summaryrefslogtreecommitdiff
path: root/bin/pax
AgeCommit message (Collapse)Author
2017-10-09Better document what the -v flag actually does and that you canTodd C. Miller
specify it more than once. Adapted from a diff by and OK schwarze@
2017-09-16Carefully add casts to silence clang sign-compare warnings. ok millert@Otto Moerbeek
2017-09-12there is no offical way to get the max value of time_t, but this one worksOtto Moerbeek
on any sensible posix system (in which time_t must be an integer type) ok deraadt@ millert@
2017-09-10Backslash escapes the next character in filename patterns.Philip Guenther
ok millert@
2017-09-08Avoid clang warning and make code better by using a signed long;Otto Moerbeek
with hint from millert@; ok millert@ guenther@
2017-09-06intvar < sizeof(...) does not catch negative values since an int -> unsignedOtto Moerbeek
conversion is involved. Cast the sizeof to int to get a signed compare; ok deraadt@ bluhm@
2017-03-16buffer increase factor belongs in the nmemb field of reallocarray()Theo de Raadt
ok guenther
2017-03-11switch pax to using pledge tape instead of ioctl.Theo Buehler
ok kettenis
2017-01-23Slow down the churn and continue using old pledge name "ioctl" insteadTheo de Raadt
of "tape" for a week or so.
2017-01-23Split pledge "ioctl" into "tape" and "bpf", and allow SIOCGIFGROUP onlyTheo de Raadt
upon "inet". Adjust the 4 programs that care about this.
2017-01-21Nuke whitespace foolish enough to expose itself during the greatKenneth R Westerback
"warning:" rectification.
2016-12-26Put some variable declarations under appropriate #if/#endif protectionKenneth R Westerback
so gcc doesn't complain about defining but not using them. typo correction & ok jca@
2016-12-20Fix a bug where archives smaller than 512 bytes would trigger a next volumeMark Kettenis
prompt. From NetBSD. ok millert@, deraadt@
2016-08-26Need <time.h> for time() and others. Pulled in by coincidence previouslyPhilip Guenther
noted by tb@
2016-08-26-E NONE has *never* worked; it was always -E none. It's a dubious optionPhilip Guenther
value that merits a warning in the manpage and using 2 billion will get you practically the same effect, so delete the -E none support
2016-08-26options.h is only used by options.c; merge it into the .c filePhilip Guenther
reduce and sort #includes
2016-08-26reduce and sort #includesPhilip Guenther
2016-08-26tables.h is only used by tables.c; merge it into the .c filePhilip Guenther
<sys/time.h> is unnecessary; sort the #includes
2016-08-26<sys/time.h>, <errno.h>, and <stdlib.h> are unnecessary; sort #includesPhilip Guenther
2016-08-26sel_subs.h is only used by sel_subs.c; merge it into the .c filePhilip Guenther
<sys/time.h> and <unistd.h> are unnecessary, but <time.h> is; sort #includes
2016-08-26pat_rep.h is only used by pat_rep.c; merge it into the .c filePhilip Guenther
<sys/time.h>, <errno.h> and <unistd.h> are unnecessary; sort #includes
2016-08-26ftree.h is only used by ftree.c; merge it into the .c filePhilip Guenther
<sys/time.h> is unnecessary; sort #includes
2016-08-26Don't need <sys/time.h> or "options.h" herePhilip Guenther
2016-08-26cache.h is only used by cache.c; merge it into the .c filePhilip Guenther
<unistd.h> and <sys/time.h> are unneeded here ok by general acclaim
2016-08-25Replace name_{uid,gid}() with the libc routines user_from_uid() andPhilip Guenther
group_from_gid(). Eliminate some superfluous strncpy() calls. ok millert@
2016-08-24Make list-like output go to stderr when appending to an archive on stdout.Philip Guenther
Simplify the recognition of -f- and TAPE=- as meaning stdin/stdout. ok millert@
2016-08-24Treat cpio's -t option as a modifier to -i, so they're ordering independentPhilip Guenther
ok millert@
2016-08-23Instead of doing strcmp(argv0), track the invocation mode (pax/tar/cpio)Philip Guenther
in a separate variable ok deraadt@
2016-08-23Only try to set the times on a directory once, at the end, to avoidPhilip Guenther
duplication of warning messages ok krw@
2016-08-16Add HISTORY.Ingo Schwarze
From Sevan Janiyan <venture37 at geeklan dot co dot uk>. Verified using the CSRG archive CD.
2016-08-14Remove many unnecessary casts. Verified by comparing generated code onPhilip Guenther
both ILP32 and LP64. ok millert@
2016-08-14Replace u_quad_t with unsigned long long and replace "uqd" with "ull" inPhilip Guenther
function names to match. Pull some tangled assignments out of conditions and use >>= where possible. ok millert@
2016-06-23allow creation of devices or fifo without -p (as it is already allowed with -p)Sebastien Marie
diff from trondd at kagu-tsuchi com, enhanced by me for reordering promises ok deraadt@
2016-06-03new style overlords say to use continue in empty loops.Ted Unangst
this is easier to see and self documenting. ok openbsd
2016-04-19Switch from fgetln() to getline() to simplify error handling.Philip Guenther
Use syswarn() in more places which set errno and regularize the error messages. Skip empty lines in the input read for tar -T, cpio -E, and cpio stdin. based on diff from mmcc@ ok millert@
2016-02-16Ignore trailing slashes and skip over duplicate slashes in chk_path() toPhilip Guenther
avoid infinite loop when creating intermediate directories Fix based on diff by Nicolas Bedos (nicolas.bedos (at) gmail.com) ok millert@ ok and tweak zhuk@,
2016-02-15To archive a 101 character absolute path in ustar format we mustPhilip Guenther
split it on a slash other than the leading one. Fix based on patches from Peter Fokker (openbsd (at) berestijn.nl) and Peter Bisroev (peter (at) int19h.net)
2016-01-01don't declar main. from Michal MazurekTed Unangst
2015-12-24More adress -> addressmmcc
2015-12-16Replace "tame" by "pledge" in a comment.tb
2015-12-06pledge "dpath" to allow creation of nodes via mkfifo(2) and mknod(2)Theo de Raadt
NOTE: dpath requires a fairly new kernel ok semarie
2015-12-06Use __progname instead of manually handling argv[0].Tobias Stoeckmann
ok deraadt, mmcc, tedu
2015-11-17int -> size_t for a len fieldmmcc
ok guenther@, deraadt@
2015-10-14Use a strict $PATH of "/usr/bin:/usr/local/bin" to run the (de)compressorsTheo de Raadt
(gzip, compress, bzip2) rather than following the user's path. This seems easier than hardcoding the paths elsewhere and using basename(). pax/tar is pledged itself, but it can spawn one of these programs if asked. The three found at the strict path use pledge "stdio" very early during startup, providing a warm fuzzy pledge->exec->no-pledge->pledge interlock. For bzip2, this assumes use of the ports/packages version installed to /usr/local/bin, which has been pledged by sthen@. Doing a 'tar tvfz hostile.tgz' becomes a bit safer, since an attacker finding a buffer overflow or use after free has significantly fewer system calls available (only pledge "stdio" in the decompressor). ok millert sthen
2015-10-12reenable pledge(2) on pax, but only if pmode isn't in use or if actionSebastien Marie
shouldn't do things with filesystem. ok deraadt@ millert@
2015-10-12Revert the pledge() call on pax/ar_io.c for now.Sebastien Marie
A pledged program is not allowed to change user/group for others. "I think that makes the most sense" @sthen
2015-10-12preservation modes can adjust setugid bits, so no pledge is possible.Theo de Raadt
Otherwise, lay the groundwork for whether a gzip program may be run or not. After such a gzip program is started, pledge the program will not exec again. Took a few iterations to get this going... it is looking good. with guenther.
2015-09-13Describe tar's -p option correctlyPhilip Guenther
noted by trondd(at)kagu-tsuchi.com ok deraadt@
2015-05-18Make TAPE=- mean stdout in tarczarkoff
Some scripts and GUI ssh clients assume that tar writes to standard output by default. This changes allows enforcing such behavior by setting TAPE="-" in user profile. Also, this makes parsing argument to "-f" option and contents of TAPE environment variable consistent. OK guenther@, jmc@ and sthen@
2015-04-18Convert many atoi() calls to strtonum(), adding range checks and failureTheo de Raadt
handling along the way. Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert