overflow checked snprintf(). for res_debug.c and res_query.c, convert
from sprintf() to snprintf().
tested scp and rcp fail properly with too-long paths.
tested getaddrinfo fails as expected for too-long domains.
tested dig and ping for similar (res_debug.c/res_query.c).
created a temporary fs with quotas to test edquota with a long EDITOR.
did not test ypserv directly, but it's the same pattern.
avoids GCC 12 snprintf() warnings, and reduces total code size.
Rename compiler-warning-disable variables from
GCC_NO_warning
to
CC_WNO_warning
where warning is the full warning name as used by the compiler.
GCC_NO_IMPLICIT_FALLTHRU is CC_WNO_IMPLICIT_FALLTHROUGH
Using the convention CC_compilerflag, where compilerflag
is based on the full compiler flag name.
GCC_NO_FORMAT_TRUNCATION -Wno-format-truncation (GCC 7/8)
GCC_NO_STRINGOP_TRUNCATION -Wno-stringop-truncation (GCC 8)
GCC_NO_STRINGOP_OVERFLOW -Wno-stringop-overflow (GCC 8)
GCC_NO_CAST_FUNCTION_TYPE -Wno-cast-function-type (GCC 8)
use these to turn off warnings for most GCC-8 complaints. many
of these are false positives, most of the real bugs are already
commited, or are yet to come.
we plan to introduce versions of (some?) of these that use the
"-Wno-error=" form, which still displays the warnings but does
not make it an error, and all of the above will be re-considered
as either being "fix me" (warning still displayed) or "warning
is wrong."
The format is somewhat different; I'm operating under the assumption
that nobody has automated editing scripts for the old format because
it's much easier just to use the command-line interface of
edquota. The new format is more scalable and more parseable.
Also, do a better job of diagnosing editing errors, and don't blindly
erase all quota information for the user being edited when a parse
error occurs after editing.
ufsclass2qtype -> quota_idtype_to_ufs
qtype2ufsclass -> quota_idtype_from_ufs
The reason for the direction of "ufs" changing is that the old names
were among the symbols using "ufs" to mean "fs-independent". So the
old names were for translating "ufsclass" (fs-independent quota id
type) to "qtype" (ufs-specific quota id type) and vice versa.
These functions are used in only two places, both of which are
inappropriate, so at some point they should probably be removed.
They're also identity transformations so not particularly helpful,
unless one were to make a careful and concerted effort to distinguish
the ufs quota code numbers from the fs-independent ones. This has not
been done and is probably impossible without support from a program
verifier, and maybe not even then.
They are static inline, so no compat concerns arise.
Also adjust the symbols they use to avoid <quota/quotaprop.h>.
and pass in two single quotaval structs (for blocks and inodes)
instead of an array of (implicitly) QUOTA_NLIMITS quotaval structs
indexed by constants from quotaprop.h.
Note: because this code is used by COMPAT_50 as well as ufs, this
change requires a kernel version bump. (The code is also used by
edquota, but via .PATH so it's not ABI-sensitive there.)
prop_*_recv_syscall() functions from proplib(3). They now share the
same logic as the one from prop_*_send_ioctl() functions:
- returns an int
- 0 indicates "no error", otherwise returns the error number (and
set errno)
Many consumers of the prop_*_{ioctl, syscall} expect errno to be set
on error and use err() to display the error message. As such, ensures that
errno gets set before returning from these functions.
prop_*_send_syscall() functions returned a boolean, and now return an int.
Fix all call sites to use the new paradigm (only quota2 is affected in src).
As the prop_*_{send,recv}_syscall() API appeared in -current and is only
used by the recent quota2 code, I am not bumping the lib. The API change
only affects the prop_*_send_syscall() function (recv_syscall()s were
already used correctly), so ensure you are not mixing "old" -current
quota binaries with a new proplib(3) (or the other way around). This
change will be announced via a HEADS-UP and UPDATING.
Does not affect the kernel part of proplib.
Document the correct API in prop_array(3) and prop_dictionary(3).
Thanks to Francois Tigeot for noticing the API inconsistency and
reporting it on tech-kern@.
ok bouyer@.
parse quota plists; as well as a getfsquota() function to retrieve quotas
for a single id from a single filesystem (whatever filesystem this is:
a local quota-enabled fs or NFS). This is build on functions getufsquota()
(for local filesystems with UFS-like quotas) and getnfsquota();
which are also available to userland programs.
move functions from quota2_subr.c to libquota or libprop as appropriate,
and ajust in-tree quota tools.
move some declarations from kernel headers to either sys/quota.h or
quota/quota.h as appropriate. ufs/ufs/quota.h still installed because
it's needed by other installed ufs headers.
ufs/ufs/quota1.h still installed as a quick&dirty way to get a code
using the old quotactl() to compile (just include ufs/ufs/quota1.h instead of
ufs/ufs/quota.h - old code won't compile without this change and this is
on purpose).
Discussed on tech-kern@ and tech-net@ (long thread, but not much about
libquota itself ...)
to store disk quota usage and limits, integrated with ffs
metadata. Usage is checked by fsck_ffs (no more quotacheck)
and is covered by the WAPBL journal. Enabled with kernel
option QUOTA2 (added where QUOTA was enabled in kernel config files),
turned on with tunefs(8) on a per-filesystem
basis. mount_mfs(8) can also turn quotas on.
See http://mail-index.netbsd.org/tech-kern/2011/02/19/msg010025.html
for details.
- -f, which allows to restrict edquota to only one quota-enabled filesystem
- -s and -h, which allows to set soft and hard limits respectively, without
the need to edit a file.
int overflow. It's now possible to add/display quotas of more than
4G.
XXX I'm sure there is a PR open on this but I couln't find it with the
usual search engines. If someone knows it's number ...
mrg