
2015-12-05 12:55:34 +00:00
rodrigc
1822da5070 Fix spelling, as recommended by igor tool. 2015-12-01 19:20:38 +00:00
rodrigc
9405dd95c9 Add more text to explain --libxo flag. 2015-12-01 19:18:53 +00:00
bdrewery
44973a75bb Update dependencies after r291406 added libelf to libkvm.
Unfortunately filemon/meta mode tracks all indirect dependencies here
since ld(1) is reading libelf when linking in libkvm.  Churn would be
reduced if this was able to be limited to direct dependencies.

Sponsored by:	EMC / Isilon Storage Division
2015-12-01 05:18:48 +00:00
bdrewery
52255645fb META MODE: Don't create .meta files when symlinking sources into the obj directory.
Tracking these leads to situations where meta mode will consider the
file to be out of date if /bin/sh or /bin/ln are newer than the source
file.  There's no reason for meta mode to do this as make is already
handling the rebuild dependency fine.

Sponsored by:	EMC / Isilon Storage Division
2015-11-25 19:44:43 +00:00
jilles
23b77bcd73 sh: Remove global state from nodes.c.
No functional change is intended.
2015-11-24 22:47:19 +00:00
bdrewery
7f4494e3bf Remove unneeded libutil dependency for sendmail.
It included libutil.h for setproctitle(3), which was moved from libutil to libc
in r65353 in 2000.

Reviewed by:	gshapiro [sendmail change]
Sponsored by:	EMC / Isilon Storage Division
Differential Revision:	https://reviews.freebsd.org/D4261
2015-11-24 04:19:55 +00:00
jilles
cf0d26dcd6 sh: Fix ""$@, which should not use the special case for "$@".
"$@" should expand to no words if there are no positional parameters, but
""$@ should always expand to at least an empty word.
2015-11-18 21:09:03 +00:00
bapt
05540ecb96 Protecting against rm -rf / is now POSIXLY_CORRECT per posix 1003.1
edition 2013. No need anymore to disable the protection if one set
the POXILY_CORRECT environment variable.

Reviewed by:	imp
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D4092
2015-11-07 02:18:19 +00:00
jilles
f6a99fcfe0 sh: Avoid copying argv for simple commands.
Add dummy entries before and after so arglist's array is directly usable as
argv.
2015-11-01 22:07:40 +00:00
emaste
d7f5735176 Update ls -l tests to use mtime, not birthtime
PR:		204155
Reviewed by:	ngie, rodrigc
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D4040
2015-10-30 20:14:32 +00:00
eadler
21a3003f8f Fix a ton of speelling errors
arc lint is helpful

Reviewed By: allanjude, wblock, #manpages, chris@bsdjunk.com
Differential Revision: https://reviews.freebsd.org/D3337
2015-10-21 05:37:09 +00:00
ngie
5c0da1966c Make libxo depend on libutil because it uses humanize_number after r287111
Remove overlinking in lib/libxo/tests, sbin/savecore, and
usr.bin/{iscsictl,wc,xo}

PR: 203673
Sponsored by: EMC / Isilon Storage Division
2015-10-18 07:30:50 +00:00
ngie
bac9b01be8 Clean up trailing whitespace
MFC after: 3 days
2015-10-18 05:51:44 +00:00
ngie
8b6c22e287 Integrate contrib/netbsd-tests/bin/dd into the FreeBSD test suite as
bin/dd/tests

Ensure fdescfs is mounted on /dev/fd/ for the length testcase as it's used
in validating the characters read from /dev/zero

MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division
2015-10-18 05:49:58 +00:00
ngie
e84cdeae2f Integrate contrib/netbsd-tests/bin/dd into the FreeBSD test suite as bin/dd/tests 2015-10-18 05:29:49 +00:00
bdrewery
153205e33f Add more SUBDIR_PARALLEL.
MFC after:	3 weeks
Sponsored by:	EMC / Isilon Storage Division
2015-10-15 22:55:08 +00:00
ngie
dd1f618367 Refactor the test/ Makefiles after recent changes to bsd.test.mk (r289158) and
netbsd-tests.test.mk (r289151)

- Eliminate explicit OBJTOP/SRCTOP setting
- Convert all ad hoc NetBSD test integration over to netbsd-tests.test.mk
- Remove unnecessary TESTSDIR setting
- Use SRCTOP where possible for clarity

MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Divison
2015-10-12 08:16:03 +00:00
jilles
5edc3be36a sh: Make struct arglist an array instead of a linked list.
This simplifies the code (e.g. allowing use of qsort(3) instead of a
hand-rolled mergesort) and should have better cache properties.

The waste of unused args arrays after resizes is approximately the same as
the savings from getting rid of the next pointers.

At the same time, remove a piece of global state and move some duplicated
code into a function.
2015-10-11 21:33:00 +00:00
ngie
842bd18cfb Remove all of the syncs
They're unnecessary as shown by further testing on my VM

Requested by: jhb
2015-10-10 01:31:39 +00:00
ngie
3bb6ebda97 Call sync consistently using atf_check
Remove superfluous sync's
2015-10-06 01:00:12 +00:00
ngie
5020f9ceef Explicitly set BLOCKSIZE to 512 in the environment 2015-10-06 00:55:31 +00:00
ngie
f747be88f5 Add some more syncs to quiesce the filesystem after creating the
files to see if this fixes deterministic Jenkin failures
2015-10-06 00:23:50 +00:00
imp
ce290acb45 Start using the fact that SUBDIR.yes is added to SUBDIR
and move from the pattern of:

.if ${MK_FOO} != "no"
SUBDIR+= bar
.endif

to

SUBDIR.${MK_FOO}+= bar

since we know that MK_FOO is always either yes or no and the latter
form is easier to follow and much shorter. Various exception to this
pattern dealt with on an ah-hoc basis.

Discussed on arch@ a while ago.
2015-10-05 21:41:55 +00:00
ngie
a9fe170df1 Merge additional testcases and improvements to bin/ls/ls_tests from
^/user/ngie/more-tests.

- Additional testcases added:
-- ls -D
-- ls -F
-- ls -H
-- ls -L
-- ls -R
-- ls -S
-- ls -T
-- ls -b
-- ls -d
-- ls -f
-- ls -g
-- ls -h
-- ls -i
-- ls -k
-- ls -l
-- ls -m
-- ls -n
-- ls -o
-- ls -p
-- ls -q/ls -w
-- ls -r
-- ls -s
-- ls -t
-- ls -u
-- ls -y
- Socket file creation is limited to the ls -F testcase, greatly speeding up
  the test process
- The ls -C testcase was made more robust by limiting the number of columns
  via COLUMNS and by dynamically formulating the columns/lines.
- Add `atf_test_case` before all testcase `head` functions.

X-MFC with: r284388, r288330, r288423
MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division
2015-10-05 00:33:57 +00:00
sbruno
14a0f4f2ed Initialize fd to -1 so that gcc doesn't emit an unitialized warning. 2015-10-04 01:56:11 +00:00
bdrewery
6e60c5239c Make GCC happy 2015-10-03 20:24:23 +00:00
hrs
1a9708cf93 Use getaddrinfo() to fill struct sockaddr_un. It now supports
SOCK_DGRAM and SOCK_SEQPACKET in addition to SOCK_STREAM.
2015-10-03 12:49:05 +00:00
jilles
aca221db9d wordexp: Rewrite to make WRDE_NOCMD reliable.
Shell syntax is too complicated to detect command substitution and unquoted
operators reliably without implementing much of sh's parser. Therefore, have
sh do this detection.

While changing sh's support anyway, also read input from a pipe instead of
arguments to avoid {ARG_MAX} limits and improve privacy, and output count
and length using 16 instead of 8 digits.

The basic concept is:
execl("/bin/sh", "sh", "-c", "freebsd_wordexp ${1:+\"$1\"} -f "$2",
    "", flags & WRDE_NOCMD ? "-p" : "", <pipe with words>);

The WRDE_BADCHAR error is still implemented in libc. POSIX requires us to
fail strings containing unquoted braces with code WRDE_BADCHAR. Since this
is normally not a syntax error in sh, there is still a need for checking
code in libc, we_check().

The new we_check() is an optimistic check that all the characters
  <newline> | & ; < > ( ) { }
are quoted. To avoid duplicating too much sh logic, such characters are
permitted when quoting characters are seen, even if the quoting characters
may themselves be quoted. This code reports all WRDE_BADCHAR errors; bad
characters that get past it and are a syntax error in sh return WRDE_SYNTAX.

Although many implementations of WRDE_NOCMD erroneously allow some command
substitutions (and ours even documented this), there appears to be code that
relies on its security (codesearch.debian.net shows quite a few uses).
Passing untrusted data to wordexp() still exposes a denial of service
possibility and a fairly large attack surface.

Reviewed by:	wblock (man page only)
MFC after:	2 weeks
Relnotes:	yes
Security:	fixes command execution with wordexp(untrusted, WRDE_NOCMD)
2015-09-30 21:32:29 +00:00
ngie
805ec6c7b6 Skip the B_flag testcase to stop blowing up freebsd-current@ with
"test failure emails" because kyua report-jenkins doesn't properly
escape non-printable chars
2015-09-30 17:43:02 +00:00
ngie
85dbaf473e Add initial testcases for bin/ls
MFC after: 1 week
Sponsored by: EMC / Isilon Storage Division
2015-09-28 03:36:15 +00:00
allanjude
9608a36e5e Fix whitespace error in ls(1) detected by igor
Approved by:	bcr (mentor)
Sponsored by:	EuroBSDCon DevSummit
2015-09-27 22:05:20 +00:00
allanjude
94e156ff3a Use one fewer made up words in the ls(1) man page
PR:		203337
Submitted by:	Mike Dame <damemi@gmail.com>
Approved by:	bcr (mentor)
Sponsored by:	EuroBSDCon DevSummit
2015-09-27 22:02:46 +00:00
bdrewery
bdebc05d94 Update META_MODE dependencies. 2015-09-17 05:06:34 +00:00
delphij
db0a2c953d Expose an interface to determine if an ACE is inherited.
Submitted by:	sef
Reviewed by:	trasz
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D3540
2015-09-04 00:14:20 +00:00
jilles
6633d3a788 sh: Allow empty << EOF markers. 2015-09-02 19:49:55 +00:00
jilles
1fb3e6c2bb sh: Fix read with escaped IFS characters at the end.
Characters escaped with a backslash must be treated as if they were not in
IFS. This includes stripping trailing IFS characters.
2015-08-30 17:24:22 +00:00
jilles
699c9af55f sh: Add set -o nolog.
POSIX requires this to prevent entering function definitions in history but
this implementation does nothing except retain the option's value. In ksh88,
function definitions were usually entered in the history file, even when
they came from ~/.profile and the $ENV file, to allow displaying their
definitions.

This is also the first option that does not have a letter.
2015-08-29 19:41:47 +00:00
delphij
958fa04040 Respect locale settings.
MFC after:	2 weeks
2015-08-28 00:49:30 +00:00
delphij
5ec82107b6 Use exit() instead of return in main().
MFC after:	2 weeks
2015-08-28 00:44:58 +00:00
jilles
424480153f sh: Fix out of bounds read when there is no ] after a [:class:].
The initial check for a matching ] was incorrect if a ] may be consumed by a
[:class:]. The subsequent loop assumed that there must be a ].

Remove the initial check and make the loop cope with a missing ].

Found with afl-fuzz.

MFC after:	1 week
2015-08-25 21:55:15 +00:00
marcel
02ffac2cca Upgrade libxo to 0.4.5.
Local changes incorporated by 0.4.5: r284340
Local changes retained: r276260, r282117

Obtained from:	https://github.com/Juniper/libxo
2015-08-24 16:26:20 +00:00
jilles
f504ca457f sh: Don't create bad parse result when postponing a bad substitution error.
An invalid substitution like ${var@} does not cause a parse error but is
stored in the intermediate representation, to be written as part of the
error message. If there is a CTL* byte in the stored part, this confuses
some code such as the code to skip an unused alternative such as in
${var-alternative}.

To keep things simple, do not store CTL* bytes.

Found with afl-fuzz.

MFC after:	1 week
2015-08-23 20:44:53 +00:00