diff options
-rw-r--r-- | Makefile | 22 | ||||
-rw-r--r-- | src/liboutils/outils.h | 2 | ||||
-rw-r--r-- | src/liboutils/pledge.c | 6 | ||||
-rw-r--r-- | src/usr.bin/apply/apply.c | 5 | ||||
-rw-r--r-- | src/usr.bin/calendar/calendar.h | 2 | ||||
-rw-r--r-- | src/usr.bin/jot/jot.c | 5 | ||||
-rw-r--r-- | src/usr.bin/lam/lam.c | 5 | ||||
-rw-r--r-- | src/usr.bin/lndir/lndir.c | 5 | ||||
-rw-r--r-- | src/usr.bin/rs/rs.c | 61 | ||||
-rw-r--r-- | src/usr.bin/signify/signify.c | 33 | ||||
-rw-r--r-- | src/usr.bin/unvis/unvis.c | 11 | ||||
-rw-r--r-- | src/usr.bin/vis/vis.c | 10 | ||||
-rw-r--r-- | src/usr.bin/what/what.c | 5 |
13 files changed, 118 insertions, 54 deletions
diff --git a/Makefile b/Makefile index 71ea745..2eb90a3 100644 --- a/Makefile +++ b/Makefile @@ -8,29 +8,29 @@ LDFLAGS=-Wl,--as-needed -lcrypto ALL=src/usr.bin/apply/apply src/usr.bin/jot/jot src/usr.bin/lam/lam src/usr.bin/lndir/lndir src/bin/md5/md5 src/usr.bin/rs/rs src/usr.bin/gzsig/gzsig src/usr.bin/signify/signify src/usr.bin/calendar/calendar src/usr.bin/vis/vis src/usr.bin/unvis/unvis src/usr.bin/what/what src/usr.sbin/rdate/rdate all: $(ALL) -src/usr.bin/apply/apply: src/usr.bin/apply/apply.o src/liboutils/strlcpy.o +src/usr.bin/apply/apply: src/usr.bin/apply/apply.o src/liboutils/pledge.o src/liboutils/strlcpy.o -src/usr.bin/jot/jot: src/usr.bin/jot/jot.o src/liboutils/strlcpy.o src/liboutils/strlcat.o src/liboutils/strtonum.o src/liboutils/arc4random.o src/liboutils/getentropy_linux.o src/liboutils/explicit_bzero.o src/liboutils/sha512.o src/liboutils/mem_clr.o +src/usr.bin/jot/jot: src/usr.bin/jot/jot.o src/liboutils/strlcpy.o src/liboutils/strlcat.o src/liboutils/strtonum.o src/liboutils/arc4random.o src/liboutils/getentropy_linux.o src/liboutils/explicit_bzero.o src/liboutils/pledge.o src/liboutils/sha512.o src/liboutils/mem_clr.o -src/usr.bin/lam/lam: src/usr.bin/lam/lam.o src/liboutils/strlcpy.o +src/usr.bin/lam/lam: src/usr.bin/lam/lam.o src/liboutils/pledge.o src/liboutils/strlcpy.o -src/usr.bin/lndir/lndir: src/usr.bin/lndir/lndir.o src/liboutils/strlcpy.o src/liboutils/strlcat.o src/liboutils/errc.o src/liboutils/verrc.o +src/usr.bin/lndir/lndir: src/usr.bin/lndir/lndir.o src/liboutils/pledge.o src/liboutils/strlcpy.o src/liboutils/strlcat.o src/liboutils/errc.o src/liboutils/verrc.o -src/bin/md5/md5: src/bin/md5/md5.o src/bin/md5/crc.o src/liboutils/sha512.o src/liboutils/mem_clr.o src/liboutils/explicit_bzero.o src/liboutils/md5.o src/liboutils/rmd160.o src/liboutils/sha1.o src/liboutils/sha2.o src/liboutils/fgetln.o src/liboutils/base64.o src/liboutils/md5hl.o src/liboutils/rmd160hl.o src/liboutils/sha1hl.o src/liboutils/sha224hl.o src/liboutils/sha256hl.o src/liboutils/sha384hl.o src/liboutils/sha512hl.o +src/bin/md5/md5: src/bin/md5/md5.o src/bin/md5/crc.o src/liboutils/sha512.o src/liboutils/mem_clr.o src/liboutils/explicit_bzero.o src/liboutils/md5.o src/liboutils/pledge.o src/liboutils/rmd160.o src/liboutils/sha1.o src/liboutils/sha2.o src/liboutils/fgetln.o src/liboutils/base64.o src/liboutils/md5hl.o src/liboutils/rmd160hl.o src/liboutils/sha1hl.o src/liboutils/sha224hl.o src/liboutils/sha256hl.o src/liboutils/sha384hl.o src/liboutils/sha512hl.o -src/usr.bin/rs/rs: src/usr.bin/rs/rs.o src/liboutils/strtonum.o src/liboutils/reallocarray.c +src/usr.bin/rs/rs: src/usr.bin/rs/rs.o src/liboutils/pledge.o src/liboutils/strtonum.o src/liboutils/reallocarray.c -src/usr.bin/signify/signify: src/usr.bin/signify/signify.o src/usr.bin/signify/crypto_api.o src/usr.bin/signify/fe25519.o src/usr.bin/signify/mod_ed25519.o src/usr.bin/signify/mod_ge25519.o src/usr.bin/signify/sc25519.o src/usr.bin/signify/smult_curve25519_ref.o src/liboutils/strlcpy.o src/liboutils/base64.o src/liboutils/explicit_bzero.o src/liboutils/ohash.o src/liboutils/arc4random.o src/liboutils/getentropy_linux.o src/liboutils/readpassphrase.o src/liboutils/sha2.o src/liboutils/sha256hl.o src/liboutils/sha512hl.o src/liboutils/timingsafe_bcmp.o src/liboutils/bcrypt_pbkdf.o src/liboutils/blowfish.o +src/usr.bin/signify/signify: src/usr.bin/signify/signify.o src/usr.bin/signify/crypto_api.o src/usr.bin/signify/fe25519.o src/usr.bin/signify/mod_ed25519.o src/usr.bin/signify/mod_ge25519.o src/usr.bin/signify/sc25519.o src/usr.bin/signify/smult_curve25519_ref.o src/liboutils/pledge.o src/liboutils/strlcpy.o src/liboutils/base64.o src/liboutils/explicit_bzero.o src/liboutils/ohash.o src/liboutils/arc4random.o src/liboutils/getentropy_linux.o src/liboutils/readpassphrase.o src/liboutils/sha2.o src/liboutils/sha256hl.o src/liboutils/sha512hl.o src/liboutils/timingsafe_bcmp.o src/liboutils/bcrypt_pbkdf.o src/liboutils/blowfish.o -src/usr.bin/calendar/calendar: src/usr.bin/calendar/calendar.o src/usr.bin/calendar/day.o src/usr.bin/calendar/io.o src/usr.bin/calendar/ostern.o src/usr.bin/calendar/paskha.o src/usr.bin/calendar/pesach.o src/liboutils/arc4random_uniform.o src/liboutils/arc4random.o src/liboutils/getentropy_linux.o src/liboutils/explicit_bzero.o src/liboutils/sha2.o +src/usr.bin/calendar/calendar: src/usr.bin/calendar/calendar.o src/usr.bin/calendar/day.o src/usr.bin/calendar/io.o src/usr.bin/calendar/ostern.o src/usr.bin/calendar/paskha.o src/usr.bin/calendar/pesach.o src/liboutils/arc4random_uniform.o src/liboutils/arc4random.o src/liboutils/getentropy_linux.o src/liboutils/explicit_bzero.o src/liboutils/sha2.o src/liboutils/strtonum.o src/usr.bin/gzsig/gzsig: src/usr.bin/gzsig/gzsig.o src/usr.bin/gzsig/key.o src/usr.bin/gzsig/sign.o src/usr.bin/gzsig/ssh.o src/usr.bin/gzsig/ssh2.o src/usr.bin/gzsig/util.o src/usr.bin/gzsig/verify.o src/usr.bin/gzsig/x509.o src/liboutils/strlcpy.o src/liboutils/base64.o src/liboutils/sha1.o -src/usr.bin/vis/vis: src/usr.bin/vis/vis.o src/usr.bin/vis/foldit.o src/liboutils/vis.o +src/usr.bin/vis/vis: src/usr.bin/vis/vis.o src/usr.bin/vis/foldit.o src/liboutils/pledge.o src/liboutils/strtonum.o src/liboutils/vis.o -src/usr.bin/unvis/unvis: src/usr.bin/unvis/unvis.o src/liboutils/unvis.o +src/usr.bin/unvis/unvis: src/usr.bin/unvis/unvis.o src/liboutils/pledge.o src/liboutils/unvis.o -src/usr.bin/what/what: src/usr.bin/what/what.o src/liboutils/strlcpy.o +src/usr.bin/what/what: src/usr.bin/what/what.o src/liboutils/pledge.o src/liboutils/strlcpy.o src/usr.sbin/rdate/rdate: src/usr.sbin/rdate/ntp.o src/usr.sbin/rdate/rfc868time.o src/usr.sbin/rdate/rdate.o src/usr.sbin/rdate/ntpleaps.o src/liboutils/arc4random.o src/liboutils/reallocarray.c src/liboutils/getentropy_linux.o src/liboutils/explicit_bzero.o diff --git a/src/liboutils/outils.h b/src/liboutils/outils.h index ef63a39..c02f656 100644 --- a/src/liboutils/outils.h +++ b/src/liboutils/outils.h @@ -30,3 +30,5 @@ uint32_t arc4random_uniform(uint32_t); void arc4random_buf(void *, size_t); int timingsafe_bcmp(const void *, const void *, size_t); void *reallocarray(void *, size_t, size_t); +int pledge(const char *, const char **); + diff --git a/src/liboutils/pledge.c b/src/liboutils/pledge.c new file mode 100644 index 0000000..af34ce5 --- /dev/null +++ b/src/liboutils/pledge.c @@ -0,0 +1,6 @@ +int +pledge(const char *promises, const char *paths[]) +{ + /* stub */ + return 0; +} diff --git a/src/usr.bin/apply/apply.c b/src/usr.bin/apply/apply.c index 6218c6c..ee9e481 100644 --- a/src/usr.bin/apply/apply.c +++ b/src/usr.bin/apply/apply.c @@ -1,4 +1,4 @@ -/* $OpenBSD: apply.c,v 1.26 2013/11/25 18:03:17 deraadt Exp $ */ +/* $OpenBSD: apply.c,v 1.27 2015/10/10 17:48:34 deraadt Exp $ */ /* $NetBSD: apply.c,v 1.3 1995/03/25 03:38:23 glass Exp $ */ /*- @@ -54,6 +54,9 @@ main(int argc, char *argv[]) char *c, *c2, *cmd, *p, *q; size_t len; + if (pledge("stdio proc exec", NULL) == -1) + err(1, "pledge"); + debug = 0; magic = '%'; /* Default magic char is `%'. */ nargs = -1; diff --git a/src/usr.bin/calendar/calendar.h b/src/usr.bin/calendar/calendar.h index f329a07..b54d0b2 100644 --- a/src/usr.bin/calendar/calendar.h +++ b/src/usr.bin/calendar/calendar.h @@ -29,6 +29,8 @@ * SUCH DAMAGE. */ +#include <sys/types.h> +#include <time.h> extern struct passwd *pw; extern int doall; diff --git a/src/usr.bin/jot/jot.c b/src/usr.bin/jot/jot.c index df30493..8952ead 100644 --- a/src/usr.bin/jot/jot.c +++ b/src/usr.bin/jot/jot.c @@ -1,4 +1,4 @@ -/* $OpenBSD: jot.c,v 1.24 2015/07/21 04:04:06 jasper Exp $ */ +/* $OpenBSD: jot.c,v 1.26 2015/10/09 01:37:07 deraadt Exp $ */ /* $NetBSD: jot.c,v 1.3 1994/12/02 20:29:43 pk Exp $ */ /*- @@ -84,6 +84,9 @@ main(int argc, char *argv[]) int ch; const char *errstr; + if (pledge("stdio", NULL) == -1) + err(1, "pledge"); + while ((ch = getopt(argc, argv, "rb:w:cs:np:")) != -1) switch (ch) { case 'r': diff --git a/src/usr.bin/lam/lam.c b/src/usr.bin/lam/lam.c index 268998e..ecc1d4a 100644 --- a/src/usr.bin/lam/lam.c +++ b/src/usr.bin/lam/lam.c @@ -1,4 +1,4 @@ -/* $OpenBSD: lam.c,v 1.17 2015/01/16 06:40:09 deraadt Exp $ */ +/* $OpenBSD: lam.c,v 1.19 2015/10/09 01:37:08 deraadt Exp $ */ /* $NetBSD: lam.c,v 1.2 1994/11/14 20:27:42 jtc Exp $ */ /*- @@ -71,6 +71,9 @@ main(int argc, char *argv[]) { int i; + if (pledge("stdio rpath", NULL) == -1) + err(1, "pledge"); + /* Process arguments, set numfiles to file argument count. */ getargs(argc, argv); if (numfiles == 0) diff --git a/src/usr.bin/lndir/lndir.c b/src/usr.bin/lndir/lndir.c index 42ed8e0..2a0f04b 100644 --- a/src/usr.bin/lndir/lndir.c +++ b/src/usr.bin/lndir/lndir.c @@ -1,4 +1,4 @@ -/* $OpenBSD: lndir.c,v 1.21 2015/01/16 06:40:09 deraadt Exp $ */ +/* $OpenBSD: lndir.c,v 1.22 2015/10/10 14:23:12 deraadt Exp $ */ /* $XConsortium: lndir.c /main/15 1995/08/30 10:56:18 gildea $ */ /* @@ -85,6 +85,9 @@ main(int argc, char *argv[]) struct stat fs, ts; char *fn, *tn; + if (pledge("stdio rpath wpath cpath", NULL) == -1) + err(1, "pledge"); + while (++argv, --argc) { if ((strcmp(*argv, "-silent") == 0) || (strcmp(*argv, "-s") == 0)) diff --git a/src/usr.bin/rs/rs.c b/src/usr.bin/rs/rs.c index f29f580..5d702cf 100644 --- a/src/usr.bin/rs/rs.c +++ b/src/usr.bin/rs/rs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rs.c,v 1.24 2014/10/08 04:07:24 doug Exp $ */ +/* $OpenBSD: rs.c,v 1.28 2015/11/10 14:42:41 schwarze Exp $ */ /*- * Copyright (c) 1993 @@ -67,10 +67,10 @@ char **elem; char **endelem; char *curline; int allocsize = BUFSIZ; -int curlen; +ssize_t curlen; int irows, icols; int orows, ocols; -int maxlen; +ssize_t maxlen; int skip; int propgutter; char isep = ' ', osep = ' '; @@ -93,6 +93,9 @@ void putfile(void); int main(int argc, char *argv[]) { + if (pledge("stdio", NULL) == -1) + err(1, "pledge"); + getargs(argc, argv); getfile(); if (flags & SHAPEONLY) { @@ -115,11 +118,13 @@ getfile(void) char **padto; while (skip--) { - get_line(); + if (get_line() == EOF) + return; if (flags & SKIPPRINT) puts(curline); } - get_line(); + if (get_line() == EOF) + return; if (flags & NOARGS && curlen < owidth) flags |= ONEPERLINE; if (flags & ONEPERLINE) @@ -268,7 +273,7 @@ prepfile(void) *ep = *(ep - nelem); nelem = lp - elem; } - if (!(colwidths = (short *) calloc(ocols, sizeof(short)))) + if (!(colwidths = calloc(ocols, sizeof(short)))) errx(1, "malloc: No gutter space"); if (flags & SQUEEZE) { if (flags & TRANSPOSE) @@ -300,37 +305,29 @@ prepfile(void) nelem = n; } -#define BSIZE 2048 -char ibuf[BSIZE]; /* two screenfuls should do */ - int get_line(void) /* get line; maintain curline, curlen; manage storage */ { - static int putlength; - static char *endblock = ibuf + BSIZE; - char *p; - int c, i; + static char *ibuf = NULL; + static size_t ibufsz = 0; - if (!irows) { - curline = ibuf; - putlength = flags & DETAILSHAPE; - } - else if (skip <= 0) { /* don't waste storage */ - curline += curlen + 1; - if (putlength) /* print length, recycle storage */ - printf(" %d line %d\n", curlen, irows); - } - if (!putlength && endblock - curline < BUFSIZ) { /* need storage */ - if (!(curline = (char *) malloc(BSIZE))) - errx(1, "File too large"); - endblock = curline + BSIZE; + if (irows > 0 && flags & DETAILSHAPE) + printf(" %zd line %d\n", curlen, irows); + + if ((curlen = getline(&ibuf, &ibufsz, stdin)) == EOF) { + if (ferror(stdin)) + err(1, NULL); + return EOF; } - for (p = curline, i = 1; i < BUFSIZ; *p++ = c, i++) - if ((c = getchar()) == EOF || c == '\n') - break; - *p = '\0'; - curlen = i - 1; - return(c); + if (curlen > 0 && ibuf[curlen - 1] == '\n') + ibuf[--curlen] = '\0'; + + if (skip >= 0 || flags & SHAPEONLY) + curline = ibuf; + else if ((curline = strdup(ibuf)) == NULL) + err(1, NULL); + + return 0; } char ** diff --git a/src/usr.bin/signify/signify.c b/src/usr.bin/signify/signify.c index 06d28da..3bc4c6c 100644 --- a/src/usr.bin/signify/signify.c +++ b/src/usr.bin/signify/signify.c @@ -1,4 +1,4 @@ -/* $OpenBSD: signify.c,v 1.100 2015/01/16 06:16:12 tedu Exp $ */ +/* $OpenBSD: signify.c,v 1.104 2015/11/02 22:01:10 bluhm Exp $ */ /* * Copyright (c) 2013 Ted Unangst <tedu@openbsd.org> * @@ -72,7 +72,7 @@ struct sig { extern char *__progname; -static void +static void __dead usage(const char *error) { if (error) @@ -663,6 +663,8 @@ main(int argc, char **argv) VERIFY } verb = NONE; + if (pledge("stdio rpath wpath cpath tty", NULL) == -1) + err(1, "pledge"); rounds = 42; @@ -722,6 +724,33 @@ main(int argc, char **argv) argc -= optind; argv += optind; + if (setvbuf(stdout, NULL, _IOLBF, 0) != 0) + err(1, "setvbuf"); + + switch (verb) { + case GENERATE: + case SIGN: + /* keep it all */ + break; + case CHECK: + if (pledge("stdio rpath", NULL) == -1) + err(1, "pledge"); + break; + case VERIFY: + if (embedded && (!msgfile || strcmp(msgfile, "-") != 0)) { + if (pledge("stdio rpath wpath cpath", NULL) == -1) + err(1, "pledge"); + } else { + if (pledge("stdio rpath", NULL) == -1) + err(1, "pledge"); + } + break; + default: + if (pledge("stdio", NULL) == -1) + err(1, "pledge"); + break; + } + #ifndef VERIFYONLY if (verb == CHECK) { if (!sigfile) diff --git a/src/usr.bin/unvis/unvis.c b/src/usr.bin/unvis/unvis.c index c5cd008..22566d9 100644 --- a/src/usr.bin/unvis/unvis.c +++ b/src/usr.bin/unvis/unvis.c @@ -1,4 +1,4 @@ -/* $OpenBSD: unvis.c,v 1.12 2014/01/22 09:45:21 jsg Exp $ */ +/* $OpenBSD: unvis.c,v 1.14 2015/10/09 01:37:09 deraadt Exp $ */ /*- * Copyright (c) 1989, 1993 @@ -43,6 +43,9 @@ main(int argc, char *argv[]) FILE *fp; int ch; + if (pledge("stdio rpath", NULL) == -1) + err(1, "pledge"); + while ((ch = getopt(argc, argv, "")) != -1) switch(ch) { case '?': @@ -62,8 +65,12 @@ main(int argc, char *argv[]) warn("%s", *argv); argv++; } - else + else { + if (pledge("stdio", NULL) == -1) + err(1, "pledge"); + process(stdin, "<stdin>"); + } exit(0); } diff --git a/src/usr.bin/vis/vis.c b/src/usr.bin/vis/vis.c index fe40eed..cf5cd84 100644 --- a/src/usr.bin/vis/vis.c +++ b/src/usr.bin/vis/vis.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vis.c,v 1.17 2015/04/18 18:28:38 deraadt Exp $ */ +/* $OpenBSD: vis.c,v 1.19 2015/10/09 01:37:09 deraadt Exp $ */ /* $NetBSD: vis.c,v 1.4 1994/12/20 16:13:03 jtc Exp $ */ /*- @@ -55,6 +55,9 @@ main(int argc, char *argv[]) FILE *fp; int ch; + if (pledge("stdio rpath", NULL) == -1) + err(1, "pledge"); + while ((ch = getopt(argc, argv, "anwctsobfF:ld")) != -1) switch(ch) { case 'a': @@ -114,8 +117,11 @@ main(int argc, char *argv[]) warn("%s", *argv); argv++; } - else + else { + if (pledge("stdio", NULL) == -1) + err(1, "pledge"); process(stdin); + } exit(0); } diff --git a/src/usr.bin/what/what.c b/src/usr.bin/what/what.c index 0bad985..d22d673 100644 --- a/src/usr.bin/what/what.c +++ b/src/usr.bin/what/what.c @@ -1,4 +1,4 @@ -/* $OpenBSD: what.c,v 1.13 2015/01/22 19:10:17 krw Exp $ */ +/* $OpenBSD: what.c,v 1.15 2015/10/09 01:37:09 deraadt Exp $ */ /* $NetBSD: what.c,v 1.4 1994/12/20 16:01:03 jtc Exp $ */ /* @@ -58,6 +58,9 @@ main(int argc, char *argv[]) char match[256]; int c; + if (pledge("stdio rpath", NULL) == -1) + err(1, "pledge"); + matches = sflag = 0; while ((c = getopt(argc, argv, "s")) != -1) { switch (c) { |