Commit Graph

46 Commits

Author SHA1 Message Date
Conrad Meyer
63298eb19c restore(8): Prevent some heap overflows
The environment variable TMPDIR was copied unchecked into a fixed-size heap
buffer.  Use a length-limiting snprintf in place of ordinary sprintf to
prevent the overflow.  Long TMPDIR variables can still cause odd truncated
filenames, which may be undesirable.

Reported by:	Coverity (CWE-120)
CIDs:		1006706, 1006707
Sponsored by:	Dell EMC Isilon
2017-04-14 00:14:40 +00:00
Warner Losh
fbbd9655e5 Renumber copyright clause 4
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.

Submitted by:	Jan Schaumann <jschauma@stevens.edu>
Pull Request:	https://github.com/freebsd/freebsd/pull/96
2017-02-28 23:42:47 +00:00
Ed Maste
1dc349ab95 prefix UFS symbols with UFS_ to reduce namespace pollution
Specifically:
  ROOTINO -> UFS_ROOTINO
  WINO -> UFS_WINO
  NXADDR -> UFS_NXADDR
  NDADDR -> UFS_NDADDR
  NIADDR -> UFS_NIADDR
  MAXSYMLINKLEN_UFS[12] -> UFS[12]_MAXSYMLINKLEN (for consistency)

Also prefix ext2's and nandfs's NDADDR and NIADDR with EXT2_ and NANDFS_

Reviewed by:	kib, mckusick
Obtained from:	NetBSD
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D9536
2017-02-15 19:50:26 +00:00
Conrad Meyer
c9bf814804 restore(8): Handle extended attribute names correctly
UFS2 extended attribute names are not NUL-terminated.  Handle
appropriately.

Correct the EXTATTR_BASE_LENGTH() macro, which handled ea_namelength ==
one (mod eight) extended attributes incorrectly.

PR:		216127
Reported by:	dewayne at heuristicsystems.com.au
Reviewed by:	kib@
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D9208
2017-01-18 18:16:57 +00:00
Pedro F. Giffuni
71a53e69d6 restore: promote some getfiles() parameters to size_t.
This is based on a change from OpenBSD:

"Fix restore so that it can actually restore files larger than 4GB by
changing the type of "size" to off_t in getfiles() plus little dependent
type cleanup, from Daniel Lucq."

It is an important for machines with 32 bit longs.
While here unsign the flags, also from OpenBSD.

Obtained from:	OpenBSD (through bitrig, I hate CVS)
MFC after:	2 weeks
2016-05-01 21:17:30 +00:00
Marcelo Araujo
f4b72a8dd2 Use MIN()/MAX() macros from sys/param.h.
MFC after:	2 weeks.
2016-04-21 06:24:13 +00:00
Pedro F. Giffuni
05cfc40ab0 restore: use our roundup2/rounddown2() macros when param.h is available.
While here cleanup a little a malloc call.
2016-04-19 20:47:14 +00:00
Marcelo Araujo
e63ce3de7f malloc will return NULL if it cannot allocate memory.
MFC after:	2 weeks.
2016-04-19 02:00:48 +00:00
Jilles Tjoelker
59966d51c6 restore: Preserve timestamps to the nanosecond.
The restore utility already knows the full-resolution timestamps, so the
only thing to do is to stop converting the timespecs to timevals and use
futimens() and utimensat().

Differential Revision:	https://reviews.freebsd.org/D2020
Reviewed by:	jhb
2015-03-14 13:45:43 +00:00
Matthew D Fleming
e25a029eb2 Fix sbin/ build with a 64-bit ino_t.
Original code by:	Gleb Kurtsou
2012-09-27 23:31:06 +00:00
Jaakko Heinonen
cca1b3aa87 - Cast time_t, int64_t and some int32_t values to intmax_t and use "%jd"
in format strings.
- Use (void) instead of (void *) when discarding strcat(3) return value.
- Format string fixes to match variable types.
- Change canon() len parameter and getcmd() size parameter type from
  int to size_t.
- Style Makefile and increase WARNS to 2.

PR:		bin/140061
Submitted by:	uqs
Approved by:	trasz (mentor)
2010-01-29 10:00:42 +00:00
Kirk McKusick
a73665b028 Fix nits pointed out in PR bin/39905 that have not already been
corrected since it was filed. With this change the PR will be closed.

PR:     bin/39905
2008-05-23 19:17:08 +00:00
Kirk McKusick
aed3576d26 restore(8) does not check for write failure while building two temp
files containing directory and ownership data. If /tmp fills, the
console is blasted with zillions of "file system full" errors, and
restore continues on, even though directory and/or ownership data
has been lost. This is particularly likely to happen when running
from the live CD, which has little /tmp space.

PR:         bin/93603, also probably bin/107213
Fix from:   Ken Lalonde
2008-04-14 20:15:53 +00:00
Kirk McKusick
c028393d70 Correctly set file group when restore is run by a user other than root. 2008-04-11 21:48:14 +00:00
Warner Losh
52b370fe8e Use safer string handling.
Reviewed by: security-team
2008-04-03 20:37:38 +00:00
Kirk McKusick
772ad651bf Update the dump program to save extended attributes. Update
the restore program to restore all dumped extended attributes.

If the restore is running as root, it will always be able
to restore all extended attributes. If it is not running
as root, it makes a best effort to set them. Using the -v
command line flag or the `verbose' command in interactive
mode will display all the extended attributes being set on
files (and at the end on directories) that are being restored.
It will note any extended attributes that could not be set.

The extended attributes are placed on the dump image immediately
following each file's data. Older versions of restore can work
with the newer dump images. Old versions of restore will
correctly restore the file data and then (silently) skip
over the extended attribute data and proceed to the next file.

This resolves PR 93085 which will be closed once the code
has been MFC'ed.

Note that this code will not compile until these header
files have been updated: <protocols/dumprestore.h> and
<sys/extattr.h>.

PR:		bin/93085
Comments from:	Poul-Henning Kamp and Robert Watson
MFC after:	3 weeks
2007-02-26 08:15:56 +00:00
Warner Losh
371c9f9384 Remove debug from last commit 2005-04-03 16:35:58 +00:00
Warner Losh
66b4217151 Restore the ability to read FreeBSD 1 tapes (and I think any net2
based tapes, but I'm not sure where NFS_MAGIC was introduced after
4.3).  When support for the pre-4.4 format was removed (the ability to
read 4.2 and 4.3 BSD tapes), the old format inode conversion was
junked as well.  However, FreeBSD 1 dump tapes use the NFS_MAGIC
format, but have this inode format.  Before, restore would fail
complaining that '.' wasn't found and the root directory wasn't on
this tape.  Since the conversion from the not so old format is
relatively trivial, restore the code to make that conversion.

FreeBSD 1 dumps are once again readable.

MFC After: a few days
2005-03-25 07:35:59 +00:00
Warner Losh
a2c0855654 dcvt is unused since the support for converting pre-4.4 tapes was
removed.  Go ahead and remove it and struct odirent since it too is
unused.

# FreeBSD 1.1.5 tapes are still unreadable, but 2.0 and newer work.
2005-03-25 06:57:50 +00:00
Stefan Farfeleder
1916772e6f Use the correct types for the functions rst_opendir(), glob_readdir() and
rst_closedir() which are called by glob().

Reviewed by:	md5
Approved by:	das (mentor)
2004-05-24 16:24:26 +00:00
Mark Murray
4c723140a4 Remove advertising clause from University of California Regent's license,
per letter dated July 22, 1999.

Approved by: core, imp
2004-04-09 19:58:40 +00:00
Peter Wemm
30d38f7b0d Fix gcc warnings. If NAME_MAX is 255, and d_namlen is a uint8_t, then
d_namlen can never be > NAME_MAX.  Stop gcc worrying about this by
using a preprocessor test to see if NAME_MAX changes.
2003-10-26 04:43:02 +00:00
Mike Barcroft
89fdc4e117 Use the standardized CHAR_BIT constant instead of NBBY in userland. 2002-09-25 04:06:37 +00:00
Kirk McKusick
fb36a3d847 Change utimes to set the file creation time (for filesystems that
support creation times such as UFS2) to the value of the
modification time if the value of the modification time is older
than the current creation time. See utimes(2) for further details.

Sponsored by:	DARPA & NAI Labs.
2002-07-17 02:03:19 +00:00
Kirk McKusick
1c85e6a35d This commit adds basic support for the UFS2 filesystem. The UFS2
filesystem expands the inode to 256 bytes to make space for 64-bit
block pointers. It also adds a file-creation time field, an ability
to use jumbo blocks per inode to allow extent like pointer density,
and space for extended attributes (up to twice the filesystem block
size worth of attributes, e.g., on a 16K filesystem, there is space
for 32K of attributes). UFS2 fully supports and runs existing UFS1
filesystems. New filesystems built using newfs can be built in either
UFS1 or UFS2 format using the -O option. In this commit UFS1 is
the default format, so if you want to build UFS2 format filesystems,
you must specify -O 2. This default will be changed to UFS2 when
UFS2 proves itself to be stable. In this commit the boot code for
reading UFS2 filesystems is not compiled (see /sys/boot/common/ufsread.c)
as there is insufficient space in the boot block. Once the size of the
boot block is increased, this code can be defined.

Things to note: the definition of SBSIZE has changed to SBLOCKSIZE.
The header file <ufs/ufs/dinode.h> must be included before
<ufs/ffs/fs.h> so as to get the definitions of ufs2_daddr_t and
ufs_lbn_t.

Still TODO:
Verify that the first level bootstraps work for all the architectures.
Convert the utility ffsinfo to understand UFS2 and test growfs.
Add support for the extended attribute storage. Update soft updates
to ensure integrity of extended attribute storage. Switch the
current extended attribute interfaces to use the extended attribute
storage. Add the extent like functionality (framework is there,
but is currently never used).

Sponsored by: DARPA & NAI Labs.
Reviewed by:	Poul-Henning Kamp <phk@freebsd.org>
2002-06-21 06:18:05 +00:00
Warner Losh
2db673ab00 o remove __P
o Use ANSI function definitions
o unifdef -D__STDC__
2002-03-20 22:49:40 +00:00
David E. O'Brien
3d438ad61f Remove 'register' keyword.
It does not help modern compilers, and some may take some hit from it.
(I also found several functions that listed *every* of its 10 local vars with
 "register" -- just how many free registers do people think machines have?)
2002-03-20 17:55:10 +00:00
Dima Dorfman
b9595aa55f Respect the -N flag when changing directory attributes in setdirmode).
PR:		29671
Submitted by:	Sascha Blank <sblank@addcom.de>
2001-08-20 02:15:22 +00:00
Maxim Sobolev
4afde8553d Honour `TMPDIR' environment variable.
Reviewed by:	ru
Approved by:	ru
MFC after:	2 weeks
2001-08-13 09:20:15 +00:00
David E. O'Brien
8454c72c24 Move _PATH_DEFTAPE to <paths.h> to remove all the duplication of definitons,
and remove leading `r'(aw) from it.
2001-03-08 09:04:40 +00:00
Garrett Wollman
eb2fc78027 Don't depend on <sys/stat.h> bogusly including <sys/time.h> (and thereby
<time.h>).
2000-10-10 01:50:26 +00:00
David Malone
fddde8b056 Don't try to make files immutable (ie. chflags) before setting access times.
PR:		19973
Submitted by:	Arjan de Vet <Arjan.deVet@adv.iae.nl>
Reviewed by:	Matthew Jacob <mjacob@feral.com>
2000-07-16 23:22:15 +00:00
Peter Wemm
7f3dea244c $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
Dima Ruban
97b465b142 64bit fixes.
(Note: ``dump'' doesn't work on alpha yet. Apparently there's a problem
somewhere is the physio() area)

Submitted by:	myself && Matt Dillon.
1998-10-27 04:01:19 +00:00
Philippe Charnier
91ac32e405 Add rcsid. Remove unused #includes. Add missing prototypes and others -Wall
cleanings. Spelling.
1998-07-28 06:20:16 +00:00
Bruce Evans
7fafc6f67c Fixed printf format errors. Sure is dusty here. 1998-06-28 20:25:59 +00:00
Poul-Henning Kamp
d030d2d2ae Many places in the code NULL is used in integer context, where
plain 0 should be used.  This happens to work because we #define
NULL to 0, but is stylistically wrong and can cause problems
for people trying to port bits of code to other environments.

PR:		2752
Submitted by:	Arne Henrik Juul <arnej@imf.unit.no>
1997-09-18 14:08:40 +00:00
Philippe Charnier
1b6a6c70bb Fprintf -> warn. 1997-06-18 06:28:46 +00:00
Peter Wemm
d87d79aefe Merge from Lite2
- cleanups,
 - whiteout support
 - bug fixes (chflags missing on a few file types etc)
The dump/restore folks would want to have a closer look at this, the
change is pretty big.
1997-03-11 12:55:19 +00:00
Warner Losh
335524b9ad Various security related deltas from OpenBSD
dirs.c:
	From OpenBSD 1.2, 1.3, 1.5, 1.8, 1.10, 1.11, 1.12
	1.2:
		use unique temporary files; netbsd pr#2544;
		lukem@supp.cpr.itg.telecom.com.au
	1.3:
		updated patch from lukem@supp.cpr.itg.telecom.com.au
		to also make -r and -R work again
	1.5:
		mktemp open & fdopen
	1.8:
		/tmp// -> /tmp/
	1.10:
		Fix strncpy usage and correct strncat length field,
		from Theo.  Also change some occurrence of MAXPATHLEN
		with sizeof(foo).
	1.11:
		does noone know how to use strncat correctly?
	1.12:
		use mkstemp()
	From NetBSD:
		Use open rather than create so we can specify
		exclusive open mode.

main.c:
	From OpenBSD 1.2, 1.5
	1.2:
		From NetBSD: support $TAPE.
	1.5
		Set umask to be read only by owner until we set real
		file permissions.
tape.c:
	From NetBSD:
		Use open rather than create so we can specify
		exclusive open mode.
1997-01-01 00:03:49 +00:00
Nate Williams
b70db4c5d5 ts_sec -> tv_sec
ts_nsec -> tv_nsec
1996-09-20 04:33:57 +00:00
Bruce Evans
eaa86f9d7f Don't use __dead or __pure in user code. They were obfuscations
for gcc >= 2.5 and no-ops for gcc >= 2.6.  Converted to use __dead2
or __pure2 where it wasn't already done, except in math.h where use
of __pure was mostly wrong.
1996-09-14 03:00:32 +00:00
Joerg Wunsch
4d14a29026 Check a pointer in skipdirs() before dereferencing it. I don't fully
understand why it can become a null pointer under some circumstances,
but i've got a pile of tapes where this happens, and running it thru a
debugger proved that simply ending the loop in this case did the right
thing.

Anyway, it cannot make it worse than now, where restore kills itself
with "Memory fault".
1995-09-01 18:09:20 +00:00
Rodney W. Grimes
5ebc7e6281 Remove trailing whitespace. 1995-05-30 06:12:45 +00:00
Paul Traina
a7ab72edf1 Fix endian bug introduced at Berkeley during the Net2->4.4-lite transition.
Fix is courtesy of the NetBSD folks.

Reviewed by:	pst
1994-09-08 01:06:46 +00:00
Rodney W. Grimes
8fae3551ec BSD 4.4 Lite sbin Sources
Note:  XNSrouted and routed NOT imported here, they shall be imported with
usr.sbin.
1994-05-26 06:35:07 +00:00