Commit Graph

1357 Commits

Author SHA1 Message Date
tls 4147a3c54a Add new Makefile knob, USE_FORT, which extends USE_SSP by turning on the
FORTIFY_SOURCE feature of libssp, thus checking the size of arguments to
various string and memory copy and set functions (as well as a few system
calls and other miscellany) where known at function entry.  RedHat has
evidently built all "core system packages" with this option for some time.

This option should be used at the top of Makefiles (or Makefile.inc where
this is used for subdirectories) but after any setting of LIB.

This is only useful for userland code, and cannot be used in libc or in
any code which includes the libc internals, because it overrides certain
libc functions with macros.  Some effort has been made to make USE_FORT=yes
work correctly for a full-system build by having the bsd.sys.mk logic
disable the feature where it should not be used (libc, libssp iteself,
the kernel) but no attempt has been made to build the entire system with
USE_FORT and doing so will doubtless expose numerous bugs and misfeatures.

Adjust the system build so that all programs and libraries that are setuid,
directly handle network data (including serial comm data), perform
authentication, or appear likely to have (or have a history of having)
data-driven bugs (e.g. file(1)) are built with USE_FORT=yes by default,
with the exception of libc, which cannot use USE_FORT and thus uses
only USE_SSP by default.  Tested on i386 with no ill results; USE_FORT=no
per-directory or in a system build will disable if desired.
2007-05-28 12:06:17 +00:00
mouse 2609539fc5 Per PR 36185, OKed by martin@ 2007-04-22 02:09:02 +00:00
hubertf b1eaefe397 Xref shuffle(1) from random(6), and vice versa 2007-03-20 16:12:40 +00:00
ad 1458eba0f6 NetBSD JIHBED 2007-02-26 06:49:00 +00:00
ad 7545be4439 NetBSD: Dead on Target
-- Gimpy
2007-02-26 06:30:45 +00:00
hubertf be5e286e64 - Don't call basename $0 at many places. Use variable $PROGNAME
- Better check when neither $ACRONYMDB is define nor files in
   /usr/share/misc/ are found
 - Replace cat | fgrep to using fgrep only
 - Replace sort | uniq to using sort -u

By Slava Semushin <slava.semushin@gmail.com> in private email.
2007-01-24 13:17:42 +00:00
chuck f90603d08a Update my previous commit to better match the original code, including
the check for 'bs'...   my previous commit should have included the
following text:
  fixes problem introduced in 1.13 where the setting of "BC" (backspace char)
  was left to libterm rather than being done by hack itself.  the problem
  with this was that hack was directly setting BC to \b if there was no
  "bc" in the termcap entry, but libterm does not do this.   this resulted in
  the xputs(BC) calls in nocmov() and backsp() incorrectly doing nothing, thus
  messing up the display.  added new var BC_BS to provide the old behavior
  for nocmov() and backsp().
2007-01-17 02:35:28 +00:00
chuck bfec35be7a mrg's changes in 1.13 broke hack's display code. 2007-01-17 02:12:19 +00:00
hubertf 61daec5724 Replve duplicate #includes
From Slava Semushin <slava.semushin@gmail.com>, via private mail
2007-01-17 00:30:23 +00:00
hubertf b4df40b17b - ANSIfy
- Use return instead of exit() in main()
 - Use EXIT_{SUCCESS,FAILURE} constants instead of 0/1

No functional changes. Patch submitted in private mail by
Slava Semushin <slava.semushin@gmail.com>
2007-01-12 22:43:05 +00:00
wiz 2957444796 Fix some typos in ENIAC quote. From Zafer Aydogan and myself. 2006-12-25 18:46:48 +00:00
wiz 9b8796fcbe Spell "tomorrow" correctly. From Zafer Aydogan. 2006-12-25 18:43:03 +00:00
wiz 88306df899 Bump date for previous. Use mdoc macros. 2006-12-23 09:47:30 +00:00
reed 9fdd8e989b Add example of using -w. 2006-12-14 02:29:59 +00:00
wiz 09cb1d6f1c s/existance/existence/, from Zafer. 2006-11-24 22:52:16 +00:00
wiz 6919c6578c s/independant/independent/, from Zafer. 2006-11-24 22:04:21 +00:00
wiz 40d5f88af4 s/exceded/exceeded/, from Zafer. 2006-11-24 21:14:55 +00:00
christos 1665d5e960 fix spelling of accommodate; from Zapher. 2006-11-24 19:46:58 +00:00
christos 3d98aa3f4b fix spelling of accidentally; from Zapher 2006-11-24 19:37:02 +00:00
reed 57c4a8a6b0 Check that -w width is not above maximum. (It already checks for zero or
negative.) Using width above DWIDTH may cause overflow as noted by Gruzicki
Wlodek on bugtraq.

While here replace one use of 132 with DWIDTH.
2006-11-22 16:15:42 +00:00
mrg fd5635ed7a don't discard const. GCC 4.1-20061021 doesn't like that... 2006-10-22 08:09:24 +00:00
elad ac3f498792 Typo, from David A. Holland on #NetBSD-code, thanks! 2006-10-08 20:12:27 +00:00
elad 444bc3c8be Input validation, from David A. Holland on #NetBSD-code 2006-10-07 18:29:02 +00:00
elad 1232ea27c4 PR/18906: roskens at elfin dot net: misc. select() to poll() updates.
Adapted to -current by myself, thanks for the patch!
2006-10-07 17:27:57 +00:00
jmcneill a6a54c10d8 PR# 4305: [dM] boggle uses very incomplete wordlist. 2006-09-24 01:38:57 +00:00
christos 5e676b6bff PR/34175: Zafer Aydogan: touch the window to cause a refresh after help
Also use CTRL instead of \xxx
2006-08-09 14:29:40 +00:00
hubertf 33a2a79b24 Attribute ``A language that doesn't affect the way you think about
programming is not worth knowing.'' to Alan Perlis, per Diomidis Spinellis'
blog at http://www.spinellis.gr/blog/20060424/
2006-06-24 13:32:45 +00:00
reed 5fe28dc7e5 Fix typo or mispelling. 2006-06-17 04:58:14 +00:00
jnemeth 4ce238c9c6 Increase username length to match modern systems, and create #defines for a
couple of lengths.
2006-06-07 09:36:39 +00:00
jnemeth ca1e1e9c7c Actually accept "?" argument as documented in the manpage.
Don't attempt to ignore an untrappable signal.
Fix 6 possible buffer overflows.
2006-06-07 09:35:03 +00:00
jnemeth c8e9ec4ee2 Don't follow symlinks on systems that have O_NOFOLLOW.
Don't bother looping with lockf() since first iteration would return.
Prevent two buffer overflows.
2006-06-07 09:30:35 +00:00
jnemeth c7bfb55e4e prevent "stack" overflow 2006-06-07 09:24:26 +00:00
jnemeth 29088d6b12 bracket else block 2006-06-07 09:22:52 +00:00
jnemeth f05caa1c39 WARNS=4 2006-06-07 09:21:06 +00:00
drochner 3f13a4cf7b Better check data read from tetris.scores before use as array indices etc.
This is CVE-2006-1539, files against Gentoo Linux, the patch is from
Gentoo.
A standard NetBSD installation is not as much risk because tetris is
sgid "games", and users shouldn't be in that group.
2006-06-01 16:12:27 +00:00
dan f96b430610 read config more strictly, from Maximillian Dornseif 2006-05-25 07:11:54 +00:00
mrg 06b50ed8b9 don't try to switch a char and have a case of EOF - use an int. 2006-05-18 18:42:59 +00:00
christos 2854829efb Remove dup Hitler fortune. One of the two fortunes I moved yesterday, was
already in the offensive set. From a NetBSD fan who prefers to be anonymous.
2006-05-17 14:47:58 +00:00
christos 4440541abb PR/33495: Daniel Weiss: Offensive quote in netbsd fortune package
- Move 2 offensive to women Adolf Hitler quotes to fortune2-o
- s/Adolph/Adolf/
2006-05-16 20:13:50 +00:00
christos bd02d883c4 Add a virtual destructor to avoid "future ABI issues". I love c++. 2006-05-14 06:38:04 +00:00
christos ef47ce8264 add virtual destructors so that g++ shuts up. 2006-05-14 03:21:52 +00:00
christos 939d9a18de Don't use iostream just for the usage message. Use stdio instead. 2006-05-14 03:21:23 +00:00
christos 47169552b3 XXX: GCC uninitialized 2006-05-14 03:15:50 +00:00
christos a108a3f479 Coverity CID 3382: Fix memory leak. 2006-05-13 22:45:11 +00:00
christos 4b679b2a7f Coverity CID 3383: Fix memory leak. 2006-05-13 22:43:02 +00:00
christos dad51bf4f0 Coverity CID 3508: Fix file leak. 2006-05-13 22:29:53 +00:00
christos 2576ae5fca Coverity CID 3269: Fix memory leak. 2006-05-13 22:28:04 +00:00
mrg aadd7d4847 sprinkle some -fno-strict-aliasing and -Wno-pointer-sign with GCC4. 2006-05-11 23:16:28 +00:00
mrg 524d5f27c4 lrint() -> larn_lrint(). 2006-05-11 10:23:24 +00:00
mrg 4bc6feceb6 end the argument list to exec*(3) with a NULL instead of a bare '0', as
the latter isn't a pointer context in these varargs functions.
2006-05-11 00:22:52 +00:00