Commit Graph

4457 Commits

Author SHA1 Message Date
Rob Landley
5797c7f0ef Doug Swarin pointed out a security bug in the -i option of sed.
While the permissions on the temp file are correct to prevent it from being 
maliciously mangled by passing strangers, (created with 600, opened O_EXCL, 
etc), the permissions on the _directory_ might not be, and we re-open the 
file to convert the filehandle to a FILE * (and automatically get an error 
message and exit if the directory's read-only or out of space or some such).

This opens a potential race condition if somebody's using dnotify on the 
directory, deletes/renames the tempfile, and drops a symlink or something 
there.  Somebody running sed -i as root in a world writeable directory could 
do damage.

I dug up notes on an earlier discussion where we looked at the security 
implications of this (unfortunately on the #uclibc channel rather than email; 
I don't have a transcript, just notes-to-self) which pointed out that if the 
permissions on the directory allow other people's files to be deleted/renamed 
then the original file is vulnerable to sabotage anyway.  However, there are 
two cases that discussion apparently didn't take into account:

1) Using another user's permissions to damage files in other directories you 
can't access (standard symlink attack).

2) Reading data another user couldn't otherwise access by having the new file 
belong to that other user.

This patch uses fdopen to convert the filehandle into a FILE *, rather than
reopening the file.
2005-05-18 05:56:16 +00:00
Mike Frysinger
1fb7961e08 use more busybox functions and remove redundant code 2005-05-16 22:35:59 +00:00
Mike Frysinger
b2312e9901 make sure we add the local dir to the include path 2005-05-16 22:05:07 +00:00
Rob Landley
4079b00119 Tito pointed out I'd broken -t (argv[optind] can't be before getulflags),
and replaced the use of system() (and resulting security implications).
2005-05-15 01:32:47 +00:00
Rob Landley
9ea8836357 Add automatic umount support to eject command. Patch from Tito,
with tweaks from Mike Frysinger and Rob Landley.

Note: this will still fail to umount a path that contains an ' or \ character.
Is it worth the extra size to filter for that?
2005-05-14 00:46:18 +00:00
Mike Frysinger
1ece21bddd as Rob Landley pointed out, need to fix the 1 versus i typo in indexing 2005-05-13 03:09:20 +00:00
Mike Frysinger
0fb397e617 blah, forgot to save last time to fix whitespacing 2005-05-13 00:58:18 +00:00
Mike Frysinger
867a6080fe remove duplicated code and rework algorithms to end up with smaller code 2005-05-13 00:57:30 +00:00
Mike Frysinger
dad4cf7e63 use a bunch of if statements since it is a few bytes smaller than a switch; also use bb_xfopen() instead of fopen() so comm doesnt segfault when given non-existant files :( 2005-05-12 22:50:12 +00:00
Mike Frysinger
b3a6ec3e62 err, added 2 to the wrong var :) also touchup the option detection to shrink size 2005-05-12 22:41:13 +00:00
Mike Frysinger
3ba93c0438 fix segfault if user only specifies 1 file 2005-05-12 22:36:32 +00:00
Mike Frysinger
4d149205c3 update usage to match actual behavior 2005-05-12 22:36:07 +00:00
Mike Frysinger
0d605e98b2 fix whitespace/coding style 2005-05-12 22:25:41 +00:00
Mike Frysinger
a84a512700 add missing comm.o rule 2005-05-12 22:23:15 +00:00
Mike Frysinger
5b300dd3a9 whitespace touchups 2005-05-12 22:22:50 +00:00
Eric Andersen
9cc7f3230a This makefile was a mess. Fix it to work as intended.
-Erik
2005-05-11 23:20:09 +00:00
Rob Landley
2acfd7bd26 Small comm implementatin from Rob Sullivan. Needed to build perl. 2005-05-11 23:12:49 +00:00
Mike Frysinger
b662f0d58b import ether-wake applet by haveaniceday Bug 252 2005-05-11 03:59:53 +00:00
Mike Frysinger
348e84c202 change the hardcoded error constant (0x80000000UL) to a nice flexible define (BB_GETOPT_ERROR) 2005-05-11 00:39:03 +00:00
Mike Frysinger
55e2cf6533 import eject by Peter Willis / Tito Ragusa 2005-05-11 00:25:47 +00:00
Mike Frysinger
fb6d22c96c now that mjn3 explained it to me, add documentation for the 3rd field in long opts 2005-05-11 00:02:39 +00:00
Rob Landley
00e76cb6b9 Patch from Jason Schoon to add IPV6 support to telnetd. Reworked by Rob
Landley to remove an #ifdef and move another one out of the flow of code.
2005-05-10 23:53:33 +00:00
Mike Frysinger
e5d0bde697 add documentation for long options and touch up the current docs now that i actually understand how to use the function myself :) 2005-05-10 23:48:35 +00:00
Mike Frysinger
38a33f91c0 import more libs to prep for new e2fsprogs 2005-05-09 22:13:22 +00:00
Mike Frysinger
1fd98e039d import ext2fs lib to prep for new e2fsprogs 2005-05-09 22:10:42 +00:00
Mike Frysinger
b32011943a no longer applies 2005-05-09 22:10:10 +00:00
Mike Frysinger
7a121e92eb import base_device.c for fsck 2005-05-09 22:09:00 +00:00
Mike Frysinger
8d929dab60 remove unused files 2005-05-09 21:58:36 +00:00
Mike Frysinger
a88d52237b trim out useless defines and use some busybox funcs 2005-05-09 21:57:44 +00:00
Mike Frysinger
507d1f76e5 override nls P_() macro 2005-05-09 21:53:25 +00:00
Mike Frysinger
ae38d65e95 abort if user passes -r or if they dont pass anything 2005-05-09 21:51:41 +00:00
Mike Frysinger
9dc93ac561 syntax/whitespace touchup 2005-05-09 21:51:15 +00:00
Rob Landley
540d3f60f3 Patch from Shaun Jackman:
> This patch modfies expr to use portable POSIX regex rather than BSD
> regex.
...
> This updated patch implements an anchored regex by checking that the
> match starts at offset 0.

More to the point, this patch uses the same regex that sed.c is already using
(opportunity to suck in less library code), and even building a dynamically
linked busybox with just expr the result is a slightly smaller binary (by 94
bytes, I dunno what nm --size-sort has to say about it because I didn't build
with debug info, since that changes the binary size a lot by disabling
optimization...)

Your mileage may vary.  Handle with caution.  Do not taunt happy fun ball.
2005-05-09 21:42:42 +00:00
Rob Landley
b9dfb8c03f Manuel points out that if printf needs a flush to act like dprintf, the result
is bigger.  Revert last patch.
2005-05-07 17:45:38 +00:00
Rob Landley
0fcd9430ce This one's from me. Fix ash "standalone shell".
If we exec /proc/self/exe and only fall back to /bin/busybox if /proc isn't
there, then we have a reasonable chance of having the standalone shell work
even if busybox isn't installed in /bin on the system in question.

Still won't work in a chroot environment, but it's an improvement.
2005-05-07 08:27:34 +00:00
Rob Landley
cce1ae2ce5 Shaun Jackman pointed out that dprintf(STDOUT_FILENO,...) is just a printf. 2005-05-07 07:53:16 +00:00
Mike Frysinger
ea338fffb5 patch by Tito which uses a lot more busybox functions to reduce size nicely 2005-05-07 07:17:43 +00:00
Mike Frysinger
6adfd349e9 update e2p target to match condensed files 2005-05-07 07:16:54 +00:00
Mike Frysinger
548ffd49a3 patch by Tito which unifies common get/set functions into 1 get/set function and cuts down on the size used significantly :) 2005-05-07 07:14:41 +00:00
Mike Frysinger
ba3a01f5e0 add/remove defines to handle more e2fsprogs 2005-05-07 06:49:54 +00:00
Mike Frysinger
9c85ecdef4 use shared busybox error messages to save a few bytes 2005-05-07 06:45:29 +00:00
Mike Frysinger
7dc7f402a7 make the exec (-e) an optional feature of netcat 2005-05-06 05:00:34 +00:00
Mike Frysinger
60a5c38a4b In bug 247, haveaniceday writes:
The option "-w secs" adds a timeout for writing.
2005-05-06 04:45:38 +00:00
Rob Landley
4f65360a5f Tweak the "pretty lsmod for 2.6" patch to be seperately selectable.
Patch from Takeharu Kato.
2005-05-04 23:55:06 +00:00
Rob Landley
918f2ab3d7 Revert the uptime() removal. Let the list sort it out... 2005-05-04 02:15:23 +00:00
Rob Landley
8b80c71d70 Patch from Shaun Jackman:
Replace uptime with time(NULL). time is more portable than uptime and
eliminates the need to define uptime, reducing code size slightly.
2005-05-04 00:38:15 +00:00
Rob Landley
15d3f7f143 Takeharu Kato's patch added 2.6 support to lsmod; this changes menuconfig
dependencies so 2.6 support depends on insmod or lsmod...
2005-05-04 00:25:49 +00:00
Rob Landley
627814bdc3 Takeharu Kato said:
I found that lsmod in busybox does not support linux-2.6.
I fix this issue(it is caused by changes of /proc/modules format).
If you use lsmod in busybox with kernel-2.6, please use this patch.
2005-05-03 22:34:03 +00:00
Rob Landley
0d38301d85 From: Shaun Jackman <sjackman@gmail.com>
To: busybox@mail.codepoet.org
  
Wrap sockaddr_in6 in a ifdef CONFIG_FEATURE_IPV6.
Include sys/types.h instead of asm/types.h.
Include netinet/if_ether.h instead of linux/if_ether.h
The ioctl request argument is an int, not an unsigned short.
2005-05-03 22:30:08 +00:00
Rob Landley
93983040c5 Shaun Jackman said:
This patch adds a CONFIG_FEATURE_CLEAN_UP stanza, and also adds an
ifdef around the SIOCGIFMAP call.
2005-05-03 21:30:26 +00:00