Commit Graph

155 Commits

Author SHA1 Message Date
Eric Andersen
52499cb9ae Tito writes:
Hi,
I've spent the half night staring at the devilish  my_getpwuid and my_getgrgid functions
trying to find out a way to avoid actual and future potential buffer overflow problems
without breaking existing code.
Finally I've  found a not intrusive way to do this that surely doesn't break existing code
and fixes a couple of problems too.
The attached patch:
1) changes the behaviour of my_getpwuid and my_getgrgid to avoid potetntial buffer overflows
2) fixes all occurences of this function calls in tar.c , id.c , ls.c, whoami.c, logger.c, libbb.h.
3) The behaviour of tar, ls and  logger is unchanged.
4) The behavior of ps with somewhat longer usernames messing up output is fixed.
5) The only bigger change was the increasing of size of the buffers in id.c to avoid
     false negatives (unknown user: xxxxxx) with usernames longer than 8 chars.
     The value i used ( 32 chars ) was taken from the tar header ( see gname and uname).
     Maybe this buffers can be reduced a bit  ( to 16 or whatever ), this is up to you.
6) The increase of size of the binary is not so dramatic:
     size busybox
       text    data     bss     dec     hex filename
     239568    2300   36816  278684   4409c busybox
    size busybox_fixed
       text    data     bss     dec     hex filename
     239616    2300   36816  278732   440cc busybox
7) The behaviour of whoami changed:
    actually it  prints out an username cut down to the size of the buffer.
    This could be fixed by increasing the size of the buffer as in id.c or
    avoid the use of my_getpwuid and use getpwuid directly instead.
    Maybe this colud be also remain unchanged......

Please apply if you think it is ok to do so.
The diff applies on today's cvs tarball (2004-08-25).
Thanks in advance,
Ciao,
Tito
2004-08-26 22:18:59 +00:00
Glenn L McGrath
12ed333714 Part of patch from William Barsse, fixes a problem with unescaped %. 2004-08-06 00:58:53 +00:00
Glenn L McGrath
5529b7bb87 Reverse my previous change, "::" is a GNU getopt extension that allows
an optional argument.
Looks like a glibc bug to me
2004-07-22 04:23:18 +00:00
Glenn L McGrath
e8f46515cb Fix bug in accepting buffer size argument 2004-07-21 13:06:30 +00:00
Eric Andersen
0373cf1396 Do not mess with the console logging level unless
asked to do so.
 -Erik
2004-06-25 11:23:03 +00:00
Eric Andersen
bb692cdb32 Add missing 'S' to the getopt string. 2004-06-22 19:05:05 +00:00
Eric Andersen
7f94a5caa2 Patch from Bastian Blank:
Hi folks

    The following patch adds a new log message output to syslogd. This
    output omits hostname and priority and is used in d-i to make the syslog
    output better readable without lossing information.

    Bastian

I am applying this since I have syslogd hacked up in my wife's
access point with the same format string....  Might as well make
this hack official.
 -Erik
2004-06-22 10:12:59 +00:00
Eric Andersen
36adca81f5 Patch from Bastian Blank:
On Sat, Jun 19, 2004 at 10:57:37PM +0200, Bastian Blank wrote:
> The following patch changes klogd to use openlog/syslog themself
> instead of calling syslog_msg which always calls the triple
> openlog/syslog/closelog.

Updated patch: get rid of syslog_msg entirely. Request from Erik Andersen.

Bastian
2004-06-22 10:07:17 +00:00
Eric Andersen
aff114c33d Larry Doolittle writes:
This is a bulk spelling fix patch against busybox-1.00-pre10.
If anyone gets a corrupted copy (and cares), let me know and
I will make alternate arrangements.

Erik - please apply.

Authors - please check that I didn't corrupt any meaning.

Package importers - see if any of these changes should be
passed to the upstream authors.

I glossed over lots of sloppy capitalizations, missing apostrophes,
mixed American/British spellings, and German-style compound words.

What is "pretect redefined for test" in cmdedit.c?

Good luck on the 1.00 release!

      - Larry
2004-04-14 17:51:38 +00:00
Eric Andersen
c7bda1ce65 Remove trailing whitespace. Update copyright to include 2004. 2004-03-15 08:29:22 +00:00
Glenn L McGrath
df2c56529c Fix from Paul Kortekaas for syslog -C option, size should be in kB. 2004-02-22 12:17:33 +00:00
Eric Andersen
d4a5e255c4 Patch from Fillod Stephane:
You will find in the attached file "syslog.patch" a patch which adds
  config options to set at compile time the size of the circular buffer,
  and some documentation update.
2003-12-19 11:32:14 +00:00
Russ Dill
a1fece2c70 Get vfork_daemon_rexec working under uclinux 2003-12-15 21:57:44 +00:00
Eric Andersen
88c916bdec Andreas Mohr writes:
the busybox menuconfig triggered my "inacceptable number of spelling mistakes"
upper level, so I decided to make a patch ;-)

I also improved some wording to describe some things in a better way.

Many thanks for an incredible piece of software!

Andreas Mohr, random OSS developer
2003-10-22 09:58:56 +00:00
Eric Andersen
29c77f71ba Arnd Ben Otto writes:
Hi Eric

I have written a small patch for the Busybox syslogd. With this patch
one can limit the size of the messagfile. As soon as the limit is
reached the syslogd can rotate or purge the messagefile(s) on his own.
There is no necessity to use an external rotatescript.

Even if logread does something similar, its very handy to have some
messagefile after your box crash.

I wrote this patch initial vor BB 0.6x where no cron daemon was avail.
Now I adapted it for the new Version and i hope it is still useful. At
least I still use it :-)

bye
Arnd
2003-10-09 09:43:18 +00:00
Glenn L McGrath
f7dd10f67c Patch from Fillod Stephane
Add follow mode to logread, ala "tail -f /var/log/messages"
Note: output to a slow serial terminal can have side effects
on syslog because of the semaphore. In such case, define 
RC_LOGREAD.
2003-09-26 01:03:16 +00:00
Glenn L McGrath
a79220db6e add size parameter to syslogd -C
Patch by Padraig, resubmitted by Fillod Stephane
2003-09-26 00:49:05 +00:00
Glenn L McGrath
fe538ba5d6 Vodz, last_patch_104 2003-09-10 23:35:45 +00:00
Glenn L McGrath
dc72f3ace2 Vodz, last patch 104 2003-08-29 07:35:08 +00:00
Eric Andersen
68d4a85f12 Fixup bugs in last patch 2003-07-28 09:31:28 +00:00
Eric Andersen
35e643b39f last_patch95 from vodz:
Hi.

Last patch have new libbb function
vfork_rexec() for can use daemon() to uClinux system.
This patched daemons: syslog, klogd, inetd, crond.
This not tested! I havn`t this systems.
Also. Previous patch for feature request MD5 crypt password for
httpd don`t sended to this mailist on 07/15/03
(mailist have Pytom module problem?).
The previous patch included, and have testing.


--w
vodz
2003-07-28 07:40:39 +00:00
Eric Andersen
480f1533f3 The logger utility does not really depend on CONFIG_SYSLOGD,
since it can also be used with other syslog daemons
 -Erik
2003-07-26 08:20:46 +00:00
Eric Andersen
e5272074c9 eliminate DOSTATIC, DODEBUG, etc and name them sensibly 2003-07-22 22:15:21 +00:00
Eric Andersen
85e5e72bc1 Remove remaining libc5 support code 2003-07-22 08:56:55 +00:00
Eric Andersen
cb81e6484d Update a bunch of docs. Run a script to update my email addr. 2003-07-14 21:21:08 +00:00
Eric Andersen
46ba568fc0 oops 2003-05-23 09:29:57 +00:00
Eric Andersen
d4f90ed37e This patch from Vitezslav Batrla, is a cleaner fix for the
problem with syslogd logging the '<' char.
2003-05-23 09:28:01 +00:00
Eric Andersen
900c8f3362 Apply patch from Georg Magschok to fix syslog behavior so that the
'>' charactor can be logged, per rfc3164.

Also, a small patch from me to fix it so we use MAXLINE when allocating the
buffer, which is consistant with use everywhere else.  This is needed since
uClibc defines BUFSIZE as 255, causing lines to be truncated at 255...
2003-05-16 08:35:02 +00:00
Manuel Novoa III
cad5364599 Major coreutils update. 2003-03-19 09:13:01 +00:00
Eric Andersen
08f4a4c508 Add all the syslogd help text 2003-02-28 07:20:55 +00:00
Glenn L McGrath
877d418b39 Dont die if logging remotely fails, patch by Joshua Jackson 2003-02-09 05:07:42 +00:00
Glenn L McGrath
6ed77595f1 Update email address for Gennady Feldman <gena01@gena01.com> 2002-12-12 10:54:48 +00:00
Eric Andersen
c9f20d9fb9 Yet another major rework of the BusyBox config system, using the considerably
modified Kbuild system I put into uClibc.  With this, there should be no more
need to modify Rules.mak since I've moved all the interesting options into the
config system.  I think I've got everything updated, but you never know, I may
have made some mistakes, so watch closely.
 -Erik
2002-12-05 08:41:41 +00:00
Glenn L McGrath
e1ad672216 add the -c option, modified version of a patch from Bastian Blank 2002-12-01 11:31:58 +00:00
Glenn L McGrath
912d8f4cbc run through indent and manually check result 2002-11-10 22:46:45 +00:00
Glenn L McGrath
907a240b1c last_patch57 from Vladimir N. Oleynik 2002-11-10 21:33:28 +00:00
Eric Andersen
02e6ba91e8 Vodz' last_patch57:
Hi, Erik.

    my_getpw(uid/gid) and applets used it have problem:
    if username for uid not found, applets can`t detect it
    (but code pessent). Also "%8ld " format is bad:
    spaces not required (applets have self format
    or spec format (tar applet) and overflow for "id" applet...)
    This problem also pressent in stable version.
    Patch for unstable in attach.

    --w
    vodz
2002-09-30 20:39:56 +00:00
Eric Andersen
06c35da6af patch from John Hall <john.hall@optionexist.co.uk> to change the
klogd specific messages to facility LOG_SYSLOG and tidies up some
of the priorities.
2002-09-18 14:23:06 +00:00
Eric Andersen
39ad2833c0 hehe. 2002-09-17 20:35:58 +00:00
Eric Andersen
871d93c462 Vodz' last_patch57:
Ok. Patch with reduce size ready.
    Notes: syslogd imposible close logsocket,
    the real programm write logmessages (hmm, cycle loop?)

    (Excuse me - this have small tab-formats rewroting also)

       text    data     bss     dec     hex filename
       2913     332   12388   15633    3d11 syslogd.o
       3109     332    9252   12693    3195 syslogd_old.o
2002-09-17 20:06:29 +00:00
Glenn L McGrath
9fef17dec3 Run through indent, fix comments 2002-08-22 18:41:20 +00:00
Manuel Novoa III
f8277ca992 Move #define MAXLINE so this compiles without circ buffers. 2002-08-06 20:12:56 +00:00
Eric Andersen
74b007f7cc Oops. Code things so it actually works this time around...
-Erik
2002-08-05 11:56:25 +00:00
Eric Andersen
c59716ff4c Joel Coltoff <joel@wmi.com> noticed that following a recent
change in uClibc that changed opening the /dev/log socket as
SOCK_STREAM to SOCK_DGRAM, busybox syslogd no longer worked
since it needed a matching change.  This fixes it so it
works once again.
2002-08-05 11:14:30 +00:00
Robert Griebl
fc78b79575 Applied syslogd fix submitted by Bart Visscher:
I am using BB 0.60.2 in a floppy distro, and the syslog (and logger) is
unable to log the "<" char.  This shows up in ppp logfiles.  [...]
#logger "<pcomp>" results in "comp>" arriving at the log.
2002-07-19 20:52:21 +00:00
Eric Andersen
4e116823f4 Patch from Larry Doolittle to teach syslogd to not give up when errno is EINTR 2002-04-13 14:07:32 +00:00
Eric Andersen
85208e2ab9 Completely rework the config system so that it no longer annoys me to work on
the busybox development tree.  This eliminates the use of recursive make, and
once again allows us to run 'make' in a subdirectory with the expected result.
And things are now much faster too.  Greatly improved IMHO...
 -Erik
2002-04-12 12:05:57 +00:00
Eric Andersen
b159146fa6 Add missing " " after the word on, as reported by Jason Luther
back in mid-december.
 -Erik
2002-03-20 09:52:45 +00:00
Matt Kraai
1f0c43668a Remove == TRUE' tests and convert != TRUE' and `== FALSE' tests to use !. 2001-12-20 23:13:26 +00:00
Matt Kraai
c8227639db Change strdup calls to xstrdup (patch from Steve Merrifield). 2001-11-12 16:57:27 +00:00