The environment variable TMPDIR was copied unchecked into a fixed-size heap
buffer. Use a length-limiting snprintf in place of ordinary sprintf to
prevent the overflow. Long TMPDIR variables can still cause odd truncated
filenames, which may be undesirable.
Reported by: Coverity (CWE-120)
CIDs: 1006706, 1006707
Sponsored by: Dell EMC Isilon
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.
Submitted by: Jan Schaumann <jschauma@stevens.edu>
Pull Request: https://github.com/freebsd/freebsd/pull/96
This is based on a change from OpenBSD:
"Fix restore so that it can actually restore files larger than 4GB by
changing the type of "size" to off_t in getfiles() plus little dependent
type cleanup, from Daniel Lucq."
It is an important for machines with 32 bit longs.
While here unsign the flags, also from OpenBSD.
Obtained from: OpenBSD (through bitrig, I hate CVS)
MFC after: 2 weeks
The restore utility already knows the full-resolution timestamps, so the
only thing to do is to stop converting the timespecs to timevals and use
futimens() and utimensat().
Differential Revision: https://reviews.freebsd.org/D2020
Reviewed by: jhb
in format strings.
- Use (void) instead of (void *) when discarding strcat(3) return value.
- Format string fixes to match variable types.
- Change canon() len parameter and getcmd() size parameter type from
int to size_t.
- Style Makefile and increase WARNS to 2.
PR: bin/140061
Submitted by: uqs
Approved by: trasz (mentor)
files containing directory and ownership data. If /tmp fills, the
console is blasted with zillions of "file system full" errors, and
restore continues on, even though directory and/or ownership data
has been lost. This is particularly likely to happen when running
from the live CD, which has little /tmp space.
PR: bin/93603, also probably bin/107213
Fix from: Ken Lalonde
the restore program to restore all dumped extended attributes.
If the restore is running as root, it will always be able
to restore all extended attributes. If it is not running
as root, it makes a best effort to set them. Using the -v
command line flag or the `verbose' command in interactive
mode will display all the extended attributes being set on
files (and at the end on directories) that are being restored.
It will note any extended attributes that could not be set.
The extended attributes are placed on the dump image immediately
following each file's data. Older versions of restore can work
with the newer dump images. Old versions of restore will
correctly restore the file data and then (silently) skip
over the extended attribute data and proceed to the next file.
This resolves PR 93085 which will be closed once the code
has been MFC'ed.
Note that this code will not compile until these header
files have been updated: <protocols/dumprestore.h> and
<sys/extattr.h>.
PR: bin/93085
Comments from: Poul-Henning Kamp and Robert Watson
MFC after: 3 weeks
based tapes, but I'm not sure where NFS_MAGIC was introduced after
4.3). When support for the pre-4.4 format was removed (the ability to
read 4.2 and 4.3 BSD tapes), the old format inode conversion was
junked as well. However, FreeBSD 1 dump tapes use the NFS_MAGIC
format, but have this inode format. Before, restore would fail
complaining that '.' wasn't found and the root directory wasn't on
this tape. Since the conversion from the not so old format is
relatively trivial, restore the code to make that conversion.
FreeBSD 1 dumps are once again readable.
MFC After: a few days
support creation times such as UFS2) to the value of the
modification time if the value of the modification time is older
than the current creation time. See utimes(2) for further details.
Sponsored by: DARPA & NAI Labs.
filesystem expands the inode to 256 bytes to make space for 64-bit
block pointers. It also adds a file-creation time field, an ability
to use jumbo blocks per inode to allow extent like pointer density,
and space for extended attributes (up to twice the filesystem block
size worth of attributes, e.g., on a 16K filesystem, there is space
for 32K of attributes). UFS2 fully supports and runs existing UFS1
filesystems. New filesystems built using newfs can be built in either
UFS1 or UFS2 format using the -O option. In this commit UFS1 is
the default format, so if you want to build UFS2 format filesystems,
you must specify -O 2. This default will be changed to UFS2 when
UFS2 proves itself to be stable. In this commit the boot code for
reading UFS2 filesystems is not compiled (see /sys/boot/common/ufsread.c)
as there is insufficient space in the boot block. Once the size of the
boot block is increased, this code can be defined.
Things to note: the definition of SBSIZE has changed to SBLOCKSIZE.
The header file <ufs/ufs/dinode.h> must be included before
<ufs/ffs/fs.h> so as to get the definitions of ufs2_daddr_t and
ufs_lbn_t.
Still TODO:
Verify that the first level bootstraps work for all the architectures.
Convert the utility ffsinfo to understand UFS2 and test growfs.
Add support for the extended attribute storage. Update soft updates
to ensure integrity of extended attribute storage. Switch the
current extended attribute interfaces to use the extended attribute
storage. Add the extent like functionality (framework is there,
but is currently never used).
Sponsored by: DARPA & NAI Labs.
Reviewed by: Poul-Henning Kamp <phk@freebsd.org>
It does not help modern compilers, and some may take some hit from it.
(I also found several functions that listed *every* of its 10 local vars with
"register" -- just how many free registers do people think machines have?)
plain 0 should be used. This happens to work because we #define
NULL to 0, but is stylistically wrong and can cause problems
for people trying to port bits of code to other environments.
PR: 2752
Submitted by: Arne Henrik Juul <arnej@imf.unit.no>
- cleanups,
- whiteout support
- bug fixes (chflags missing on a few file types etc)
The dump/restore folks would want to have a closer look at this, the
change is pretty big.
dirs.c:
From OpenBSD 1.2, 1.3, 1.5, 1.8, 1.10, 1.11, 1.12
1.2:
use unique temporary files; netbsd pr#2544;
lukem@supp.cpr.itg.telecom.com.au
1.3:
updated patch from lukem@supp.cpr.itg.telecom.com.au
to also make -r and -R work again
1.5:
mktemp open & fdopen
1.8:
/tmp// -> /tmp/
1.10:
Fix strncpy usage and correct strncat length field,
from Theo. Also change some occurrence of MAXPATHLEN
with sizeof(foo).
1.11:
does noone know how to use strncat correctly?
1.12:
use mkstemp()
From NetBSD:
Use open rather than create so we can specify
exclusive open mode.
main.c:
From OpenBSD 1.2, 1.5
1.2:
From NetBSD: support $TAPE.
1.5
Set umask to be read only by owner until we set real
file permissions.
tape.c:
From NetBSD:
Use open rather than create so we can specify
exclusive open mode.
for gcc >= 2.5 and no-ops for gcc >= 2.6. Converted to use __dead2
or __pure2 where it wasn't already done, except in math.h where use
of __pure was mostly wrong.
understand why it can become a null pointer under some circumstances,
but i've got a pile of tapes where this happens, and running it thru a
debugger proved that simply ending the loop in this case did the right
thing.
Anyway, it cannot make it worse than now, where restore kills itself
with "Memory fault".