| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Check if the length of the parsed string is at least 1,
otherwise an out of boundary read would occur.
|
|
|
|
|
|
| |
free() is not a safe function for a signal handler. The next
line calls _exit() anyway, so there is no need for resource
management.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The text-utility ul can run into a buffer overflow on very long lines.
See this proof of concept how to reproduce the issue:
$ dd if=/dev/zero bs=1M count=10 | tr '\000' '\041' > poc.txt
$ echo -ne '\xe\x5f\x8\x5f\x61\x2\xf\x5f\x8\x5f' | dd of=poc.txt conv=notrunc
$ ul -i poc.txt > /dev/null # output would take ages
Segmentation fault
$ _
The problem manifests by using alloca with "maxcol", which can be as
large as INT_MAX, based on the input line.
A very long line (> 8 MB) with modes must be supplied to ul, as seen in
my proof of concept byte sequence above.
It is rather easy to fix this issue: allocate space on the heap instead.
maxcol could overflow here, but in that case no system will have enough
space to handle the request, properly ending ul through an err() call.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
|
|
|
|
| |
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Casting the value to be checked to size_t renders the check useless.
If st_size is SIZE_MAX+1, it will be truncated to 0 and the check
succeeds. In fact, this check can never be false because every value
stored in a size_t is smaller or equal to SIZE_MAX.
I think this adjustment was meant to fix a compiler warning for 64 bit
systems for which sizeof(off_t) is sizeof(size_t), but the signedness
differs.
Going unconditionally to the greatest possible unsigned int type if
st_size is positive (off_t is signed) will fix this issue.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
tailf crashes with a segmentation fault when used with a file that is
exactly 4GB in size due to an integer overflow between off_t and size_t:
$ dd if=/dev/zero of=tailf.crash bs=1 count=1 seek=4294967295
$ tailf tailf.crash
Segmentation fault
$ _
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
| |
It seems our crazy widechar.h is in conflict with ncurses, but it
seems that nothing in more.c requires anything from ncurses. All we
need is probably <term.h>.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
| |
Fix various typos in error messages, warnings, debug strings,
comments and names of static functions.
Signed-off-by: Sebastian Rasmussen <sebras@gmail.com>
|
|
|
|
| |
Signed-off-by: Sebastian Rasmussen <sebras@gmail.com>
|
|
|
|
|
|
|
| |
Some inputs make getwc(3) not to progress file descriptor and neither to
report EILSEQ. Detect such situation and skip the bad input.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
| |
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
|
|
|
|
|
|
| |
Such cast could hide serious compiler warnings in case we are
missing includes (e.g. <stdlib.h> or "xalloc.h").
See
http://stackoverflow.com/questions/605845/do-i-cast-the-result-of-malloc
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| | |
As documented in the manual and the usage info, the long options
--one-byte-char, --canonical, and --two-bytes-octal should not accept
any arguments.
Signed-off-by: Phil Ruffwind <rf@rufflewind.com>
|
|/
|
|
|
|
|
|
|
| |
features.h: any glibc header includes this already
libgen.h: was unused there
sys/uio.h: for writev(3p)
sys/queue.h seems like it was never used
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
|
|
|
| |
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
|
|
|
|
|
|
|
| |
We were missing our nice compliler warnings for many programs
and libs. See next commits how many trivial and non-trival
warnings have to be fixed.
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
|
|
|
|
|
| |
On BSD they are part of the standard C library.
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
This implementation aims to be easier to read, more robust dealing all sorts
of unexpected inputs, and possibly even more correct. The correctness
refers to last line handling this implementation does differently than the
previous. With the previous last line that ended to EOF without \n was not
printed.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
It is unlikely anyone is going to build this project on system where
libtermcap is available. Fedora project obsoleted libtermcap 2007-12-12 in
favour of ncurses. Debian made same move 2005.
Reference: https://fedoraproject.org/wiki/Deprecated_packages
Reference: https://www.debian.org/doc/manuals/debian-faq/ch-compat.en.html#s-termcap
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
echo -e '\033[33mb\033[mXFoo\n\033[33mbar\033[mXFoo' | column -s X -t
old version:
b Foo
bar Foo
fixed version:
b Foo
bar Foo
References: https://github.com/karelzak/util-linux/issues/252
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Almost any code calling get_terminal_width() checks returned width for
non-positive values and sets it to some default value (say, 80). So,
let's pass this default value directly to the function.
[kzak@redhat.com: - get_terminal_width() refactoring]
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
$ printf 'a\nb\n' | echo $(./line) :: $(./line)
broken version:
a ::
fixed version:
a :: b
Addresses: https://github.com/karelzak/util-linux/issues/236
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
==2807==ERROR: AddressSanitizer: global-buffer-overflow on address 0x0000013a31f0 at pc 0x0000004e3047 bp 0x7fffcb7df8d0 sp 0x7fffcb7df8c8
READ of size 4 at 0x0000013a31f0 thread T0
#0 0x4e3046 in move /home/src/util-linux/text-utils/colcrt.c:309:13
#1 0x4e25b1 in pflush /home/src/util-linux/text-utils/colcrt.c:264:3
#2 0x4e246d in colcrt /home/src/util-linux/text-utils/colcrt.c:157:4
#3 0x4e17d4 in main /home/src/util-linux/text-utils/colcrt.c:141:3
#4 0x7fb0cb2ee60f in __libc_start_main (/usr/lib/libc.so.6+0x2060f)
#5 0x4362c8 in _start (/home/src/util-linux/colcrt+0x4362c8)
0x0000013a31f0 is located 0 bytes to the right of global variable 'page' defined in 'text-utils/colcrt.c:73:9' (0x1380b40) of size 140976
SUMMARY: AddressSanitizer: global-buffer-overflow /home/src/util-linux/text-utils/colcrt.c:309 move
And another crash:
==4578==ERROR: AddressSanitizer: global-buffer-overflow on address 0x0000013a3d24 at pc 0x0000004e2510 bp 0x7ffc9257b0e0 sp 0x7ffc9257b0d8
READ of size 4 at 0x0000013a3d24 thread T0
#0 0x4e250f in colcrt /home/src/util-linux/text-utils/colcrt.c:218:8
#1 0x4e17d4 in main /home/src/util-linux/text-utils/colcrt.c:141:3
#2 0x7fe0ac94160f in __libc_start_main (/usr/lib/libc.so.6+0x2060f)
#3 0x4362c8 in _start (/home/src/util-linux/colcrt+0x4362c8)
0x0000013a3d24 is located 8 bytes to the right of global variable 'page' defined in 'text-utils/colcrt.c:73:9' (0x1381240) of size 142044
SUMMARY: AddressSanitizer: global-buffer-overflow /home/src/util-linux/text-utils/colcrt.c:218 colcrt
Reported-by: Alaa Mubaied <alaamubaied@gmail.com>
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
text-utils/colcrt.c:205:10: runtime error: index -1 out of bounds for type 'wchar_t [133]'
SUMMARY: AddressSanitizer: undefined-behavior text-utils/colcrt.c:205
=================================================================
==2357==ERROR: AddressSanitizer: global-buffer-overflow on address 0x0000013811b0 at pc 0x0000004e2514 bp 0x7ffdf6ba4450 sp 0x7ffdf6ba4448
READ of size 4 at 0x0000013811b0 thread T0
#0 0x4e2513 in colcrt /home/src/util-linux/text-utils/colcrt.c:213:8
#1 0x4e17d4 in main /home/src/util-linux/text-utils/colcrt.c:139:3
#2 0x7fb77236960f in __libc_start_main (/usr/lib/libc.so.6+0x2060f)
#3 0x4362c8 in _start (/home/src/util-linux/colcrt+0x4362c8)
Reported-by: Alaa Mubaied <alaamubaied@gmail.com>
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
| |
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
| |
no comment, just F*CK YOU to the original author of this crap...
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
| |
Reported-by: Reuti <reuti@staff.uni-marburg.de>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
We want to remove it in 2 years, March 2017.
See discussion "tailf, really needed?"
http://thread.gmane.org/gmane.linux.utilities.util-linux-ng/10967
[kzak@redhat.com: - move warning to usage()]
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
| |
Let's use size_t for number of output lines and use fwrite() rather
than while() { putchar() };
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
The tailf(1) never worked very well with block or character devices,
sockets, fifos and such. Now after mmap() is used to find last lines
even the little command used to work for example pipes is broken, so test
the tailf is asked to follow a file and when not fail. That said
symlinks are OK, as long they point to a file.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
| |
Before mmap() the command behavior was not completely correct, as
demonstrated below, and after the mmap() it tried to print some eighteen
quintillion lines.
$ tailf -n-1 x
tailf: cannot allocate 18446744073709543424 bytes: Cannot allocate memory
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
|
|
| |
When last lines happen to be greater than string buffer size for fgets()
the number of printed lines resulted to too few. To avoid miscounts due
insufficient buffer size use mmap() to map the whole file and rewind
until requested number of new lines is found.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current implementation assumes that all terminals supports colors
and users are forcet to use terminal-colors.d/ to disable colors for
some terminals.
This patch checks for maximal supported colors for the current
terminal and colors are automatically disabled for terminals like
vt100.
The patch moves lib/colors.c from libcommon.la to libtcolors.la to
avoid collisions with another utils.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
| |
cfdisk, fdisk, calm dmesg and hexdump
Signed-off-by: Karel Zak <kzak@redhat.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
| |
The message "stat failed %s" seems to say that stat() failed to
do something, or failed to pass a test, but of course it means
that the statting of something failed. So say so. Also make
two very similar messages equal to this one.
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
|
|
|
|
|
| |
Repeating a search for a pattern that did not found made more(1) to
crash. To reproduce 'more /etc/services' and search for 'doom'; you will
find a service in port 666 - pressing '.' after that result used to cause
core dump.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
| |
Signed-off-by: J William Piggott <elseifthen@gmx.com>
|
|
|
|
|
|
|
| |
Transform some of them into copyright lines.
Also fix three header lines and snip some trailing whitespace.
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
|
|
|
| |
The FIXME item has been in place since 2011-04-30, and the code has never
made sense, so remove it.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
| |
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
|
|
| |
Also use the standard macros for outputting it.
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
|
|
|
|
|
| |
This adds a concise description of a tool to its usage text.
A first form of this patch was proposed by Steven Honeyman
(see http://www.spinics.net/lists/util-linux-ng/msg09994.html).
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
| |
The mbrtowc() return values are overflowing by design.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
|
| |
This change add --help and --version print outs, checking at exit the
stdout write was successful, and as a minor thing the command is made to
use wide char functions to read and write inputs.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|