Commit Graph

36 Commits

Author SHA1 Message Date
lukem
44f6d24c7f fix sign-compare issue 2009-04-14 07:59:17 +00:00
lukem
98e5374ccb Remove the \n and tabs from the __COPYRIGHT() strings.
Tweak to use a consistent format.
2008-07-21 14:19:20 +00:00
tls
4147a3c54a Add new Makefile knob, USE_FORT, which extends USE_SSP by turning on the
FORTIFY_SOURCE feature of libssp, thus checking the size of arguments to
various string and memory copy and set functions (as well as a few system
calls and other miscellany) where known at function entry.  RedHat has
evidently built all "core system packages" with this option for some time.

This option should be used at the top of Makefiles (or Makefile.inc where
this is used for subdirectories) but after any setting of LIB.

This is only useful for userland code, and cannot be used in libc or in
any code which includes the libc internals, because it overrides certain
libc functions with macros.  Some effort has been made to make USE_FORT=yes
work correctly for a full-system build by having the bsd.sys.mk logic
disable the feature where it should not be used (libc, libssp iteself,
the kernel) but no attempt has been made to build the entire system with
USE_FORT and doing so will doubtless expose numerous bugs and misfeatures.

Adjust the system build so that all programs and libraries that are setuid,
directly handle network data (including serial comm data), perform
authentication, or appear likely to have (or have a history of having)
data-driven bugs (e.g. file(1)) are built with USE_FORT=yes by default,
with the exception of libc, which cannot use USE_FORT and thus uses
only USE_SSP by default.  Tested on i386 with no ill results; USE_FORT=no
per-directory or in a system build will disable if desired.
2007-05-28 12:06:17 +00:00
elad
1b28df2fb7 strncpy -> strlcpy 2006-06-17 08:22:06 +00:00
christos
67a132acdc PR/28474: Geoff C. Wing: write does some weird checking and can't handle ptyfs 2004-11-30 04:08:38 +00:00
christos
74c9d10c58 make the atime and msgok optional. If we did not request atime, then we
don't want strict checking and in this case if the tty is not found we
don't exit. write calls this with atime != NULL and wall calls this with
atime == NULL.
2004-10-27 17:48:47 +00:00
christos
4b03e4a99f Allow root to write even if it does not have a tty. 2004-10-26 19:24:00 +00:00
agc
89aaa1bb64 Move UCB-licensed code from 4-clause to 3-clause licence.
Patches provided by Joel Baker in PR 22365, verified by myself.
2003-08-07 11:13:06 +00:00
christos
2d67d54fef PR/21568: Martin Husemann: Shutdown gets permission denied error from wall 2003-05-13 23:05:34 +00:00
christos
b0eade51fd improve error handling and knf. 2003-05-03 15:57:11 +00:00
christos
73b3e2ae58 separate the term check stuff. 2003-04-20 23:53:04 +00:00
lukem
5d4973fe97 makefile delint. use NETBSDSRCDIR as appropriate 2002-09-18 14:00:33 +00:00
itojun
2abe377059 defend against malicious line in ut_line, which could cause unwanted
writes to anything under /dev.  revoke setuid/gid privs earlier.
From: xs@kittenz.org
2002-08-16 20:21:48 +00:00
christos
c020d65e19 utmpx support. 2002-08-02 01:52:13 +00:00
mjl
e1d9ba796d un__Pify, ANSIfy and constify. 2001-01-03 13:25:11 +00:00
mjl
a640361563 /dev -> _PATH_DEV 2001-01-03 13:14:26 +00:00
matt
fcd0fb118f Make gcc 2.96 (and maybe earlier) happier. Include <stdlib.h>,<string.>,
etc. as appropriate to get exit,srncmp,abs,abort,etc.
Add -I${.CURDIR} to a few Makefiles
2000-07-03 02:51:12 +00:00
drochner
85cbf55d16 Since our gcc doesn't warn about NULL format strings anymore, we can
fix the incorrect err(1, "%s", "") et al.
Closes PR bin/7592 by cgd.
1999-11-09 15:06:30 +00:00
christos
18d277be6d char -> unsigned char 1998-12-20 15:04:40 +00:00
ross
f670fa10c5 Add { and } to shut up egcs. Reformat the more questionable code. 1998-08-25 20:59:36 +00:00
mycroft
af26acbc65 const poisoning. 1998-07-26 23:14:40 +00:00
mrg
448f5de7fb KNF. use S_IWGRP instead of homegrown crap. ensure tty buffer is nul-terminated. 1998-07-06 11:17:30 +00:00
mrg
32f519716b - use an array MAXHOSTNAMELEN+1 size to hold hostnames
- ensure hostname from gethostname() is nul-terminated in all cases
- minor KNF
- use MAXHOSTNAMELEN over various other values/defines
- be safe will buffers that hold hostnames
1998-07-06 06:56:06 +00:00
lukem
f4100846b8 deprecate register 1997-10-20 03:24:44 +00:00
mrg
658077dbfb WARNSify; clean up .Nm 1997-10-19 14:35:28 +00:00
mrg
a4d8e69073 remove possibly dangerous sprintf and strcpy calls. 1997-02-11 08:21:03 +00:00
explorer
8b5cdff515 sprintf -> snprintf, from David A. Holland <dholland@eecs.harvard.edu> 1997-01-20 19:04:59 +00:00
perry
9cb735d26b fix write to print a warning if the sender has "mesg n" set, instead
of dying with an error. From Mark Weaver
closes pr-355, per thorpej
1997-01-17 01:52:12 +00:00
tls
9d225a1783 RCS ID police 1997-01-09 20:18:21 +00:00
jtc
5a441adfaf sync with 4.4lite2 1995-08-31 21:48:32 +00:00
jtc
5720e226ae misc cleanup by jimj and myself. 1994-12-21 07:11:00 +00:00
mycroft
180e70c1db Update to 4.4-Lite version, converted to use err*(3) and warn*(3). 1994-09-19 08:18:22 +00:00
mycroft
e9d867ef50 Add RCS identifiers. 1993-08-01 17:54:45 +00:00
mycroft
c3e42d1c64 Add RCS indentifiers. 1993-08-01 07:22:47 +00:00
mycroft
d0f8d5d2bb Add RCS identifiers. 1993-07-30 22:28:22 +00:00
cgd
61f282557f initial import of 386bsd-0.1 sources 1993-03-21 09:45:37 +00:00