Age | Commit message (Collapse) | Author |
|
3rd (variadic) mode_t parameter is irrelevant. Many developers in the past
have passed mode_t (0, 044, 0644, or such), which might lead future people
to copy this broken idiom, and perhaps even believe this parameter has some
meaning or implication or application. Delete them all.
This comes out of a conversation where tb@ noticed that a strange (but
intentional) pledge behaviour is to always knock-out high-bits from
mode_t on a number of system calls as a safety factor, and his bewilderment
that this appeared to be happening against valid modes (at least visually),
but no sorry, they are all irrelevant junk. They could all be 0xdeafbeef.
ok millert
|
|
be opened is on stty -f `file', so call unveil(2) afterwards to restrict all fs
access.
OK deraadt@
|
|
functions that take "char *" arguments. Where such chars are
assigned to int or passed to ctype functions, explicitly cast them
to unsigned char.
For OpenBSD's clang, -Wpointer-sign has been disabled by default,
but when the parse.y code was built elsewhere, the compiler would
complain.
With help from millert@
ok benno@ deraadt@
|
|
invalid matches and unexpected behaviour.
Fix this by instead making a NUL character abort the search-history mode,
leaving the handling of said input to the "ordinary" command editing.
ok tb@
|
|
this fixes a bug in bacula where the catalog was not properly kept
up-to-date if a tape was in a drive becuse its source slot was
unknown
based on code from FreeBSD; ok krw@
picker 0: sense: <0x00/0x00> voltag: <:0> avoltag: <:0> source: <>
slot 0: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1168L1:0> avoltag: <:0> source: <slot 0>
slot 1: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1187L1:0> avoltag: <:0> source: <slot 1>
slot 2: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1184L1:0> avoltag: <:0> source: <slot 2>
slot 3: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1195L1:0> avoltag: <:0> source: <slot 3>
slot 4: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1037L1:0> avoltag: <:0> source: <slot 4>
slot 5: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1038L1:0> avoltag: <:0> source: <slot 5>
slot 6: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1166L1:0> avoltag: <:0> source: <slot 6>
slot 7: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1167L1:0> avoltag: <:0> source: <slot 7>
slot 8: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1180L1:0> avoltag: <:0> source: <slot 8>
slot 9: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1186L1:0> avoltag: <:0> source: <slot 9>
slot 10: <ACCESS> sense: <0x00/0x00> voltag: <:0> avoltag: <:0> source: <picker 0>
slot 11: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1182L1:0> avoltag: <:0> source: <slot 11>
slot 12: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1181L1:0> avoltag: <:0> source: <slot 12>
slot 13: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1196L1:0> avoltag: <:0> source: <slot 13>
slot 14: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1169L1:0> avoltag: <:0> source: <slot 14>
slot 15: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1197L1:0> avoltag: <:0> source: <slot 15>
slot 16: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1165L1:0> avoltag: <:0> source: <slot 16>
slot 17: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1199L1:0> avoltag: <:0> source: <slot 17>
slot 18: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1189L1:0> avoltag: <:0> source: <slot 18>
slot 19: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1185L1:0> avoltag: <:0> source: <slot 19>
slot 20: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1198L1:0> avoltag: <:0> source: <slot 20>
slot 21: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1039L1:0> avoltag: <:0> source: <slot 21>
slot 22: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1035L1:0> avoltag: <:0> source: <slot 22>
slot 23: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1188L1:0> avoltag: <:0> source: <slot 23>
drive 0: <ACCESS,FULL> sense: <0x00/0x00> voltag: <XX1183L1:0> avoltag: <:0> source: <slot 10>
|
|
with help from sthen@ and tim@. OK tim@
|
|
than mktime(3) because the UNIX Epoch is defined in UTC rather than
in the local timezone.
Combining %s with other format specifiers is usually not useful.
But if a user does that, then parsing the whole input as UTC seems
better than parsing some of it as UTC and some of it in the local
time zone.
Bug found by Bryan Vyhmeister.
The final patch is joint work with and OK by gerhard@.
No objection when shown on tech@.
|
|
fails to report the path that the failure occured on. Suggested by
deraadt@ after some tech discussion.
Work done and verified by Ashton Fagg <ashton@fagg.id.au>
ok deraadt@ semarie@ claudio@
|
|
This avoids a cpu loop for "while do done" and is consistent with
the behavior of AT&T ksh and most other shells. OK jca@ halex@
|
|
ok millert
|
|
4-byte UTF-8 sequences and not just some of them, to keep them together
and avoid passing them on byte by byte, helping tools like tmux(1).
While here, also do all the range tests with < and > rather than &
for uniformity and readability, and add some comments.
Input and OK jca@ and nicm@.
Soeren at Soeren dash Tempel dot net originally reported the bug
and provided an incomplete patch that was used as a starting point,
and he also tested this final patch.
|
|
far better in the manual pages
ok jmc
|
|
headers (hd->size) using a 32-bit operation.
from Samanta Navarro
ok guenther
|
|
Add a prominent deprecation notice to getopt.1.
Add examples of the getopts idiom to sh.1 and ksh.1.
Requested by and ok espie@, ok jmc@
|
|
to understand)
from Edgar Pettijohn
|
|
From Daniel Kovacic <daniel dot kovacic at unbugd dot com>, thanks!
No object change.
|
|
Fixes a portability issue. From Benjamin Baier
|
|
so escape it;
|
|
From gotroyb127, OK tb@
|
|
From gotroyb127 OK tb@
|
|
|
|
and installing USD/SMM/PSD docs.
jmc@ agrees with the direction, ok millert@ on an earlier diff
|
|
This results, e.g., in allowing the first item of a read-only array to
be overwritten, as found by Jordan Geoghegan.
okay tb@
|
|
If we bump 'lines' from an int to an unsigned long long we can
trivially support files with more than INT_MAX lines.
ok millert@
|
|
- Use getprogname(3) instead of __progname.
- Sprinkle in some missing braces.
- Prefer err(..., NULL) when malloc(3) fails.
- Remove an unnecessary cast to from ssize_t to size_t.
|
|
cook_args() and raw_args() do some peculiar things in order to avoid
calling cook_buf() and raw_cat(), respectively, in more than one
place. The result is a convoluted. If we isolate the special cases
from the normal case and just call these functions in multiple places
the loops will be easier to read.
Three things:
1. Pull the no-args case out of the loop. If *argv is NULL when we
get into the argv processing function we just want to operate on
the standard input and return early. It makes no sense to handle
this case *in* the loop.
2. Isolate the "-" case from the filename case. If *argv is "-" we want
to operate on the standard input. We can then do any stdin-specific
cleanup within the same branch, which makes it easier to understand
both the "-" case and the normal filename case. This also allows us
to remove the 'filename' intermediate variable from both argv processing
functions.
3. While we're here, use a for-loop and iterate argv in the loop header.
Now argv is incremented in one place.
ok martijn@
|
|
There is no need for the global filename variable. Both cook_buf()
and raw_cat() can accept a filename variable from the caller to use
for printing warnings.
ok martijn@
|
|
input/ok deraadt jca
|
|
Mark the pointer used to walk the array in ksh const as well.
From Matthew Martin
ok guenther
|
|
OK deraddt@
|
|
non-POSIX basename semantics.
ok millert@
|
|
we have no entries to print (either due to an empty directory or
an error). This makes the -l and -s options more consistent, and
matches the behavior of AT&T and GNU ls. From FreeBSD (das).
OK kn@
|
|
perform tty(4) ioctl operations against a non-tty. That is a pledge
violation, you can only do a subset of tty(4) ioctl against a fd which
references a tty device. Sidestep this problem if the input descriptor is
not a tty
ok anton millert
|
|
to make it read better;
reported by roderick
ok millert
|
|
We can't rely on buffering to catch write errors in fflush().
Based on a diff from Demi M. Obenour, OK kn@
|
|
This is similar to the emacs mode clear-screen command. Unlike
bash, but like zsh, ^L also works in input mode, not just command
mode. OK kn@ tb@
|
|
One uncommon but useful way of writing shell scripts is to start off by
disabling field/word splitting (IFS='') and pathname expansion/globbing
(set -f), re-enabling either or both only for the commands that need
them, e.g. within a subshell. This helps avoid a lot of snags with field
splitting and globbing if you forget to quote a variable somewhere,
adding to the general robustness of a script. (In fact it eliminates
much of the need to quote variable/parameter expansions, with empty
removal remaining as the only issue.)
Unfortunately OpenBSD ksh (like all pdksh variants except mksh) has a
POSIX compliance bug that is a show stopper for this approach: "$@" does
not generate words (arguments) if IFS is empty. As a result, the
separate command arguments represented by "$@" become a single argument.
So passing on an intact set of positional parameters to a command or
function is impossible with field splitting disabled.
Of course this is illogical: the quoted special parameter "$@" generates
zero or more words, it doesn't split any words, so the contents of IFS
(or lack thereof) should be neither here nor there. It's old ksh88
behaviour copied by the original pdksh, but it violates POSIX and it has
been fixed many years ago in ksh93 and all other POSIX shells.
From Martijn Dekker (who also wrote the above paragraphs) back in 2016.
Thanks to Avi Halachmi for reminding us of the issue.
ok czarkoff deraadt kn
|
|
ok millert@
|
|
it results in the same, but is incorrect.
ok millert
|
|
OK tb@
|
|
We don't need to be too specific about this in su(1), leave the
details for csh(1). OK jca@
|
|
With the pipefail option set, the exit status of a pipeline is 0 if all
commands succeed, or the return status of the rightmost command that
fails. This can help stronger error checking, but is not a silver
bullet. For example, commands will exhibit a non-zero exit status if
they're killed by a SIGPIPE when writing to a pipe. Yet pipefail was
considered useful enough to be included in the next POSIX standard.
This implementation remembers the value of the pipefail option when
a pipeline is started, as described as option 1) in
https://www.austingroupbugs.net/view.php?id=789#c4102
Requested by ajacoutot@, ok millert@
|
|
Previously, our ls would only print the directory name when listing
more than one directory, which is the correct behavior for non-recursive
ls but not for -R mode. OK deraadt@
|
|
It is not enough to avoid displaying the contents of the directory,
we need to set FTS_SKIP to avoid descending into any subdirs too.
Otherwise, if a ".foo" directory has a subdirectory "bar", ls will
descend into bar and display its contents. OK deraadt@
|
|
terminate the shell when running under -e.
See also https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=269067 and
Bug reported including fix by Leah Neukirchen, Thanks!
ok millert@
|
|
but additionally have a bootblock in the first 8K (since UFS does not use that
space). There are some UEFI direct-from-internet bootloaders that require
the name *.img. So this makes things more convenient for those, while keeping
it consistant in all architectures.
ok kettenis beck kn
|
|
Mixing up function and void pointers isn't defined by POSIX or the
C standard. POSIX only specifies that casting the result of dlsym(3) to
an appropriate function pointer works.
Avoid all this by using a typedef.
from Michael Forney, ok tb@
|
|
show a less confusing track
okay millert@ (with a small tweak to the error message by millert@)
|
|
- Sort includes alphabetically
- Sort prototypes alphabetically
- Sort stack variables by size
- Add missing braces to the getopt(3) loop
- Be explicit: there is *one* argument, so use argv[0], not *argv
- If nanosleep(2) somehow fails, say that "nanosleep" failed when
we err(3)
- Remove extra parentheses from the return statement
- De-(void) the obvious fprintf(3) in usage()
- __progname -> getprogname(3)
- POSIX 1003.2 has long since become POSIX.1
- Remove an ARGUSED linter comment
- stdio(3) flushing is not the only potential issue with an exit(3)
from a signal handler. Just note that exit(3) isn't safe and leave
it at that.
|
|
the environment at shell initialization time. During startup, ksh calls
'eval typeset -i TMOUT="${TMOUT:-0}"'. which allows command injection via
arithmetic expansion, e.g., by setting TMOUT to 'x[`/bin/echo Hi >&2`]'.
Problem noted by Andras Farkas and tj, inspired by a similar issue in
AT&T's ksh. Tested in snaps for two weeks.
"go for it" deraadt
|