freebsd-skq/bin at 0e1982f4df22ee3ca9c9be11a4ea5f66af0ab828 - freebsd-skq - Quacker.org Git Repositories

d/freebsd-skq

History

Jilles Tjoelker c8a3d81f34 sh: Fix heap-based buffer overflow in pathname generation.

The buffer for generated pathnames could be too small in some cases. It
happened to be always at least PATH_MAX long, so there was never an overflow
if the resulting pathnames would be usable.

This bug may be abused if a script subjects input from an untrusted source
to pathname generation, which a bad idea anyhow. Most shell scripts do not
work on untrusted data. secteam@ says no advisory is necessary.

PR:		bin/148733
Reported by:	Changming Sun snnn119 at gmail com
MFC after:	10 days

2010-08-10 22:45:59 +00:00

..

Removed redundant WARNS setting.

2009-10-15 18:17:29 +00:00

Staticify internal routines.

2009-06-23 23:30:56 +00:00

Zero struct before reading from it

2010-06-02 09:34:41 +00:00

- Don't include both <sys/types.h> and <sys/param.h>

2009-09-02 05:26:59 +00:00

Don't try to copy a socket after "xxx is a socket (not copied)." message.

2010-06-05 08:50:39 +00:00

Let csh(1) use utmpx instead of utmp.

2010-01-13 17:49:35 +00:00

Explain that setting an absolute day value can fail and that the month should

2010-06-04 06:56:58 +00:00

Bump .Dd for r187609

2009-01-30 16:23:57 +00:00

Staticify internal routines.

2009-06-23 23:30:56 +00:00

Use a standard section name.

2006-12-18 15:45:01 +00:00

Mark functions as __dead2 in order to help the LLVM static checker

2008-08-04 01:25:48 +00:00

ed(1): make WARNS=6 clean

2010-03-04 16:08:01 +00:00

Fix markup.

2007-03-04 19:52:07 +00:00

More mdoc nitpicking to improve compatibility to mdocml

2010-06-11 06:04:07 +00:00

Staticify internal routines.

2009-06-23 23:30:56 +00:00

Add missing `void' for function without arguments.

2009-12-29 08:45:07 +00:00

kill: Stop processing if a syntactically invalid pid is encountered.

2010-07-29 16:40:45 +00:00

Spelling fixes.

2010-07-31 21:09:49 +00:00

Change all our own code to use st_*tim instead of st_*timespec.

2010-03-28 13:16:08 +00:00

More markup fixes.

2006-12-27 11:28:00 +00:00

Add NFSv4 ACL support to mv(1).

2009-09-04 21:49:37 +00:00

Fix back references in substitute command for pax(1)

2010-05-24 06:33:14 +00:00

Add -l to the synopsis

2010-07-12 01:58:46 +00:00

Fix alignment for the 'flags' label, and make more room for 'tdev'.

2010-07-24 15:37:36 +00:00

mdoc: order prologue macros consistently by Dd/Dt/Os

2010-04-14 19:08:06 +00:00

Sync program's usage() with manpage's SYNOPSIS.

2005-02-09 17:37:39 +00:00

Change all our own code to use st_*tim instead of st_*timespec.

2010-03-28 13:16:08 +00:00

Enhance realpath(1) in a number of ways:

2008-03-09 12:46:39 +00:00

rm, find -delete: fix removing symlinks with uchg/uappnd set.

2009-05-30 10:42:19 +00:00

Bump WARNS where possible.

2010-02-15 14:07:40 +00:00

Fix markup.

2006-12-27 12:14:56 +00:00

Typo fix: s/ommited/omitted

2010-07-27 17:33:02 +00:00

sh: Fix heap-based buffer overflow in pathname generation.

2010-08-10 22:45:59 +00:00

Document the new argument parser for sleep(1) and SIGINFO behaviour.

2010-08-02 10:59:23 +00:00

Make stty(1) use tab0 and tab3 to handle tab completion.

2008-08-23 13:28:55 +00:00

/*- or .\"- or #- to begin license clauses.

2005-01-10 08:39:26 +00:00

Change all our own code to use st_*tim instead of st_*timespec.

2010-03-28 13:16:08 +00:00

Removed redundant WARNS setting.

2009-10-15 18:17:29 +00:00

Makefile

Add pwait utility, which waits for any process to terminate.

2009-11-17 22:47:20 +00:00

Makefile.inc

Reimplementation of world/kernel build options. For details, see:

2006-03-17 18:54:44 +00:00