about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--Makefile22
-rw-r--r--src/liboutils/outils.h2
-rw-r--r--src/liboutils/pledge.c6
-rw-r--r--src/usr.bin/apply/apply.c5
-rw-r--r--src/usr.bin/calendar/calendar.h2
-rw-r--r--src/usr.bin/jot/jot.c5
-rw-r--r--src/usr.bin/lam/lam.c5
-rw-r--r--src/usr.bin/lndir/lndir.c5
-rw-r--r--src/usr.bin/rs/rs.c61
-rw-r--r--src/usr.bin/signify/signify.c33
-rw-r--r--src/usr.bin/unvis/unvis.c11
-rw-r--r--src/usr.bin/vis/vis.c10
-rw-r--r--src/usr.bin/what/what.c5
13 files changed, 118 insertions, 54 deletions
diff --git a/Makefile b/Makefile
index 71ea745..2eb90a3 100644
--- a/Makefile
+++ b/Makefile
@@ -8,29 +8,29 @@ LDFLAGS=-Wl,--as-needed -lcrypto
 ALL=src/usr.bin/apply/apply src/usr.bin/jot/jot src/usr.bin/lam/lam src/usr.bin/lndir/lndir src/bin/md5/md5 src/usr.bin/rs/rs src/usr.bin/gzsig/gzsig src/usr.bin/signify/signify src/usr.bin/calendar/calendar src/usr.bin/vis/vis src/usr.bin/unvis/unvis src/usr.bin/what/what src/usr.sbin/rdate/rdate 
 all: $(ALL)
 
-src/usr.bin/apply/apply: src/usr.bin/apply/apply.o src/liboutils/strlcpy.o
+src/usr.bin/apply/apply: src/usr.bin/apply/apply.o src/liboutils/pledge.o src/liboutils/strlcpy.o
 
-src/usr.bin/jot/jot: src/usr.bin/jot/jot.o src/liboutils/strlcpy.o src/liboutils/strlcat.o src/liboutils/strtonum.o src/liboutils/arc4random.o src/liboutils/getentropy_linux.o src/liboutils/explicit_bzero.o src/liboutils/sha512.o src/liboutils/mem_clr.o
+src/usr.bin/jot/jot: src/usr.bin/jot/jot.o src/liboutils/strlcpy.o src/liboutils/strlcat.o src/liboutils/strtonum.o src/liboutils/arc4random.o src/liboutils/getentropy_linux.o src/liboutils/explicit_bzero.o src/liboutils/pledge.o src/liboutils/sha512.o src/liboutils/mem_clr.o
 
-src/usr.bin/lam/lam: src/usr.bin/lam/lam.o src/liboutils/strlcpy.o
+src/usr.bin/lam/lam: src/usr.bin/lam/lam.o src/liboutils/pledge.o src/liboutils/strlcpy.o
 
-src/usr.bin/lndir/lndir: src/usr.bin/lndir/lndir.o src/liboutils/strlcpy.o src/liboutils/strlcat.o src/liboutils/errc.o src/liboutils/verrc.o
+src/usr.bin/lndir/lndir: src/usr.bin/lndir/lndir.o src/liboutils/pledge.o src/liboutils/strlcpy.o src/liboutils/strlcat.o src/liboutils/errc.o src/liboutils/verrc.o
 
-src/bin/md5/md5: src/bin/md5/md5.o src/bin/md5/crc.o src/liboutils/sha512.o src/liboutils/mem_clr.o src/liboutils/explicit_bzero.o src/liboutils/md5.o src/liboutils/rmd160.o src/liboutils/sha1.o src/liboutils/sha2.o src/liboutils/fgetln.o src/liboutils/base64.o src/liboutils/md5hl.o src/liboutils/rmd160hl.o src/liboutils/sha1hl.o src/liboutils/sha224hl.o src/liboutils/sha256hl.o src/liboutils/sha384hl.o src/liboutils/sha512hl.o
+src/bin/md5/md5: src/bin/md5/md5.o src/bin/md5/crc.o src/liboutils/sha512.o src/liboutils/mem_clr.o src/liboutils/explicit_bzero.o src/liboutils/md5.o src/liboutils/pledge.o src/liboutils/rmd160.o src/liboutils/sha1.o src/liboutils/sha2.o src/liboutils/fgetln.o src/liboutils/base64.o src/liboutils/md5hl.o src/liboutils/rmd160hl.o src/liboutils/sha1hl.o src/liboutils/sha224hl.o src/liboutils/sha256hl.o src/liboutils/sha384hl.o src/liboutils/sha512hl.o
 
-src/usr.bin/rs/rs: src/usr.bin/rs/rs.o src/liboutils/strtonum.o src/liboutils/reallocarray.c
+src/usr.bin/rs/rs: src/usr.bin/rs/rs.o src/liboutils/pledge.o src/liboutils/strtonum.o src/liboutils/reallocarray.c
 
-src/usr.bin/signify/signify: src/usr.bin/signify/signify.o src/usr.bin/signify/crypto_api.o src/usr.bin/signify/fe25519.o src/usr.bin/signify/mod_ed25519.o src/usr.bin/signify/mod_ge25519.o src/usr.bin/signify/sc25519.o src/usr.bin/signify/smult_curve25519_ref.o src/liboutils/strlcpy.o src/liboutils/base64.o src/liboutils/explicit_bzero.o src/liboutils/ohash.o src/liboutils/arc4random.o src/liboutils/getentropy_linux.o src/liboutils/readpassphrase.o src/liboutils/sha2.o src/liboutils/sha256hl.o src/liboutils/sha512hl.o src/liboutils/timingsafe_bcmp.o src/liboutils/bcrypt_pbkdf.o src/liboutils/blowfish.o
+src/usr.bin/signify/signify: src/usr.bin/signify/signify.o src/usr.bin/signify/crypto_api.o src/usr.bin/signify/fe25519.o src/usr.bin/signify/mod_ed25519.o src/usr.bin/signify/mod_ge25519.o src/usr.bin/signify/sc25519.o src/usr.bin/signify/smult_curve25519_ref.o src/liboutils/pledge.o src/liboutils/strlcpy.o src/liboutils/base64.o src/liboutils/explicit_bzero.o src/liboutils/ohash.o src/liboutils/arc4random.o src/liboutils/getentropy_linux.o src/liboutils/readpassphrase.o src/liboutils/sha2.o src/liboutils/sha256hl.o src/liboutils/sha512hl.o src/liboutils/timingsafe_bcmp.o src/liboutils/bcrypt_pbkdf.o src/liboutils/blowfish.o
 
-src/usr.bin/calendar/calendar: src/usr.bin/calendar/calendar.o src/usr.bin/calendar/day.o src/usr.bin/calendar/io.o src/usr.bin/calendar/ostern.o src/usr.bin/calendar/paskha.o src/usr.bin/calendar/pesach.o src/liboutils/arc4random_uniform.o src/liboutils/arc4random.o src/liboutils/getentropy_linux.o src/liboutils/explicit_bzero.o src/liboutils/sha2.o
+src/usr.bin/calendar/calendar: src/usr.bin/calendar/calendar.o src/usr.bin/calendar/day.o src/usr.bin/calendar/io.o src/usr.bin/calendar/ostern.o src/usr.bin/calendar/paskha.o src/usr.bin/calendar/pesach.o src/liboutils/arc4random_uniform.o src/liboutils/arc4random.o src/liboutils/getentropy_linux.o src/liboutils/explicit_bzero.o src/liboutils/sha2.o src/liboutils/strtonum.o
 
 src/usr.bin/gzsig/gzsig: src/usr.bin/gzsig/gzsig.o src/usr.bin/gzsig/key.o src/usr.bin/gzsig/sign.o src/usr.bin/gzsig/ssh.o src/usr.bin/gzsig/ssh2.o src/usr.bin/gzsig/util.o src/usr.bin/gzsig/verify.o src/usr.bin/gzsig/x509.o src/liboutils/strlcpy.o src/liboutils/base64.o src/liboutils/sha1.o
 
-src/usr.bin/vis/vis: src/usr.bin/vis/vis.o src/usr.bin/vis/foldit.o src/liboutils/vis.o
+src/usr.bin/vis/vis: src/usr.bin/vis/vis.o src/usr.bin/vis/foldit.o src/liboutils/pledge.o src/liboutils/strtonum.o src/liboutils/vis.o
 
-src/usr.bin/unvis/unvis: src/usr.bin/unvis/unvis.o src/liboutils/unvis.o
+src/usr.bin/unvis/unvis: src/usr.bin/unvis/unvis.o src/liboutils/pledge.o src/liboutils/unvis.o
 
-src/usr.bin/what/what: src/usr.bin/what/what.o src/liboutils/strlcpy.o
+src/usr.bin/what/what: src/usr.bin/what/what.o src/liboutils/pledge.o src/liboutils/strlcpy.o
 
 src/usr.sbin/rdate/rdate: src/usr.sbin/rdate/ntp.o src/usr.sbin/rdate/rfc868time.o src/usr.sbin/rdate/rdate.o src/usr.sbin/rdate/ntpleaps.o src/liboutils/arc4random.o src/liboutils/reallocarray.c src/liboutils/getentropy_linux.o src/liboutils/explicit_bzero.o
 
diff --git a/src/liboutils/outils.h b/src/liboutils/outils.h
index ef63a39..c02f656 100644
--- a/src/liboutils/outils.h
+++ b/src/liboutils/outils.h
@@ -30,3 +30,5 @@ uint32_t arc4random_uniform(uint32_t);
 void arc4random_buf(void *, size_t);
 int timingsafe_bcmp(const void *, const void *, size_t);
 void *reallocarray(void *, size_t, size_t);
+int pledge(const char *, const char **);
+
diff --git a/src/liboutils/pledge.c b/src/liboutils/pledge.c
new file mode 100644
index 0000000..af34ce5
--- /dev/null
+++ b/src/liboutils/pledge.c
@@ -0,0 +1,6 @@
+int
+pledge(const char *promises, const char *paths[])
+{
+	/* stub */
+	return 0;
+}
diff --git a/src/usr.bin/apply/apply.c b/src/usr.bin/apply/apply.c
index 6218c6c..ee9e481 100644
--- a/src/usr.bin/apply/apply.c
+++ b/src/usr.bin/apply/apply.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: apply.c,v 1.26 2013/11/25 18:03:17 deraadt Exp $	*/
+/*	$OpenBSD: apply.c,v 1.27 2015/10/10 17:48:34 deraadt Exp $	*/
 /*	$NetBSD: apply.c,v 1.3 1995/03/25 03:38:23 glass Exp $	*/
 
 /*-
@@ -54,6 +54,9 @@ main(int argc, char *argv[])
 	char *c, *c2, *cmd, *p, *q;
 	size_t len;
 
+	if (pledge("stdio proc exec", NULL) == -1)
+		err(1, "pledge");
+
 	debug = 0;
 	magic = '%';		/* Default magic char is `%'. */
 	nargs = -1;
diff --git a/src/usr.bin/calendar/calendar.h b/src/usr.bin/calendar/calendar.h
index f329a07..b54d0b2 100644
--- a/src/usr.bin/calendar/calendar.h
+++ b/src/usr.bin/calendar/calendar.h
@@ -29,6 +29,8 @@
  * SUCH DAMAGE.
  */
 
+#include <sys/types.h>
+#include <time.h>
 
 extern struct passwd *pw;
 extern int doall;
diff --git a/src/usr.bin/jot/jot.c b/src/usr.bin/jot/jot.c
index df30493..8952ead 100644
--- a/src/usr.bin/jot/jot.c
+++ b/src/usr.bin/jot/jot.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: jot.c,v 1.24 2015/07/21 04:04:06 jasper Exp $	*/
+/*	$OpenBSD: jot.c,v 1.26 2015/10/09 01:37:07 deraadt Exp $	*/
 /*	$NetBSD: jot.c,v 1.3 1994/12/02 20:29:43 pk Exp $	*/
 
 /*-
@@ -84,6 +84,9 @@ main(int argc, char *argv[])
 	int		ch;
 	const	char	*errstr;
 
+	if (pledge("stdio", NULL) == -1)
+		err(1, "pledge");
+
 	while ((ch = getopt(argc, argv, "rb:w:cs:np:")) != -1)
 		switch (ch) {
 		case 'r':
diff --git a/src/usr.bin/lam/lam.c b/src/usr.bin/lam/lam.c
index 268998e..ecc1d4a 100644
--- a/src/usr.bin/lam/lam.c
+++ b/src/usr.bin/lam/lam.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: lam.c,v 1.17 2015/01/16 06:40:09 deraadt Exp $	*/
+/*	$OpenBSD: lam.c,v 1.19 2015/10/09 01:37:08 deraadt Exp $	*/
 /*	$NetBSD: lam.c,v 1.2 1994/11/14 20:27:42 jtc Exp $	*/
 
 /*-
@@ -71,6 +71,9 @@ main(int argc, char *argv[])
 {
 	int i;
 
+	if (pledge("stdio rpath", NULL) == -1)
+		err(1, "pledge");
+
 	/* Process arguments, set numfiles to file argument count. */
 	getargs(argc, argv);
 	if (numfiles == 0)
diff --git a/src/usr.bin/lndir/lndir.c b/src/usr.bin/lndir/lndir.c
index 42ed8e0..2a0f04b 100644
--- a/src/usr.bin/lndir/lndir.c
+++ b/src/usr.bin/lndir/lndir.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: lndir.c,v 1.21 2015/01/16 06:40:09 deraadt Exp $	*/
+/*	$OpenBSD: lndir.c,v 1.22 2015/10/10 14:23:12 deraadt Exp $	*/
 /* $XConsortium: lndir.c /main/15 1995/08/30 10:56:18 gildea $ */
 
 /*
@@ -85,6 +85,9 @@ main(int argc, char *argv[])
 	struct stat fs, ts;
 	char *fn, *tn;
 
+	if (pledge("stdio rpath wpath cpath", NULL) == -1)
+		err(1, "pledge");
+
 	while (++argv, --argc) {
 		if ((strcmp(*argv, "-silent") == 0) ||
 		    (strcmp(*argv, "-s") == 0))
diff --git a/src/usr.bin/rs/rs.c b/src/usr.bin/rs/rs.c
index f29f580..5d702cf 100644
--- a/src/usr.bin/rs/rs.c
+++ b/src/usr.bin/rs/rs.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: rs.c,v 1.24 2014/10/08 04:07:24 doug Exp $	*/
+/*	$OpenBSD: rs.c,v 1.28 2015/11/10 14:42:41 schwarze Exp $	*/
 
 /*-
  * Copyright (c) 1993
@@ -67,10 +67,10 @@ char	**elem;
 char	**endelem;
 char	*curline;
 int	allocsize = BUFSIZ;
-int	curlen;
+ssize_t	curlen;
 int	irows, icols;
 int	orows, ocols;
-int	maxlen;
+ssize_t	maxlen;
 int	skip;
 int	propgutter;
 char	isep = ' ', osep = ' ';
@@ -93,6 +93,9 @@ void	  putfile(void);
 int
 main(int argc, char *argv[])
 {
+	if (pledge("stdio", NULL) == -1)
+		err(1, "pledge");
+
 	getargs(argc, argv);
 	getfile();
 	if (flags & SHAPEONLY) {
@@ -115,11 +118,13 @@ getfile(void)
 	char **padto;
 
 	while (skip--) {
-		get_line();
+		if (get_line() == EOF)
+			return;
 		if (flags & SKIPPRINT)
 			puts(curline);
 	}
-	get_line();
+	if (get_line() == EOF)
+		return;
 	if (flags & NOARGS && curlen < owidth)
 		flags |= ONEPERLINE;
 	if (flags & ONEPERLINE)
@@ -268,7 +273,7 @@ prepfile(void)
 			*ep = *(ep - nelem);
 		nelem = lp - elem;
 	}
-	if (!(colwidths = (short *) calloc(ocols, sizeof(short))))
+	if (!(colwidths = calloc(ocols, sizeof(short))))
 		errx(1, "malloc:  No gutter space");
 	if (flags & SQUEEZE) {
 		if (flags & TRANSPOSE)
@@ -300,37 +305,29 @@ prepfile(void)
 		nelem = n;
 }
 
-#define	BSIZE	2048
-char	ibuf[BSIZE];		/* two screenfuls should do */
-
 int
 get_line(void)	/* get line; maintain curline, curlen; manage storage */
 {
-	static	int putlength;
-	static	char *endblock = ibuf + BSIZE;
-	char *p;
-	int c, i;
+	static	char	*ibuf = NULL;
+	static	size_t	 ibufsz = 0;
 
-	if (!irows) {
-		curline = ibuf;
-		putlength = flags & DETAILSHAPE;
-	}
-	else if (skip <= 0) {			/* don't waste storage */
-		curline += curlen + 1;
-		if (putlength)		/* print length, recycle storage */
-			printf(" %d line %d\n", curlen, irows);
-	}
-	if (!putlength && endblock - curline < BUFSIZ) {   /* need storage */
-		if (!(curline = (char *) malloc(BSIZE)))
-			errx(1, "File too large");
-		endblock = curline + BSIZE;
+	if (irows > 0 && flags & DETAILSHAPE)
+		printf(" %zd line %d\n", curlen, irows);
+
+	if ((curlen = getline(&ibuf, &ibufsz, stdin)) == EOF) {
+		if (ferror(stdin))
+			err(1, NULL);
+		return EOF;
 	}
-	for (p = curline, i = 1; i < BUFSIZ; *p++ = c, i++)
-		if ((c = getchar()) == EOF || c == '\n')
-			break;
-	*p = '\0';
-	curlen = i - 1;
-	return(c);
+	if (curlen > 0 && ibuf[curlen - 1] == '\n')
+		ibuf[--curlen] = '\0';
+
+	if (skip >= 0 || flags & SHAPEONLY)
+		curline = ibuf;
+	else if ((curline = strdup(ibuf)) == NULL)
+		err(1, NULL);
+
+	return 0;
 }
 
 char **
diff --git a/src/usr.bin/signify/signify.c b/src/usr.bin/signify/signify.c
index 06d28da..3bc4c6c 100644
--- a/src/usr.bin/signify/signify.c
+++ b/src/usr.bin/signify/signify.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: signify.c,v 1.100 2015/01/16 06:16:12 tedu Exp $ */
+/* $OpenBSD: signify.c,v 1.104 2015/11/02 22:01:10 bluhm Exp $ */
 /*
  * Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
  *
@@ -72,7 +72,7 @@ struct sig {
 
 extern char *__progname;
 
-static void
+static void __dead
 usage(const char *error)
 {
 	if (error)
@@ -663,6 +663,8 @@ main(int argc, char **argv)
 		VERIFY
 	} verb = NONE;
 
+	if (pledge("stdio rpath wpath cpath tty", NULL) == -1)
+		err(1, "pledge");
 
 	rounds = 42;
 
@@ -722,6 +724,33 @@ main(int argc, char **argv)
 	argc -= optind;
 	argv += optind;
 
+	if (setvbuf(stdout, NULL, _IOLBF, 0) != 0)
+		err(1, "setvbuf");
+
+	switch (verb) {
+	case GENERATE:
+	case SIGN:
+		/* keep it all */
+		break;
+	case CHECK:
+		if (pledge("stdio rpath", NULL) == -1)
+			err(1, "pledge");
+		break;
+	case VERIFY:
+		if (embedded && (!msgfile || strcmp(msgfile, "-") != 0)) {
+			if (pledge("stdio rpath wpath cpath", NULL) == -1)
+				err(1, "pledge");
+		} else {
+			if (pledge("stdio rpath", NULL) == -1)
+				err(1, "pledge");
+		}
+		break;
+	default:
+		if (pledge("stdio", NULL) == -1)
+			err(1, "pledge");
+		break;
+	}
+
 #ifndef VERIFYONLY
 	if (verb == CHECK) {
 		if (!sigfile)
diff --git a/src/usr.bin/unvis/unvis.c b/src/usr.bin/unvis/unvis.c
index c5cd008..22566d9 100644
--- a/src/usr.bin/unvis/unvis.c
+++ b/src/usr.bin/unvis/unvis.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: unvis.c,v 1.12 2014/01/22 09:45:21 jsg Exp $	*/
+/*	$OpenBSD: unvis.c,v 1.14 2015/10/09 01:37:09 deraadt Exp $	*/
 
 /*-
  * Copyright (c) 1989, 1993
@@ -43,6 +43,9 @@ main(int argc, char *argv[])
 	FILE *fp;
 	int ch;
 
+	if (pledge("stdio rpath", NULL) == -1)
+		err(1, "pledge");
+
 	while ((ch = getopt(argc, argv, "")) != -1)
 		switch(ch) {
 		case '?':
@@ -62,8 +65,12 @@ main(int argc, char *argv[])
 				warn("%s", *argv);
 			argv++;
 		}
-	else
+	else {
+		if (pledge("stdio", NULL) == -1)
+			err(1, "pledge");
+
 		process(stdin, "<stdin>");
+	}
 	exit(0);
 }
 
diff --git a/src/usr.bin/vis/vis.c b/src/usr.bin/vis/vis.c
index fe40eed..cf5cd84 100644
--- a/src/usr.bin/vis/vis.c
+++ b/src/usr.bin/vis/vis.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: vis.c,v 1.17 2015/04/18 18:28:38 deraadt Exp $	*/
+/*	$OpenBSD: vis.c,v 1.19 2015/10/09 01:37:09 deraadt Exp $	*/
 /*	$NetBSD: vis.c,v 1.4 1994/12/20 16:13:03 jtc Exp $	*/
 
 /*-
@@ -55,6 +55,9 @@ main(int argc, char *argv[])
 	FILE *fp;
 	int ch;
 
+	if (pledge("stdio rpath", NULL) == -1)
+		err(1, "pledge");
+
 	while ((ch = getopt(argc, argv, "anwctsobfF:ld")) != -1)
 		switch(ch) {
 		case 'a':
@@ -114,8 +117,11 @@ main(int argc, char *argv[])
 				warn("%s", *argv);
 			argv++;
 		}
-	else
+	else {
+		if (pledge("stdio", NULL) == -1)
+			err(1, "pledge");
 		process(stdin);
+	}
 	exit(0);
 }
 	
diff --git a/src/usr.bin/what/what.c b/src/usr.bin/what/what.c
index 0bad985..d22d673 100644
--- a/src/usr.bin/what/what.c
+++ b/src/usr.bin/what/what.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: what.c,v 1.13 2015/01/22 19:10:17 krw Exp $	*/
+/*	$OpenBSD: what.c,v 1.15 2015/10/09 01:37:09 deraadt Exp $	*/
 /*	$NetBSD: what.c,v 1.4 1994/12/20 16:01:03 jtc Exp $	*/
 
 /*
@@ -58,6 +58,9 @@ main(int argc, char *argv[])
 	char match[256];
 	int c;
 
+	if (pledge("stdio rpath", NULL) == -1)
+		err(1, "pledge");
+
 	matches = sflag = 0;
 	while ((c = getopt(argc, argv, "s")) != -1) {
 		switch (c) {