src - OpenBSD base system

diff options


context:
space:
mode:

author	Christian Weisgerber <naddy@cvs.openbsd.org>	2020-10-19 19:51:21 +0000
committer	Christian Weisgerber <naddy@cvs.openbsd.org>	2020-10-19 19:51:21 +0000
commit	9941cc9efda213d32111bbe22780fe9e4a865220 (patch)
tree	8b03b6a48936d0ef6aff5ca956daa0e5f1eda6d9 /usr.bin/cvs
parent	5454133fac5af90d436ece81c7fd015ab3c2d867 (diff)

Accommodate POSIX basename(3) that takes a non-const parameter and

may modify the string buffer. ok florian@ millert@

Diffstat (limited to 'usr.bin/cvs')

-rw-r--r--

usr.bin/cvs/admin.c

-rw-r--r--

usr.bin/cvs/checkout.c

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

-rw-r--r--

7 files changed, 106 insertions, 44 deletions

diff --git a/usr.bin/cvs/admin.c b/usr.bin/cvs/admin.c
index 81e6095fa04..360a0666892 100644
--- a/usr.bin/cvs/admin.c
+++ b/usr.bin/cvs/admin.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: admin.c,v 1.68 2017/06/01 08:08:24 joris Exp $ */

+/* $OpenBSD: admin.c,v 1.69 2020/10/19 19:51:20 naddy Exp $ */

@@ -246,12 +246,17 @@ cvs_admin_local(struct cvs_file *cf)

struct cvs_file *ocf;

struct rcs_access *acp;

int ofd;

- char *d, *f, fpath[PATH_MAX], repo[PATH_MAX];

+ char *d, dbuf[PATH_MAX], *f, fbuf[PATH_MAX];

+ char fpath[PATH_MAX], repo[PATH_MAX];

- if ((f = basename(oldfilename)) == NULL)

+ if (strlcpy(fbuf, oldfilename, sizeof(fbuf)) >= sizeof(fbuf))

+ fatal("cvs_admin_local: truncation");

+ if ((f = basename(fbuf)) == NULL)

fatal("cvs_admin_local: basename failed");

- if ((d = dirname(oldfilename)) == NULL)

+ if (strlcpy(dbuf, oldfilename, sizeof(dbuf)) >= sizeof(dbuf))

+ fatal("cvs_admin_local: truncation");

+ if ((d = dirname(dbuf)) == NULL)

fatal("cvs_admin_local: dirname failed");

cvs_get_repository_path(d, repo, PATH_MAX);

diff --git a/usr.bin/cvs/checkout.c b/usr.bin/cvs/checkout.c
index 8fa45fede5d..bf0b1ad7401 100644
--- a/usr.bin/cvs/checkout.c
+++ b/usr.bin/cvs/checkout.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: checkout.c,v 1.171 2017/06/01 08:08:24 joris Exp $ */

+/* $OpenBSD: checkout.c,v 1.172 2020/10/19 19:51:20 naddy Exp $ */

@@ -239,7 +239,7 @@ checkout_check_repository(int argc, char **argv)

struct module_checkout *mc;

struct cvs_ignpat *ip;

struct cvs_filelist *fl, *nxt;

- char repo[PATH_MAX], fpath[PATH_MAX], *f[1];

+ char repo[PATH_MAX], fpath[PATH_MAX], path[PATH_MAX], *f[1];

build_dirs = print_stdout ? 0 : 1;

@@ -329,14 +329,25 @@ checkout_check_repository(int argc, char **argv)

cr.flags = flags;

if (!(mc->mc_flags & MODULE_ALIAS)) {

+ if (strlcpy(path, fl->file_path,

+ sizeof(path)) >= sizeof(path))

+ fatal("%s: truncation",

+ __func__);

module_repo_root =

- xstrdup(dirname(fl->file_path));

+ xstrdup(dirname(path));

d = wdir;

+ if (strlcpy(path, fl->file_path,

+ sizeof(path)) >= sizeof(path))

+ fatal("%s: truncation",

+ __func__);

(void)xsnprintf(fpath, sizeof(fpath),

- "%s/%s", d,

- basename(fl->file_path));

+ "%s/%s", d, basename(path));

} else {

- d = dirname(wdir);

+ if (strlcpy(path, wdir,

+ sizeof(path)) >= sizeof(path))

+ fatal("%s: truncation",

+ __func__);

+ d = dirname(path);

strlcpy(fpath, fl->file_path,

sizeof(fpath));

}

@@ -387,7 +398,7 @@ checkout_check_repository(int argc, char **argv)

static int

checkout_classify(const char *repo, const char *arg)

{

- char *d, *f, fpath[PATH_MAX];

+ char *d, dbuf[PATH_MAX], *f, fbuf[PATH_MAX], fpath[PATH_MAX];

struct stat sb;

if (stat(repo, &sb) == 0) {

@@ -395,8 +406,13 @@ checkout_classify(const char *repo, const char *arg)

return CVS_DIR;

}

- d = dirname(repo);

- f = basename(repo);

+ if (strlcpy(dbuf, repo, sizeof(dbuf)) >= sizeof(dbuf))

+ fatal("checkout_classify: truncation");

+ d = dirname(dbuf);

+ if (strlcpy(fbuf, repo, sizeof(fbuf)) >= sizeof(fbuf))

+ fatal("checkout_classify: truncation");

+ f = basename(fbuf);

(void)xsnprintf(fpath, sizeof(fpath), "%s/%s%s", d, f, RCS_FILE_EXT);

if (stat(fpath, &sb) == 0) {

diff --git a/usr.bin/cvs/client.c b/usr.bin/cvs/client.c
index 972184e8ecb..ec92d13bb0d 100644
--- a/usr.bin/cvs/client.c
+++ b/usr.bin/cvs/client.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: client.c,v 1.128 2018/07/14 21:28:02 joris Exp $ */

+/* $OpenBSD: client.c,v 1.129 2020/10/19 19:51:20 naddy Exp $ */

@@ -157,6 +157,7 @@ client_check_directory(char *data, char *repository)

{

CVSENTRIES *entlist;

char *entry, *parent, *base, *p;

+ char basebuf[PATH_MAX], parentbuf[PATH_MAX];

STRIP_SLASH(data);

@@ -174,10 +175,14 @@ client_check_directory(char *data, char *repository)

if (cvs_cmdop == CVS_OP_EXPORT)

return;

- if ((base = basename(data)) == NULL)

+ if (strlcpy(basebuf, data, sizeof(basebuf)) >= sizeof(basebuf))

+ fatal("client_check_directory: truncation");

+ if ((base = basename(basebuf)) == NULL)

fatal("client_check_directory: overflow");

- if ((parent = dirname(data)) == NULL)

+ if (strlcpy(parentbuf, data, sizeof(parentbuf)) >= sizeof(parentbuf))

+ fatal("client_check_directory: truncation");

+ if ((parent = dirname(parentbuf)) == NULL)

fatal("client_check_directory: overflow");

if (!strcmp(parent, "."))

@@ -796,7 +801,7 @@ cvs_client_merged(char *data)

struct timeval tv[2];

struct tm datetm;

char timebuf[CVS_TIME_BUFSZ], *repo, *rpath, *entry, *mode;

- char *len, *fpath, *wdir;

+ char *len, *fpath, *wdir, wdirbuf[PATH_MAX];

if (data == NULL)

fatal("Missing argument for Merged");

@@ -817,7 +822,9 @@ cvs_client_merged(char *data)

fatal("received a repository path that is too short");

fpath = rpath + strlen(repo) + 1;

- if ((wdir = dirname(fpath)) == NULL)

+ if (strlcpy(wdirbuf, fpath, sizeof(wdirbuf)) >= sizeof(wdirbuf))

+ fatal("cvs_client_merged: truncation");

+ if ((wdir = dirname(wdirbuf)) == NULL)

fatal("cvs_client_merged: dirname: %s", strerror(errno));

free(repo);

diff --git a/usr.bin/cvs/file.c b/usr.bin/cvs/file.c
index 527aaf0d320..d3146648aef 100644
--- a/usr.bin/cvs/file.c
+++ b/usr.bin/cvs/file.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: file.c,v 1.273 2017/06/01 08:38:56 joris Exp $ */

+/* $OpenBSD: file.c,v 1.274 2020/10/19 19:51:20 naddy Exp $ */

@@ -265,7 +265,8 @@ cvs_file_walklist(struct cvs_flisthead *fl, struct cvs_recursion *cr)

struct stat st;

struct cvs_file *cf;

struct cvs_filelist *l, *nxt;

- char *d, *f, repo[PATH_MAX], fpath[PATH_MAX];

+ char *d, dbuf[PATH_MAX], *f, fbuf[PATH_MAX];

+ char repo[PATH_MAX], fpath[PATH_MAX];

for (l = RB_MIN(cvs_flisthead, fl); l != NULL; l = nxt) {

if (cvs_quit)

@@ -274,9 +275,14 @@ cvs_file_walklist(struct cvs_flisthead *fl, struct cvs_recursion *cr)

cvs_log(LP_TRACE, "cvs_file_walklist: element '%s'",

l->file_path);

- if ((f = basename(l->file_path)) == NULL)

+ if (strlcpy(fbuf, l->file_path, sizeof(fbuf)) >= sizeof(fbuf))

+ fatal("cvs_file_walklist: truncation");

+ if ((f = basename(fbuf)) == NULL)

fatal("cvs_file_walklist: basename failed");

- if ((d = dirname(l->file_path)) == NULL)

+ if (strlcpy(dbuf, l->file_path, sizeof(dbuf)) >= sizeof(dbuf))

+ fatal("cvs_file_walklist: truncation");

+ if ((d = dirname(dbuf)) == NULL)

fatal("cvs_file_walklist: dirname failed");

type = l->type;

diff --git a/usr.bin/cvs/logmsg.c b/usr.bin/cvs/logmsg.c
index 30c385fe0e0..1c0bcb6434d 100644
--- a/usr.bin/cvs/logmsg.c
+++ b/usr.bin/cvs/logmsg.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: logmsg.c,v 1.60 2017/05/28 16:57:01 joris Exp $ */

+/* $OpenBSD: logmsg.c,v 1.61 2020/10/19 19:51:20 naddy Exp $ */

@@ -100,6 +100,7 @@ cvs_logmsg_create(char *dir, struct cvs_flisthead *added,

struct cvs_filelist *cf;

struct stat st1, st2;

char *fpath, *logmsg, repo[PATH_MAX];

+ char *f, path[PATH_MAX];

struct stat st;

struct trigger_list *line_list;

struct trigger_line *line;

@@ -165,28 +166,46 @@ cvs_logmsg_create(char *dir, struct cvs_flisthead *added,

if (added != NULL && !RB_EMPTY(added)) {

fprintf(fp, "%s Added Files:", CVS_LOGMSG_PREFIX);

- RB_FOREACH(cf, cvs_flisthead, added)

- fprintf(fp, "\n%s \t%s ", CVS_LOGMSG_PREFIX,

- dir != NULL ? basename(cf->file_path) :

- cf->file_path);

+ RB_FOREACH(cf, cvs_flisthead, added) {

+ f = cf->file_path;

+ if (dir != NULL) {

+ if (strlcpy(path, f, sizeof(path)) >=

+ sizeof(path))

+ fatal("cvs_logmsg_create: truncation");

+ f = basename(path);

+ }

+ fprintf(fp, "\n%s \t%s ", CVS_LOGMSG_PREFIX, f);

+ }

fputs("\n", fp);

}

if (removed != NULL && !RB_EMPTY(removed)) {

fprintf(fp, "%s Removed Files:", CVS_LOGMSG_PREFIX);

- RB_FOREACH(cf, cvs_flisthead, removed)

- fprintf(fp, "\n%s \t%s ", CVS_LOGMSG_PREFIX,

- dir != NULL ? basename(cf->file_path) :

- cf->file_path);

+ RB_FOREACH(cf, cvs_flisthead, removed) {

+ f = cf->file_path;

+ if (dir != NULL) {

+ if (strlcpy(path, f, sizeof(path)) >=

+ sizeof(path))

+ fatal("cvs_logmsg_create: truncation");

+ f = basename(path);

+ }

+ fprintf(fp, "\n%s \t%s ", CVS_LOGMSG_PREFIX, f);

+ }

fputs("\n", fp);

}

if (modified != NULL && !RB_EMPTY(modified)) {

fprintf(fp, "%s Modified Files:", CVS_LOGMSG_PREFIX);

- RB_FOREACH(cf, cvs_flisthead, modified)

- fprintf(fp, "\n%s \t%s ", CVS_LOGMSG_PREFIX,

- dir != NULL ? basename(cf->file_path) :

- cf->file_path);

+ RB_FOREACH(cf, cvs_flisthead, modified) {

+ f = cf->file_path;

+ if (dir != NULL) {

+ if (strlcpy(path, f, sizeof(path)) >=

+ sizeof(path))

+ fatal("cvs_logmsg_create: truncation");

+ f = basename(path);

+ }

+ fprintf(fp, "\n%s \t%s ", CVS_LOGMSG_PREFIX, f);

+ }

fputs("\n", fp);

}

diff --git a/usr.bin/cvs/rcs.c b/usr.bin/cvs/rcs.c
index 6b4b6acd243..f4d0fb4f7cc 100644
--- a/usr.bin/cvs/rcs.c
+++ b/usr.bin/cvs/rcs.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: rcs.c,v 1.319 2019/06/28 13:35:00 deraadt Exp $ */

+/* $OpenBSD: rcs.c,v 1.320 2020/10/19 19:51:20 naddy Exp $ */

@@ -2183,8 +2183,8 @@ rcs_kwexp_line(char *rcsfile, struct rcs_delta *rdp, struct rcs_lines *lines,

int kwtype;

u_int j, found;

const u_char *c, *start, *fin, *end;

- char *kwstr;

- char expbuf[256], buf[256];

+ char *kwstr, *rcsfile_basename;

+ char expbuf[256], buf[256], path[PATH_MAX];

size_t clen, kwlen, len, tlen;

kwtype = 0;

@@ -2202,6 +2202,10 @@ rcs_kwexp_line(char *rcsfile, struct rcs_delta *rdp, struct rcs_lines *lines,

/* Final character in buffer. */

fin = c + len - 1;

+ if (strlcpy(path, rcsfile, sizeof(path)) >= sizeof(path))

+ fatal("rcs_kwexp_line: truncation");

+ rcsfile_basename = basename(path);

* Keyword formats:

* $Keyword$

@@ -2300,7 +2304,7 @@ rcs_kwexp_line(char *rcsfile, struct rcs_delta *rdp, struct rcs_lines *lines,

if (mode & RCS_KWEXP_VAL) {

if (kwtype & RCS_KW_RCSFILE) {

if (!(kwtype & RCS_KW_FULLPATH))

- (void)strlcat(expbuf, basename(rcsfile),

+ (void)strlcat(expbuf, rcsfile_basename,

sizeof(expbuf));

else

(void)strlcat(expbuf, rcsfile,

@@ -2376,7 +2380,7 @@ rcs_kwexp_line(char *rcsfile, struct rcs_delta *rdp, struct rcs_lines *lines,

/* Log line */

if (!(kwtype & RCS_KW_FULLPATH))

(void)strlcat(expbuf,

- basename(rcsfile), sizeof(expbuf));

+ rcsfile_basename, sizeof(expbuf));

else

(void)strlcat(expbuf, rcsfile,

sizeof(expbuf));

diff --git a/usr.bin/cvs/server.c b/usr.bin/cvs/server.c
index a1dcafb0f4c..076132dd603 100644
--- a/usr.bin/cvs/server.c
+++ b/usr.bin/cvs/server.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: server.c,v 1.105 2017/08/28 19:33:20 otto Exp $ */

+/* $OpenBSD: server.c,v 1.106 2020/10/19 19:51:20 naddy Exp $ */

@@ -324,6 +324,7 @@ cvs_server_directory(char *data)

{

CVSENTRIES *entlist;

char *dir, *repo, *parent, *entry, *dirn, *p;

+ char parentbuf[PATH_MAX], dirnbuf[PATH_MAX];

if (current_cvsroot == NULL)

fatal("No Root specified for Directory");

@@ -350,10 +351,14 @@ cvs_server_directory(char *data)

cvs_mkpath(p, NULL);

- if ((dirn = basename(p)) == NULL)

+ if (strlcpy(dirnbuf, p, sizeof(dirnbuf)) >= sizeof(dirnbuf))

+ fatal("cvs_server_directory: truncation");

+ if ((dirn = basename(dirnbuf)) == NULL)

fatal("cvs_server_directory: %s", strerror(errno));

- if ((parent = dirname(p)) == NULL)

+ if (strlcpy(parentbuf, p, sizeof(parentbuf)) >= sizeof(parentbuf))

+ fatal("cvs_server_directory: truncation");

+ if ((parent = dirname(parentbuf)) == NULL)

fatal("cvs_server_directory: %s", strerror(errno));

if (strcmp(parent, ".")) {