Hi,
I've spent the half night staring at the devilish my_getpwuid and my_getgrgid functions
trying to find out a way to avoid actual and future potential buffer overflow problems
without breaking existing code.
Finally I've found a not intrusive way to do this that surely doesn't break existing code
and fixes a couple of problems too.
The attached patch:
1) changes the behaviour of my_getpwuid and my_getgrgid to avoid potetntial buffer overflows
2) fixes all occurences of this function calls in tar.c , id.c , ls.c, whoami.c, logger.c, libbb.h.
3) The behaviour of tar, ls and logger is unchanged.
4) The behavior of ps with somewhat longer usernames messing up output is fixed.
5) The only bigger change was the increasing of size of the buffers in id.c to avoid
false negatives (unknown user: xxxxxx) with usernames longer than 8 chars.
The value i used ( 32 chars ) was taken from the tar header ( see gname and uname).
Maybe this buffers can be reduced a bit ( to 16 or whatever ), this is up to you.
6) The increase of size of the binary is not so dramatic:
size busybox
text data bss dec hex filename
239568 2300 36816 278684 4409c busybox
size busybox_fixed
text data bss dec hex filename
239616 2300 36816 278732 440cc busybox
7) The behaviour of whoami changed:
actually it prints out an username cut down to the size of the buffer.
This could be fixed by increasing the size of the buffer as in id.c or
avoid the use of my_getpwuid and use getpwuid directly instead.
Maybe this colud be also remain unchanged......
Please apply if you think it is ok to do so.
The diff applies on today's cvs tarball (2004-08-25).
Thanks in advance,
Ciao,
Tito
Hi to all,
This patch is useful for:
1) remove an unused var from extern char *find_real_root_device_name(const char* name)
changing it to extern char *find_real_root_device_name(void).
2) fixes include/libbb.h, coreutils/df.c, util-linux/mount.c and util-linux/umount.c accordingly.
3) fixes a bug, really a false positive, in find_real_root_device_name() that happens if
in the /dev directory exists a link named root (/dev/root) that should be skipped but
is not. This affects applets like df that display wrong results
On Sat, Jun 19, 2004 at 10:57:37PM +0200, Bastian Blank wrote:
> The following patch changes klogd to use openlog/syslog themself
> instead of calling syslog_msg which always calls the triple
> openlog/syslog/closelog.
Updated patch: get rid of syslog_msg entirely. Request from Erik Andersen.
Bastian
The updated patch adds a config option to explicitely enable 64 bit
arithmetic.
Also it removes the arith prototype from libbb.h as it is not used
outside of ash.
Bastian
this patch has been slightly modified by Erik for cleanliness.
test it before checking in..." New entry for famous last words list.)
Add the missing backslash at the end of the new sed doc string line.
(This one actually compiled with "show verbose applet usage messages"...)
This is a bulk spelling fix patch against busybox-1.00-pre10.
If anyone gets a corrupted copy (and cares), let me know and
I will make alternate arrangements.
Erik - please apply.
Authors - please check that I didn't corrupt any meaning.
Package importers - see if any of these changes should be
passed to the upstream authors.
I glossed over lots of sloppy capitalizations, missing apostrophes,
mixed American/British spellings, and German-style compound words.
What is "pretect redefined for test" in cmdedit.c?
Good luck on the 1.00 release!
- Larry
Hi,
Well, I made this patch a long time ago (08/2002) because it was a
need of a project, but had no time to send it to you. It adds support
to `autologin' option of the telnet protocol. It has been used since
made with busybox 0.60.3 at production and I had no problems with it.
I have ported it to the HEAD revision of the CVS server (20040211) and
I hope you enjoy and apply it to the official sources. :)
Thanks a lot!
I had previously provided you with a patch to help complete busybox's
props suite, but have heard no word back. Sense then I've made use of as
many of busybox's native API settings as I could find and would really
love for you to include support for this. If there is something more I
need to do to get this supported added in please let me know.
function as there is no gracefull way of handling failures.
Rename bb_getport to bb_lookup_port, allow a default port to be
specified so it always returns a correct value.
Modify ftpgetput/rdate/wget to use the new interface.
wget/rdate now use etc/services with a falback default value.
You will find in the attached file "syslog.patch" a patch which adds
config options to set at compile time the size of the circular buffer,
and some documentation update.
Hi to all,
here is a new patch for bb's devfsd. The news are:
1) Size reduction for the basic setup with no options compiled in from :
text data bss dec hex filename
10591 392 543 11526 2d06 devfsd.o
rw-r--r-- 1 root root 18536 Dec 18 21:52 devfsd.o
to:
text data bss dec hex filename
9303 392 543 10238 27fe devfsd.o
rw-r--r-- 1 root root 16528 Dec 18 22:02 devfsd.o
With this setup you should not expect much output from devfsd
( just at start or with -v) and if some error occurs it only exits 1.
To have more output enable: " Increases logging (and size)" (+1568 b).
2) The option "Adds function names to program output" was removed from config menu
and now to enable debug output you can use bb's standard option:
"Build BusyBox with Debugging symbols".
Be careful as with this option enabled a lot of data are outputted to /dev/log and/or to stderr.
3) A new option: "Enables the -fg and -np option" was added to config menu (+128 b).
BTW: option "Adds support for MODLOAD keyword in devsfd.conf" adds 268 b.
4) The following keywords in devsfd.conf are supported:
"CLEAR_CONFIG", "INCLUDE", "OPTIONAL_INCLUDE", "RESTORE",
"PERMISSIONS", "EXECUTE", "COPY", "IGNORE", "MKOLDCOMPAT",
"MKNEWCOMPAT","RMOLDCOMPAT", "RMNEWCOMPAT".
But only if they are written UPPERCASE!!!!!!!!
5)Help text in usage.h was modified.
6)Something that I have forgotten..........
I've tested this for the last week on my box and it seems to work as expected.
Thanks in advance and please apply.
Ciao,
Tito
archive_xread can be replaced with bb_full_read, and archive_copy_file
with bb_copyfd*
bb_copyfd is split into two functions bb_copyfd_size and bb_copyfd_eof,
they share a common backend.
open_transformer(), common code for pipe+fork.
Function pointer for read() no longer needed.
Allow inflate to be initialised with a specified buffer size to avoid
over-reading.
Reset static variables in inflate_get_next_window to fix a bug where
only the first file in a .zip would be be extracted.
in order to fix the problems with round robin DNS reported
by Andrew Flegg:
http://busybox.net/lists/busybox/2003-October/009579.html
This removes the ipv6 specific xconnect dns lookups. I do
not see why that would need to be special cased for ipv6 as
was done, but that will just have to be tested.
So IPV6 people -- please test this change!
-Erik
Dear list,
during my quest do pack busybox into an RPM, I've fixed a small bug
(missing \n) in dc's usage. And added two additional operations: mod and
exp/power.
Feel free to drop them.
Hi Eric
I have written a small patch for the Busybox syslogd. With this patch
one can limit the size of the messagfile. As soon as the limit is
reached the syslogd can rotate or purge the messagefile(s) on his own.
There is no necessity to use an external rotatescript.
Even if logread does something similar, its very handy to have some
messagefile after your box crash.
I wrote this patch initial vor BB 0.6x where no cron daemon was avail.
Now I adapted it for the new Version and i hope it is still useful. At
least I still use it :-)
bye
Arnd
Busybox "mount" applet unsupport "user" option and
result: must have _BB_SUID_NEVER applet option (my bug).
Last patch have reducing 216 bytes for "su" applet also.
Always preserve creation date
Disable the -p option its for modification date
Remove some cpio header debugging noise
Syncronise file listing behaviour with upstream.
In BusyBox v1.00-pre2,
commands like ls, df with -h option report a wrong file size for files larger than 4GBtye!!
For example,
when I execute 'ls -l', it reports
-rw-r--r-- 1 root root 5368709120 Aug 17 2003 large_stream.tp
when I execute 'ls -lh', I expect that
-rw-r--r-- 1 root root 5.0G Aug 17 2003 large_stream.tp
but it reports
-rw-r--r-- 1 root root 1.0G Aug 17 2003 large_stream.tp
I fixed this bug that...
Line 31 in libbb/human_readable.c and line 275 include/libbb.h
const char *make_human_readable_str(unsigned long size
=> const char *make_human_readable_str(unsigned long long size
It's OK!
should we rename the define into CONFIG_FEATURE_HDPARM_HDIO_DMA and
use it for "set" and "get" ???
Since although CONFIG_FEATURE_HDPARM_HDIO_GET_DMA is _not_ set I still
can use "hdparm -d 1 /dev/hda" to switch the DMA on.
Is this desireable or meant to be like that?
So how about the applied patch?
this patch fixes run_parts when it's called by ifupdown. 1) argv has to be a
NULL terminated char* array, not just a string. 2) run_parts now explicitly
sets the environment. this environment is populated from the
/etc/network/interfaces config file and is needed by the scripts in
/etc/network/if-pre-up.d/. when run-parts is called from the command line the
environment is taken from the current process.
Vladimir Oleynik then wrote:
You can simplify this if use:
+ bb_xasprintf(&buf[0], "/etc/network/if-%s.d", opt);
+ buf[1] = NULL;
+
+ run_parts(&buf, 2, environ);
+ free(buf[0]);
--w
vodz
Hi.
Last patch have new libbb function
vfork_rexec() for can use daemon() to uClinux system.
This patched daemons: syslog, klogd, inetd, crond.
This not tested! I havn`t this systems.
Also. Previous patch for feature request MD5 crypt password for
httpd don`t sended to this mailist on 07/15/03
(mailist have Pytom module problem?).
The previous patch included, and have testing.
--w
vodz
Here's a bunch of fixes for the watchdog app in busybox. This does a
couple of things:
- configurable timer duration (userspace timer duration is
usually configurable within the device drivers themselves).
- run as a daemon
- shutdown the device properly on SIGINT or SIGHUP
- clear the counter immediately instead of sleeping first
as well as updating the usage information. This has also been switched
over to getopt to deal with the optional timer duration specifier.
The changes themselves are harmless and isolated, and I've veried that
this works on sh and x86 without any problems.
The current SC_x references automatically assume that everyone uses ttyS/tts
as their naming scheme for their serial ports. This isn't the case for quite
a few architectures, including sh, sh64, h8, arm, etc.
Hello, I think the test for an unconfigured httpd is wrong in
the CVS (busybox-unstable-20030620.tar.bz2)
flg_deny_all is default 0
vodz then wrote:
Oops. You are right.
Also, this mistake haved from two place.
Last patch rewroted to my new get_ularg() function for overcompensate size
from this error found ;-)
Manuel,
I rewrite bb_getopt_ulflags() function for more universal usage.
My version support now:
- options with arguments (optional arg as GNU extension also)
- complementaly and/or incomplementaly and/or incongruously and/or list
options
- long_opt (all applets may have long option, add supporting is trivial)
This realisation full compatibile from your version.
Code size grow 480 bytes, but only coreutils/* over compensate this size
after using new function. Last patch reduced over 800 bytes and not full
applied to all. "mkdir" and "mv" applets have long_opt now for demonstrate
trivial addition support long_opt with usage new bb_getopt_ulflags().
Complementaly and/or incomplementaly and/or incongruously and/or list options
logic is not trivial, but new "cut" and "grep" applets using this logic
for examples with full demostrating. New "grep" applet reduced over 300
bytes.
Mark,
Also. I removed bug from "grep" applet.
$ echo a b | busybox grep -e a b
a b
a b
But right is printing one only.
--w
vodz
- ip route flush
- different usage for telnetd in inetd mode
- changes for the default flags of the ip features
- if no /usr requested, udhcpc should use the script also without /usr.
Apply patch from Ghozlane Toumi to make find smaller by combining
similar error messages
Forward port find -newer support from busybox stable that was
missing from unstable. -Erik.
Fixup usage messages for find. -Erik
Ok. I generate patch for include to busybox-devel my work with
top (original author give me maintaining) and telnetd (my
support and unofficial maintaining) applets. Docs changes
also: added awk, netstat, time applets to list ;)
Hi, Erik.
my_getpw(uid/gid) and applets used it have problem:
if username for uid not found, applets can`t detect it
(but code pessent). Also "%8ld " format is bad:
spaces not required (applets have self format
or spec format (tar applet) and overflow for "id" applet...)
This problem also pressent in stable version.
Patch for unstable in attach.
--w
vodz
#49: I found one memory overflow and memory leak in "ln" applet.
Last patch reduced also 54 bytes. ;)
#50: I found bug in loginutils/Makefile.in.
New patch have also new function to libbb and
aplied this to applets and other cosmetic changes.
IPV6 support to busybox. This patch does the following:
* Add IPv6 support to libbb
* Enable IPv6 interface address display
* Add IPv6 config option
* Adds ping6, an adaptation of the ping applet for IPv6
* Adds support routines for ping6:
- xgethostbyname2
- create_icmp6_socket
* Adds ifconfig support for IPv6
* Add support IPv6 to netstat
* Add IPv6 support to route
Thanks Bart!
- Made a new dir loginutils
- Moved all applets from pwd_grp to loginutils
- Added new applets su.c login.c to loginutils
- Made a new dir libpwdgrp
- Moved everything from pwd_grp/libpwd_grp there
- Added shadow.c to libpwdgrp
- Removed dir pwd_grp
- Added usage strings for login and su to usage.h
- Changed main Makefile to reflect the dir rearrangements
[Parts of this patch may overlap with my other two patches]
1) tinylogin like with compile time selection and a chown root.root
2) Runtime configurable via /etc/busybox.conf (docu is in the works)
[Parts of this patch may overlap with my other two patches]
(bunzip2_main): Read data from standard input if FILE argument is `-' or
omitted.
* include/usage.h (bunzip2_trivial_usage, bunzip2_full_usage): Rewrite.
* testsuite/bunzip2/bunzip2-reads-from-standard-input: New.
Very minimal last corrections:
1) busybox.c: fix warining
2) docs/: add applets for list from pwd_grp
3) usage.h: add -n option for route
4) run_parts.c: many todo fix for busybox style
5) addgroup.c: add #ifdef CONFIG_FEATURE_SHADOWPASSWDS, reduce one
perror_msg
6) adduser.c: fix bug "variable i not initialize" and
add #ifdef CONFIG_FEATURE_SHADOWPASSWDS
that into a pid_t, which is unsigned on a number archs. Furthermore,
find_pid_by_name() would _never_ return an error if the intended proces
was "init", but instead would return 1, meaning we would fail to work
on 2.4.x kernels running an initrd...
-Erik