Commit Graph

445 Commits

Author SHA1 Message Date
Eric Andersen
52499cb9ae Tito writes:
Hi,
I've spent the half night staring at the devilish  my_getpwuid and my_getgrgid functions
trying to find out a way to avoid actual and future potential buffer overflow problems
without breaking existing code.
Finally I've  found a not intrusive way to do this that surely doesn't break existing code
and fixes a couple of problems too.
The attached patch:
1) changes the behaviour of my_getpwuid and my_getgrgid to avoid potetntial buffer overflows
2) fixes all occurences of this function calls in tar.c , id.c , ls.c, whoami.c, logger.c, libbb.h.
3) The behaviour of tar, ls and  logger is unchanged.
4) The behavior of ps with somewhat longer usernames messing up output is fixed.
5) The only bigger change was the increasing of size of the buffers in id.c to avoid
     false negatives (unknown user: xxxxxx) with usernames longer than 8 chars.
     The value i used ( 32 chars ) was taken from the tar header ( see gname and uname).
     Maybe this buffers can be reduced a bit  ( to 16 or whatever ), this is up to you.
6) The increase of size of the binary is not so dramatic:
     size busybox
       text    data     bss     dec     hex filename
     239568    2300   36816  278684   4409c busybox
    size busybox_fixed
       text    data     bss     dec     hex filename
     239616    2300   36816  278732   440cc busybox
7) The behaviour of whoami changed:
    actually it  prints out an username cut down to the size of the buffer.
    This could be fixed by increasing the size of the buffer as in id.c or
    avoid the use of my_getpwuid and use getpwuid directly instead.
    Maybe this colud be also remain unchanged......

Please apply if you think it is ok to do so.
The diff applies on today's cvs tarball (2004-08-25).
Thanks in advance,
Ciao,
Tito
2004-08-26 22:18:59 +00:00
Eric Andersen
b131db4326 Patch from Tito documenting the '-q' option 2004-08-19 18:25:02 +00:00
Eric Andersen
9ab4657c89 Fixup 'dc' usage 2004-08-18 17:57:16 +00:00
Eric Andersen
93d7fba892 Tito, farmatito at tiscali dot it writes:
Hi to all,
This patch is useful for:
1) remove an unused var from extern char *find_real_root_device_name(const char* name)
    changing it to extern char *find_real_root_device_name(void).
2) fixes include/libbb.h, coreutils/df.c, util-linux/mount.c and  util-linux/umount.c accordingly.
3) fixes a bug, really a false positive,  in find_real_root_device_name() that happens if
    in the /dev directory exists a link named root (/dev/root) that should be skipped but
    is not. This affects applets like df that display wrong results
2004-08-03 00:14:02 +00:00
Glenn L McGrath
c0dd26f68d Patch from Felipe Kellermann, fixup usage for pidof, poweroff, remove
some trailing '\n'
2004-07-23 06:06:21 +00:00
Glenn L McGrath
d250167bd2 Patch from Felipe Kellermann, fixup usage for halt command 2004-07-23 05:16:17 +00:00
Glenn L McGrath
72b14a8638 iUpdate reboot usage, patch by Felipe Kellermann 2004-07-23 03:33:38 +00:00
Glenn L McGrath
435962327a Patch from Felipe Kellermann to fix some typo's 2004-07-23 01:27:56 +00:00
Glenn L McGrath
8539667279 Patch from Tito, ass usage for strings -a options 2004-07-21 12:25:55 +00:00
Eric Andersen
9615a08218 Replace the old and somewhat buggy pwd_grp stuff with the shiny
new stuff mjn3 wrote for uClibc
2004-07-15 12:53:49 +00:00
Eric Andersen
36adca81f5 Patch from Bastian Blank:
On Sat, Jun 19, 2004 at 10:57:37PM +0200, Bastian Blank wrote:
> The following patch changes klogd to use openlog/syslog themself
> instead of calling syslog_msg which always calls the triple
> openlog/syslog/closelog.

Updated patch: get rid of syslog_msg entirely. Request from Erik Andersen.

Bastian
2004-06-22 10:07:17 +00:00
Eric Andersen
ed9ecf7894 Patch from Bastian Blank:
The updated patch adds a config option to explicitely enable 64 bit
    arithmetic.

    Also it removes the arith prototype from libbb.h as it is not used
    outside of ash.

    Bastian

this patch has been slightly modified by Erik for cleanliness.
2004-06-22 08:29:45 +00:00
Glenn L McGrath
07e1ccdf75 Woops, the previous commit was an accident, its supplied in the patch,
dont commit yet as we are in feature freeze
2004-06-05 07:58:18 +00:00
Glenn L McGrath
84b6264670 Device table support for makedevs, the previous behaviour can been
selected at configure time.
2004-06-05 07:54:52 +00:00
Rob Landley
58b118ae33 Ahem. ("I'm just tweaking a documentation string, I don't need to compile
test it before checking in..."  New entry for famous last words list.)

Add the missing backslash at the end of the new sed doc string line.

(This one actually compiled with "show verbose applet usage messages"...)
2004-05-26 22:09:37 +00:00
Rob Landley
1ce5968443 Update sed help. (Add -r option to long help, add -i option to brief help,
and alphabetizie the option list.)
2004-05-26 21:59:31 +00:00
Eric Andersen
0dfe4e9956 As discussed, drop minit, which was not being supported in busybox.
People wishing to use minit can obtain it and obtain support from
http://www.fefe.de/minit/
2004-05-26 10:28:32 +00:00
Glenn L McGrath
cbc453c7a2 Update dpkg-deb usage to match current practices 2004-05-02 03:01:08 +00:00
Eric Andersen
6f9a7783ce Do not use getpass(3) 2004-05-01 01:27:30 +00:00
Eric Andersen
73afd89610 Steven Scholz writes:
Hi there,

the "-h" option of httpd is not described in the usage text.

Please find the attached patch.

Thanks.

Steven
2004-04-14 17:59:21 +00:00
Eric Andersen
aff114c33d Larry Doolittle writes:
This is a bulk spelling fix patch against busybox-1.00-pre10.
If anyone gets a corrupted copy (and cares), let me know and
I will make alternate arrangements.

Erik - please apply.

Authors - please check that I didn't corrupt any meaning.

Package importers - see if any of these changes should be
passed to the upstream authors.

I glossed over lots of sloppy capitalizations, missing apostrophes,
mixed American/British spellings, and German-style compound words.

What is "pretect redefined for test" in cmdedit.c?

Good luck on the 1.00 release!

      - Larry
2004-04-14 17:51:38 +00:00
Eric Andersen
3561b017ce Fix incorrect ipcalc usage text 2004-04-13 19:27:20 +00:00
Eric Andersen
625da9d61e Fix several problems with start-stop-daemon, add -m support 2004-04-13 18:28:46 +00:00
Eric Andersen
f802ff76d0 Patch from Rob Landley to fix sed documentation.
The -i option was not documented, and in genereal
the formatting was a bit ugly.
2004-04-12 15:12:06 +00:00
Eric Andersen
957879ae1e Document insmod -o 2004-04-07 15:07:55 +00:00
Eric Andersen
15c03c315f Yet more doc updates 2004-04-06 17:52:02 +00:00
Eric Andersen
a151d19504 Yet more doc cleanups. Many thanks to Robert P. J. Day for
kindly reviewing the existing docs and providing helpful feedback.
2004-04-06 17:16:36 +00:00
Eric Andersen
0a87ac6546 Seem not many people are using 'ipaddr' since it has
never worked....  Most people use 'ip addr foo' I suppose.
2004-04-06 16:59:43 +00:00
Eric Andersen
178de17969 yet-more doc updates and cleanups 2004-04-06 16:36:20 +00:00
Eric Andersen
75eb90f288 As noted by Martin Schwenke, the example for find was wrong 2004-03-29 08:20:08 +00:00
Eric Andersen
38748fddf3 Yet more doc cleanups 2004-03-27 11:35:46 +00:00
Eric Andersen
c7bda1ce65 Remove trailing whitespace. Update copyright to include 2004. 2004-03-15 08:29:22 +00:00
Eric Andersen
63a1a7aaa5 Update docs for start_stop_daemon to match reality. Update
the reality a bit to better match debian behavior.
2004-03-13 08:33:10 +00:00
Eric Andersen
3cac0c7d7f Add prototypes for safe_strtol and friends 2004-03-12 22:08:13 +00:00
Eric Andersen
08f59e32c1 Fix awk entry, which was not showing up in BusyBox.txt for some reason 2004-03-12 22:07:10 +00:00
Manuel Novoa III
7d0c51919c In spite of the feature freeze, check in a complete rework of route which
fixes some bugs, adds some error checking, and removes _lots_ of bloat.
Text size on i386...
              old     new
   ipv6      5425    3523
   no ipv6   3143    2193
2004-03-10 07:42:38 +00:00
Eric Andersen
2715fa147a Note that /proc must be mounted for filesystem type autodetection
to work.  Without /proc mounted, one must explicitly specify the
type of every filesystem being mounted.
2004-03-09 21:32:57 +00:00
Glenn L McGrath
a89bbfb257 Woops, how did that get in there 2004-03-06 07:38:27 +00:00
Glenn L McGrath
d1daf8b6f4 Patch from Denis Dowling to fix a ocuple of usage entries 2004-02-25 10:35:55 +00:00
Eric Andersen
539ffc9129 Fernando Silveira writes:
Hi,

  Well, I made this patch a long time ago (08/2002) because it was a
  need of a project, but had no time to send it to you. It adds support
  to `autologin' option of the telnet protocol. It has been used since
  made with busybox 0.60.3 at production and I had no problems with it.
  I have ported it to the HEAD revision of the CVS server (20040211) and
  I hope you enjoy and apply it to the official sources. :)

Thanks a lot!
2004-02-22 12:25:47 +00:00
Glenn L McGrath
58fd67fa98 Update usage for ftpget and ftpput 2004-02-22 04:12:58 +00:00
Glenn L McGrath
15c3512614 Sometimes i get carried away with the use of function pointers, im sure
it seemed like a good idea at the time.
2004-02-21 09:20:56 +00:00
Eric Andersen
ced9705c42 Document missing cp options 2004-02-20 09:55:37 +00:00
Manuel Novoa III
68474f3b36 Make sure stdlib.h is always included before dmalloc.h to avoid problems
parsing problems.
2004-02-05 14:45:58 +00:00
Glenn L McGrath
82364bb591 New applet, seq. No options, just the basics. 2004-01-27 09:22:20 +00:00
Glenn L McGrath
036dbaa082 Modify bb_lookup_port to allow the protocol to be specified, allowing
/etc/services support for inetd, netcat and tftp.
2004-01-17 05:03:31 +00:00
Glenn L McGrath
17b4a20a9c Patch by Tito, reduce size of deallocvt, also make the usage message
clearer (from N to [N]) and indirectly (through bb_xgetlarg) adds support
for  -h ;-)
2004-01-15 11:50:19 +00:00
Glenn L McGrath
7c87b67c08 Patch from Bastian Blank, allow the buildtime to be overriden with a
different string, used by the debian busybox-cvs to specify the debian
date based version number.
2004-01-13 10:57:32 +00:00
Eric Andersen
7f48a959f5 Update example slightly 2003-12-28 05:06:56 +00:00
Tim Riker
7b253f8c72 ws, show date setting format 2003-12-28 05:02:40 +00:00