freebsd-skq/usr.sbin
Don Lewis 660d4fe299 Fix CID 1006692 in /usr/sbin/pw pw_log() function and other fixes
The length of the name returned from the $LOGNAME and $USER can be
very long and it was being concatenated to a fixed length buffer
with no bounds checking.  Fix this problem by limiting the length
of the name copied.

Additionally, this name is actually used to create a format string
to be used in adding log file entries so embedded % characters in
the name could confuse *printf(), and embedded whitespace could
confuse a log file parser.  Handle the former by escaping each %
with an additional %, and handle the latter by simply stripping it
out.

Clean up the code by moving the variable declarations to the top
of the function, formatting them to conform with style, and moving
intialization elsewhere.

Reduce code indentation by returning early in a couple of places.

Reported by:	Coverity
CID:		1006692
Reviewed by:	markj (previous version)
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D6490
2016-05-24 05:02:24 +00:00
..
ac Add META_MODE support. 2015-06-13 19:20:56 +00:00
accton Create an acct package for accounting tools. 2016-01-21 17:49:10 +00:00
acpi Merge ACPICA 20160422. 2016-04-27 19:09:21 +00:00
adduser Add META_MODE support. 2015-06-13 19:20:56 +00:00
amd MFH 2016-03-02 16:14:46 +00:00
ancontrol Add META_MODE support. 2015-06-13 19:20:56 +00:00
apm Create a package for apm(8). 2016-01-21 18:41:55 +00:00
apmd It seems <sys/types.h> is a new prerequisite for <bitstring.h> after 2016-05-24 03:15:46 +00:00
arp rtsock requests for deleting interface address lles started to return EPERM 2015-09-27 04:54:29 +00:00
asf Update dependencies after r291406 added libelf to libkvm. 2015-12-01 05:18:48 +00:00
audit Add META_MODE support. 2015-06-13 19:20:56 +00:00
auditd Add META_MODE support. 2015-06-13 19:20:56 +00:00
auditdistd DIRDEPS_BUILD: Regenerate without local dependencies. 2016-02-24 17:20:11 +00:00
auditreduce Add META_MODE support. 2015-06-13 19:20:56 +00:00
authpf Add META_MODE support. 2015-06-13 19:20:56 +00:00
autofs MFH 2016-04-04 23:55:32 +00:00
bhyve bhyve: consider the bogus case of a negative bar idx. 2016-05-13 14:59:02 +00:00
bhyvectl MFH 2016-01-12 14:33:17 +00:00
bhyveload MFH 2016-04-06 01:44:21 +00:00
binmiscctl Another attempt at resolving CID 1305629. The test of cmd == -1 2016-05-13 17:48:04 +00:00
bluetooth Improve performance and functionality of the bitstring(3) api 2016-05-04 22:34:11 +00:00
boot0cfg Adjust previous fix to conform to the existing style in this file. 2016-01-14 15:49:24 +00:00
boot98cfg META_MODE: Remove DEP_MACHINE from Makefile.depend files. 2015-09-25 19:44:01 +00:00
bootparamd DIRDEPS_BUILD: Regenerate without local dependencies. 2016-02-24 17:20:11 +00:00
bsdconfig Don't repeat the the word 'the' 2016-05-17 12:52:31 +00:00
bsdinstall Only set kern.geom.part.mbr.enforce_chs=0 once, instead of once per disk 2016-05-24 00:23:39 +00:00
bsnmpd Revert r299830, it has couple of fatal errors. 2016-05-18 22:02:19 +00:00
btxld Reuse our roundup2() macro instead of reinventing the wheel. 2016-04-18 17:30:33 +00:00
camdd Fix multiple Coverity Out-of-bounds access false postive issues in CAM 2016-05-24 00:57:11 +00:00
cdcontrol Add META_MODE support. 2015-06-13 19:20:56 +00:00
chkgrp Revert r286148 2015-08-01 10:40:17 +00:00
chown Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
chroot Add META_MODE support. 2015-06-13 19:20:56 +00:00
ckdist Add META_MODE support. 2015-06-13 19:20:56 +00:00
clear_locks Add META_MODE support. 2015-06-13 19:20:56 +00:00
config Don't free fnamebuf before we calling cfgfile_add(). This changes a 2016-05-16 04:39:16 +00:00
cpucontrol Add META_MODE support. 2015-06-13 19:20:56 +00:00
crashinfo Add META_MODE support. 2015-06-13 19:20:56 +00:00
cron usr.sbin: minor spelling fixes on comments. 2016-05-01 16:41:25 +00:00
crunch DIRDEPS_BUILD: Regenerate without local dependencies. 2016-02-24 17:20:11 +00:00
ctladm usr.sbin: minor spelling fixes on comments. 2016-05-01 16:41:25 +00:00
ctld Fix error message. 2016-05-19 14:45:34 +00:00
ctm Remove a link to the CTM section of the Handbook, which no longer exists. 2016-04-14 21:56:36 +00:00
daemon o -t comman line option added to the usage(). 2016-03-03 07:07:44 +00:00
dconschat Update dependencies after r291406 added libelf to libkvm. 2015-12-01 05:18:48 +00:00
devctl Add 'devctl delete' that calls device_delete_child(). 2016-04-27 16:33:17 +00:00
devinfo Use uintmax_t (typedef'd to rman_res_t type) for rman ranges. 2016-03-18 01:28:41 +00:00
digictl Add META_MODE support. 2015-06-13 19:20:56 +00:00
diskinfo Add support for managing Shingled Magnetic Recording (SMR) drives. 2016-05-19 14:08:36 +00:00
dumpcis Add META_MODE support. 2015-06-13 19:20:56 +00:00
editmap DIRDEPS_BUILD: Regenerate without local dependencies. 2016-02-24 17:20:11 +00:00
edquota Use strlcpy() instead of strncpy() to ensure that qup->fsname is NUL 2016-05-13 00:02:03 +00:00
eeprom META_MODE: Remove DEP_MACHINE from Makefile.depend files. 2015-09-25 19:44:01 +00:00
etcupdate Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
extattr Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
extattrctl Add META_MODE support. 2015-06-13 19:20:56 +00:00
fdcontrol Add META_MODE support. 2015-06-13 19:20:56 +00:00
fdformat Use NULL instead of 0 for pointers and memory allocation. 2016-04-15 02:14:11 +00:00
fdread Use NULL instead of 0 for pointers. 2016-04-14 12:46:46 +00:00
fdwrite Add META_MODE support. 2015-06-13 19:20:56 +00:00
fifolog DIRDEPS_BUILD: Regenerate without local dependencies. 2016-02-24 17:20:11 +00:00
flowctl Add META_MODE support. 2015-06-13 19:20:56 +00:00
fmtree Use NULL instead of 0 for pointers. 2016-04-15 03:38:58 +00:00
freebsd-update Provide a future release as an example, instead of a historical one. 2016-02-05 21:57:50 +00:00
fstyp Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
ftp-proxy META MODE: Update dependencies with 'the-lot' and add missing directories. 2015-12-01 05:23:19 +00:00
fwcontrol Fix a ton of speelling errors 2015-10-21 05:37:09 +00:00
getfmac Add META_MODE support. 2015-06-13 19:20:56 +00:00
getpmac Add META_MODE support. 2015-06-13 19:20:56 +00:00
gpioctl Fix gcc warnings about possibly uninitialized variables in gpioctl.c. 2016-03-12 15:10:30 +00:00
gssd usr.sbin: minor spelling fixes on comments. 2016-05-01 16:41:25 +00:00
gstat Update dependencies after r291406 added libelf to libkvm. 2015-12-01 05:18:48 +00:00
hyperv META MODE: Update dependencies with 'the-lot' and add missing directories. 2015-12-01 05:23:19 +00:00
i2c i2c(8): uninitialized variable (UNINIT). 2016-05-13 15:57:55 +00:00
ifmcstat Add META_MODE support. 2015-06-13 19:20:56 +00:00
inetd Rename getline with get_line to avoid collision with getline(3) 2016-05-10 11:12:31 +00:00
iostat Fix the usr.sbin/iostat build with GCC, broken by r295768 2016-02-22 21:40:53 +00:00
iovctl Clean up repeated "All rights reserved" 2016-03-14 17:41:17 +00:00
ip6addrctl Add META_MODE support. 2015-06-13 19:20:56 +00:00
ipfwpcap Add META_MODE support. 2015-06-13 19:20:56 +00:00
iscsid Build iscsid(8) with ICL_KERNEL_PROXY defined by default, as required 2016-05-23 12:58:24 +00:00
jail typo 2016-05-01 16:48:03 +00:00
jexec Define which of the username options (-u/-U) to jexec(8) is the default. 2016-04-23 22:31:58 +00:00
jls Add a package for jail(8) and related utilities. 2016-01-20 17:07:13 +00:00
kbdcontrol kbdcontrol: add -P path option to add keymap search paths 2016-03-16 04:05:02 +00:00
kbdmap kbdmap: include filename when reporting fopen() failure 2015-11-27 21:27:39 +00:00
keyserv Cleanup unnecessary semicolons from utilities we all love. 2016-04-15 22:31:22 +00:00
kgmon Use NULL instead of 0 for pointers. 2016-04-14 11:41:30 +00:00
kgzip META_MODE: Remove DEP_MACHINE from Makefile.depend files. 2015-09-25 19:44:01 +00:00
kldxref Use NULL instead of 0 for pointers. 2016-05-16 01:12:56 +00:00
lastlogin Add META_MODE support. 2015-06-13 19:20:56 +00:00
lmcconfig Use strlcpy() instead of strncpy() when copying ifname to ensure 2016-05-15 21:45:04 +00:00
lpr Rename getline with get_line to avoid collision with getline(3) 2016-05-10 11:17:19 +00:00
lptcontrol Add META_MODE support. 2015-06-13 19:20:56 +00:00
mailstats DIRDEPS_BUILD: Regenerate without local dependencies. 2016-02-24 17:20:11 +00:00
mailwrapper Add META_MODE support. 2015-06-13 19:20:56 +00:00
makefs Initialize date of rootNode. 2016-05-18 22:24:52 +00:00
makemap DIRDEPS_BUILD: Regenerate without local dependencies. 2016-02-24 17:20:11 +00:00
manctl Add META_MODE support. 2015-06-13 19:20:56 +00:00
memcontrol Add META_MODE support. 2015-06-13 19:20:56 +00:00
mergemaster All supported releases have the -m support from r186678, so remove 2015-09-29 17:54:01 +00:00
mfiutil Fix a ton of speelling errors 2015-10-21 05:37:09 +00:00
mixer mixer(8): Style: Tag no-return usage() as __dead2 2016-05-11 17:27:27 +00:00
mld6query Add META_MODE support. 2015-06-13 19:20:56 +00:00
mlxcontrol Add META_MODE support. 2015-06-13 19:20:56 +00:00
mount_smbfs META MODE: Update dependencies with 'the-lot' and add missing directories. 2015-12-01 05:23:19 +00:00
mountd Use MIN macro from sys/param.h. 2016-05-02 01:49:42 +00:00
moused Use macro MAX() from sys/param.h. 2016-04-22 03:55:33 +00:00
mpsutil Plug various resources leak 2016-04-20 21:32:34 +00:00
mptable Stop suggesting -grope argument when -grope argument was actually given 2015-10-22 21:13:35 +00:00
mptutil Fix multiple Coverity Out-of-bounds access false postive issues in CAM 2016-05-24 00:57:11 +00:00
mtest mtest: Prevent access to uninitialized value. 2016-04-01 01:35:52 +00:00
nandsim usr.sbin: minor spelling fixes on comments. 2016-05-01 16:41:25 +00:00
nandtool META MODE: Connect MK_NAND directories. 2015-12-02 05:31:01 +00:00
ndiscvt Remove the old depend (mkdep) code and make FAST_DEPEND the one true way. 2016-03-30 23:50:23 +00:00
ndp Fix indent after r292333. 2015-12-19 09:18:01 +00:00
newsyslog Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
nfscbd Cleanup unnecessary semicolons from utilities we all love. 2016-04-15 22:31:22 +00:00
nfsd Cleanup unnecessary semicolons from utilities we all love. 2016-04-15 22:31:22 +00:00
nfsdumpstate Add META_MODE support. 2015-06-13 19:20:56 +00:00
nfsrevoke Add META_MODE support. 2015-06-13 19:20:56 +00:00
nfsuserd Document the new "-manage-gids" option for the nfsuserd daemon. 2015-11-30 22:16:30 +00:00
ngctl ngctl dot: Drop invalid trailing semi-colon 2015-09-22 01:31:01 +00:00
nghook Add META_MODE support. 2015-06-13 19:20:56 +00:00
nmtree Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
nologin new depends 2015-06-16 23:37:19 +00:00
nscd Add META_MODE support. 2015-06-13 19:20:56 +00:00
ntp MFV r298691: 2016-04-27 07:46:38 +00:00
nvram use .Mt to mark up email addresses consistently (part2) 2014-06-20 09:57:27 +00:00
ofwdump DIRDEPS_BUILD: Update dependencies. 2015-12-07 23:53:01 +00:00
pc-sysinstall dd report short write as error, so don't halt on it. 2016-03-12 23:04:10 +00:00
pciconf Don't repeat the the word 'the' 2016-05-17 12:52:31 +00:00
periodic Better document security_show_{success,info,badconfig} in /etc/periodic.conf 2016-05-21 02:14:11 +00:00
pkg Remove some unneeded headers 2016-01-13 17:59:12 +00:00
pmcannotate Add META_MODE support. 2015-06-13 19:20:56 +00:00
pmccontrol Use macro MAX() from sys/param.h. 2016-04-22 05:07:59 +00:00
pmcstat pmcstat: minor spelling fixes. 2016-05-01 16:40:56 +00:00
pmcstudy pmcstudy.8: minor "efficiency" fix. 2016-05-03 22:20:55 +00:00
pnpinfo META_MODE: Remove DEP_MACHINE from Makefile.depend files. 2015-09-25 19:44:01 +00:00
portsnap Cleanup unnecessary semicolons from utilities we all love. 2016-04-15 22:31:22 +00:00
powerd Directly set the NONBLOCK flags when creating the socket 2016-05-10 11:18:53 +00:00
ppp Don't walk off the end of the array when proto isn't explicitly 2016-05-16 23:47:08 +00:00
pppctl Add META_MODE support. 2015-06-13 19:20:56 +00:00
praliases DIRDEPS_BUILD: Regenerate without local dependencies. 2016-02-24 17:20:11 +00:00
praudit Add META_MODE support. 2015-06-13 19:20:56 +00:00
procctl Add META_MODE support. 2015-06-13 19:20:56 +00:00
pstat Update dependencies after r291406 added libelf to libkvm. 2015-12-01 05:18:48 +00:00
pw Fix CID 1006692 in /usr/sbin/pw pw_log() function and other fixes 2016-05-24 05:02:24 +00:00
pwd_mkdb Following revision r295924, the changes to a db file should be fsynced 2016-02-23 15:28:13 +00:00
quot quot: make use of our rounddown() macro when <sys/param.h> is available. 2016-05-02 02:13:22 +00:00
quotaon Add META_MODE support. 2015-06-13 19:20:56 +00:00
rarpd When clearing rtmsg, pass &rtmsg to bzero() instead of the address of 2016-05-17 04:03:45 +00:00
repquota Add META_MODE support. 2015-06-13 19:20:56 +00:00
rip6query Add META_MODE support. 2015-06-13 19:20:56 +00:00
rmt Use NULL instead of 0 for pointers. 2016-04-14 12:25:00 +00:00
route6d Use strlcpy() instead of strncpy() when copying ifname to ensure 2016-05-15 22:31:03 +00:00
rpc.lockd Actually use the loop interation limit so carefully computed on the 2016-05-16 23:00:48 +00:00
rpc.statd Set ai2 to NULL in in find_host() before the loop and after calling 2016-05-16 23:29:04 +00:00
rpc.umntall Add META_MODE support. 2015-06-13 19:20:56 +00:00
rpc.yppasswdd Wrap EXPAND(..) macro with a do-while(0) loop and put a single statement on each line 2016-05-22 19:06:38 +00:00
rpc.ypupdated DIRDEPS_BUILD: Regenerate without local dependencies. 2016-02-24 17:20:11 +00:00
rpc.ypxfrd DIRDEPS_BUILD: Regenerate without local dependencies. 2016-02-24 17:20:11 +00:00
rpcbind Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
rrenumd DIRDEPS_BUILD: Regenerate without local dependencies. 2016-02-24 17:20:11 +00:00
rtadvctl Add META_MODE support. 2015-06-13 19:20:56 +00:00
rtadvd Use strlcpy() instead of strncpy() when copying ifname to ensure 2016-05-15 22:06:21 +00:00
rtprio Add META_MODE support. 2015-06-13 19:20:56 +00:00
rtsold Use strlcpy() instead of strncpy() when copying ifname to ensure 2016-05-15 22:17:41 +00:00
rwhod Create a rcmds package. 2016-01-21 17:33:31 +00:00
sa Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
sendmail MFH 2016-03-02 16:14:46 +00:00
service Add an additional check to service(8) -e incase rcvar is blank 2015-09-08 22:50:17 +00:00
services_mkdb Replace fparseln(3) with getline(3) to remove dependency on libutil 2016-05-09 20:04:22 +00:00
sesutil Plug memory leak 2016-04-20 21:37:32 +00:00
setfib Add META_MODE support. 2015-06-13 19:20:56 +00:00
setfmac Add META_MODE support. 2015-06-13 19:20:56 +00:00
setpmac Add META_MODE support. 2015-06-13 19:20:56 +00:00
sicontrol Add META_MODE support. 2015-06-13 19:20:56 +00:00
smbmsg Add META_MODE support. 2015-06-13 19:20:56 +00:00
snapinfo Add META_MODE support. 2015-06-13 19:20:56 +00:00
spkrtest Add META_MODE support. 2015-06-13 19:20:56 +00:00
spray Add META_MODE support. 2015-06-13 19:20:56 +00:00
syslogd syslogd: Enable repeated line compression for lines of any length. 2016-01-27 16:17:15 +00:00
sysrc jls(1) -> jls(8) 2016-02-29 17:30:34 +00:00
tcpdchk Use LIBEXECDIR for /usr/libexec. 2015-11-26 01:14:40 +00:00
tcpdmatch Use LIBEXECDIR for /usr/libexec. 2015-11-26 01:14:40 +00:00
tcpdrop Add META_MODE support. 2015-06-13 19:20:56 +00:00
tcpdump Update dependencies. 2016-02-26 22:14:15 +00:00
tests Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
timed Undo the bogus gethostname() change from r299709. 2016-05-14 04:29:13 +00:00
traceroute DIRDEPS_BUILD: Regenerate without local dependencies. 2016-02-24 17:20:11 +00:00
traceroute6 traceroute6(8): use NULL instead of zero for initializing a pointer. 2016-05-12 02:05:50 +00:00
trpt Check and fail if drop of privileges failed. 2015-09-01 06:32:02 +00:00
tzsetup Use NULL instead of 0 for pointers. 2016-04-15 04:10:47 +00:00
uathload Implement suggestion by jhb@ to have _PATH_FIRMWARE instead of hard 2016-03-23 04:18:57 +00:00
uefisign META MODE: Update dependencies with 'the-lot' and add missing directories. 2015-12-01 05:23:19 +00:00
ugidfw Add META_MODE support. 2015-06-13 19:20:56 +00:00
uhsoctl Prevent use-after-free with ctx->ns in set_nameservers(..), which could occur 2015-12-22 05:57:23 +00:00
unbound MFH 2016-03-14 18:54:29 +00:00
usbconfig Add META_MODE support. 2015-06-13 19:20:56 +00:00
usbdump Reuse our roundup2() macro instead of reinventing the wheel. 2016-04-18 17:30:33 +00:00
utx Add META_MODE support. 2015-06-13 19:20:56 +00:00
vidcontrol Add "vidcontrol -i active", to print out active vty number, 2016-01-19 13:09:20 +00:00
vigr META MODE: Update dependencies with 'the-lot' and add missing directories. 2015-12-01 05:23:19 +00:00
vipw Add META_MODE support. 2015-06-13 19:20:56 +00:00
wake Fix a few mandoc warnings. 2015-08-12 10:34:05 +00:00
watch Use strlcpy() when the string is expected to be nul-terminated. 2015-10-06 22:49:25 +00:00
watchdogd Fix typo. 2016-02-29 17:40:37 +00:00
wlandebug Belatedly fix documentation on which interface to use as argument. 2015-08-17 09:18:54 +00:00
wlconfig META_MODE: Remove DEP_MACHINE from Makefile.depend files. 2015-09-25 19:44:01 +00:00
wpa Update hostapd/wpa_supplicant to version 2.5. 2015-10-18 21:38:25 +00:00
yp_mkdb Staticfy and constify some variables and clean up the code a bit to make it 2015-07-28 02:32:40 +00:00
ypbind Use strlcpy() instead of strncpy() when copying to dom_domain to 2016-05-12 21:35:40 +00:00
ypldap Simplify overengineered and buggy code that looked like as if it did 2016-05-16 02:44:22 +00:00
yppoll Update META_MODE dependencies. 2015-09-17 05:06:34 +00:00
yppush DIRDEPS_BUILD: Regenerate without local dependencies. 2016-02-24 17:20:11 +00:00
ypserv DIRDEPS_BUILD: Regenerate without local dependencies. 2016-02-24 17:20:11 +00:00
ypset Rename YP to NIS in the manpages. 2015-09-03 07:18:52 +00:00
zic Use more appropriate ${SHAREDIR} rather than /usr/share. 2015-10-27 23:35:02 +00:00
zonectl Add support for managing Shingled Magnetic Recording (SMR) drives. 2016-05-19 14:08:36 +00:00
zzz Add META_MODE support. 2015-06-13 19:20:56 +00:00
Makefile Add support for managing Shingled Magnetic Recording (SMR) drives. 2016-05-19 14:08:36 +00:00
Makefile.amd64 Make the building of libsmb and mount_smbfs unconditional, now that r292552 2015-12-21 17:41:08 +00:00
Makefile.arm Make the building of libsmb and mount_smbfs unconditional, now that r292552 2015-12-21 17:41:08 +00:00
Makefile.arm64 arm64: build usr.sbin/acpi subdirectory 2015-11-08 20:56:04 +00:00
Makefile.i386 Make the building of libsmb and mount_smbfs unconditional, now that r292552 2015-12-21 17:41:08 +00:00
Makefile.inc
Makefile.mips Document why we use -z nonexecstack in the Makefile since it 2015-11-21 16:37:11 +00:00
Makefile.powerpc Make the building of libsmb and mount_smbfs unconditional, now that r292552 2015-12-21 17:41:08 +00:00
Makefile.sparc64 Make the building of libsmb and mount_smbfs unconditional, now that r292552 2015-12-21 17:41:08 +00:00