open the score file at the start and then drop all setgid privileges
while keeping a (close-on-exec) file descriptor open to it. In order
to allow this the static data files have to be made world readable.
In addition a potential buffer overrun with corrupted score files is
avoided by more careful use of scanf (note that SCORE_SCANF_FMT is
defined alongside the definition of the relevant structure).
Submitted in PR 8015 by Joseph Myers <jsm28@cam.ac.uk>
adventure(6). The handling of this variable is somewhat confusing,
since it is used for two different purposes (controlling the time
required before a saved game can be restored, and controlling various
aspects of dwarf behaviour); in fact, it is also declared twice in
hdr.h. Except possibly when saving a game fails, these uses can never
interfere; when used for controlling dwarf behaviour, we always have
saved == -1. This can be better understood with reference to the
original PDP-10 FORTRAN source (URL in patch, since hdr.h references
the comments of the FORTRAN as still relevant to this version) of
which the C version is a direct translation: the wrong value for
`saved' meant that someone was cheating and had bypassed normal
initialisation. Saving was done by halting and telling the user to
save their core image, so the question of carrying on after saving
failed to open the output file did not arise.
This patch separates the uses of `saved' into uses of two separate
variables.
Closes PR 8005 by Joseph Myers <jsm28@cam.ac.uk>
The detailed behaviour follows POSIX.2. A similar patch for wump(6)
which was accepted is in bin/6699. Fish does not need any setgid
privileges it gets from dm, so this patch also moves the gid resetting
earlier.
Reported in PR 7986 by Joseph Myers <jsm28@cam.ac.uk>
games/adventure/setup.c fails to check for errors when writing its
output. This means that, if the disk fills up at this point during a
build, it would nevertheless fail to return an error status.
.Sh "SEE ALSO"
to:
.Sh SEE ALSO
The doc macros check for the latter (actually just for 'SEE' as the first
argument to .Sh) to set the section header SEE ALSO flag, which modifies
some behaviour (e.g. references done with .Rs/.Re).
appropriate. It also removes some obsolete, unused code to check the
number of users on the system (obsoleted by dm); removes a prototype
for an unused function that was removed earlier; and removes a control
character from one message that was I think intended to clear the
screen on some particular terminal (though I can't find the comment to
that effect in any of the BSD source trees I have handy) but no longer
serves any useful purpose.
From PR 6580 by Joseph Myers <jsm28@cam.ac.uk>.
Also contains two more patches, one in teachgammon/tutor.h (by Joseph)
and one in common_source/fancy.c (by me).
integer arguments and with string arguments (cast to long, and in one
place to int). The patch here cleans this up, making it into two
separate functions; this allows for the game to be made const-correct
in future and improves portability.
The patch also contains two other fragments: a change to use the
symbolic constant SEEK_END with fseek(), and a change to use snprintf
in one place to avoid a buffer overrun.
Via PR 6569 by Joseph Myers <jsm28@cam.ac.uk>.
use of const I missed in bin/6041; avoiding a signed/unsigned warning;
marking an unused parameter as such; revoking setgid privileges
(including the saved gid) rather than setuid ones; includes and
function prototypes in setup.c; the string passed to err() should not
end with a `.'. Together with the patch sent concerning adventure's
EOF handling, this synchronises adventure(6) in NetBSD with the Linux
port of the NetBSD games.
Via PR 6557 by Joseph Myers <jsm28@cam.ac.uk>
hubertf