Age | Commit message (Collapse) | Author |
|
o check return values of malloc and friends
o use strdup() when sensible
|
|
o Style nits
o Use const to silent stupid -Wall warnings
o strnc{py,at} -> strlc{py,at}
o Use strpbrk() instead of homegrown anyof()
o Use NULL instead of #defines with 0 cast to a pointer
This still could use a proper audit
|
|
Instead, routines responsible to gathering user input (or in some
cases outputting data) catch the signals and set flags as needed.
Because of this some handlers are install without the SA_RESTART
flag so syscalls are not restarted and we can check the flag. All
signal handlers are now safe.
This should make the flow of control a bit more grokable but the
code is still ugly.
|
|
- edit and other interactive commands have no stdin (making the
command completely broken).
- messages with "From " line having date format with -0800 type of timezone
are not recognized correctly.
|
|
o escape From line with a leading '>' when needed
o only print To: address and Subject lines if actually present
o new variable 'allnet' to treat user@foo and user@bar as the same "user"
o folders command now takes an optional argument like ls.
o new "pipe" (|) command to pipe the message through an arbitrary command
o make header display format the same as SunOS 4.1.3 /usr/ucb/mail
o tilde commands work regardless of interactive mode.
o fix "read: Interrupted system call" error by retrying if EINTR
o expanded help file
Changes by me:
o read the help file via the PAGER as it is now more than 24 lines long
|
|
|
|
constant). These are not security holes but it is worth fixing
them anyway both for robustness and so folks looking for examples
in the tree are not misled into doing something potentially dangerous.
Furthermore, it is a bad idea to assume that pathnames will not
include '%' in them and that error routines don't return strings
with '%' in them (especially in light of the possibility of locales).
|
|
inc so the count of new messages is useful afterwards. This makes
mail behave more like the SunOS version in this respect.
|
|
replace panic() with calls to err()/errx()
use S_IS* instead of doing by hand with S_IF*.
Use TIMESPEC_TO_TIMEVAL() and gettimeofday instead of time(2)
Use _POSIX_VDISABLE, not 0
Kill register
|
|
Change some strcpy() -> strncpy() out of paranoia.
|
|
Much more remains to be done.
|
|
Use sigsetjmp/siglongjmp instead of sigjmp/longjmp for portability.
|
|
|
|
- handle long lines safely (from NetBSD)
- use puts/fputs and putchar/putc when it makes sense
- use err/errx and warn/warnx when it makes sense
- make return() and sizeof() style consisten
- some more buffer safety
|
|
|
|
spool, change an occurrence of tempnam() to mkstemp(), change some
longs and shorts to ints. Mail is now usable again.
|
|
- Fix PR/105: Implement dot locking protocol and check return value of flock.
- Fix PR/2247: Don't call unknown users "ubluit". Issue an error message.
- Fix/add prototypes.
- Fix warnings.
- Use POSIX signal mask calls.
|
|
|