Samanta Navarro [Sun, 8 Nov 2020 11:46:56 +0000 (11:46 +0000)]
libblkid: fix time_t handling
The time_t data type is a signed integer. A signed integer overflow is
not defined in C programming language.
A signed overflow occurs on 32 bit systems with 32 time_t for loop back
devices, e.g. when calling "blkid /dev/loop0". This happens because
bid_time is set to INT_MIN and the diff calculation cannot store the
result in time_t (positive int - INT_MIN > INT_MAX).
This fix changes the code to use an unsigned integer calculation. It
pretty much means that the code works as before, but well defined in C.
Checking diff to be positive protects the code against system setups
with dates before 1970 as well.
The time_t data type on modern Linux systems is 64 bit even for 32 bit
systems. Since long is 32 bit on these systems, long long is a better
data type for 64 bit output.
Karel Zak [Mon, 9 Nov 2020 10:06:27 +0000 (11:06 +0100)]
Merge branch 'vipw-shortwrite' of https://github.com/DankRank/util-linux
* 'vipw-shortwrite' of https://github.com/DankRank/util-linux:
ul_copy_file: make defines for return values
read_all: return 0 when EOF occurs after 0 bytes
ul_copy_file: add test program
ul_copy_file: handle EAGAIN and EINTR
ul_copy_file: use all_read/all_write
ul_copy_file: use BUFSSIZ for buffer size
nologin: use ul_copy_file
login: use ul_copy_file
configure.ac: check for sendfile
ul_copy_file: use sendfile
vipw: move copyfile to the lib
vipw: fix short write handling in copyfile
Egor Chelak [Fri, 6 Nov 2020 10:15:36 +0000 (12:15 +0200)]
configure.ac: check for sendfile
Do note that according to man sendfile, "Other UNIX systems implement
sendfile() with different semantics and prototypes."
If this is something we care about, a better check is needed.
Suggested-by: Karel Zak <kzak@redhat.com> Reviewed-by: Sami Kerola <kerolasa@iki.fi> Signed-off-by: Egor Chelak <egor.chelak@gmail.com>
Samanta Navarro [Sun, 8 Nov 2020 11:47:18 +0000 (11:47 +0000)]
libuuid: check quality of random bytes
If a libuuid application is unable to access /dev/random or /dev/urandom
then uuid generation by uuid_generate falls back to uuid_generate_time.
This could happen in chroot or container environments.
The function ul_random_get_bytes from lib/randutils.c uses getrandom if
it is available. This could either mean that the libuuid application
skips good random bytes because the character special files do not exist
or the application trusts in good random bytes just because these files
are accessible but not necessarily usable, e.g. limit of open file
descriptors reached, lack of data, kernel without getrandom, etc.
This commit modifies ul_random_get_bytes to return an integer which
indicates if random bytes are of good quality (0) or not (1). Callers
can decide based on this information if they want to discard the random
bytes. Only libuuid checks the return value. I decided to return 1
instead of -1 because -1 feels more like an error, but weak random bytes
can be totally fine.
Another issue is that getrandom sets errno to specific values only in
case of an error, i.e. with return value -1. Set errno to 0 explicitly
if getrandom succeeds so we do not enter the fallback routine for
ENOSYS by mistake. I do not think that this is likely to happen, but it
really depends on possible wrapper function supplied by a C library.
Samanta Navarro [Sun, 8 Nov 2020 11:45:18 +0000 (11:45 +0000)]
libblkid: allow a lot of mac partitions
If the map count is set to INT_MAX then the for loop does not stop
because its check is never false.
I have not found a correct upper limit. The other partition logics have
a maximum amount (exception is atari.c).
The loop itself wouldn't be endless. If the iteration reaches block 0
then the signature will be wrong. This means that map count = INT_MAX
case would fail even if such a setup would be correct on disk.
Karel Zak [Fri, 6 Nov 2020 08:44:52 +0000 (09:44 +0100)]
Merge branch 'whereis' of https://github.com/ferivoz/util-linux
* 'whereis' of https://github.com/ferivoz/util-linux:
whereis: extend test case
whereis: filter bin, man and src differently
whereis: do not strip suffixes
whereis: do not ignore trailing numbers
whereis: add --disable-whereis to configure
whereis: add lib32 directories
whereis: support zst compressed man pages
whereis: fix out of boundary read
`--json` implies `--dump`, thus `--json --dump` must be
allowed. `--list-free` is incompatible with `--dump`, and thus also
with `--json`. Currently `--json --dump` is prohibited, even though
`--list-free` is not specified at all.
Samanta Navarro [Wed, 4 Nov 2020 11:38:00 +0000 (11:38 +0000)]
whereis: filter bin, man and src differently
Consider "s." prefixes for source code files only (even though I do not
know which VCS does that), compression suffixes for manual pages and
strict matching for executables.
Calling "whereis python3" is kind of okay to return python3.8 next to
python3, but python3.8-config is not the same tool as python3.
Samanta Navarro [Wed, 4 Nov 2020 11:37:00 +0000 (11:37 +0000)]
whereis: do not strip suffixes
The whereis implementations of FreeBSD, macOS, NetBSD, and OpenBSD do
not strip suffixes. Although whereis is not a POSIX tool and has no
shared standard, even its manual page indicates that the supplied names
are command names.
Commands do not have a suffix on Linux systems.
Stripping suffixes actually leads to issues with tools like fsck.ext4,
since fsck.ext4 is not the same tool as fsck and definitely not the same
tool as fsck.minix.
Samanta Navarro [Wed, 4 Nov 2020 11:36:00 +0000 (11:36 +0000)]
whereis: do not ignore trailing numbers
The commands diff and diff3 are so distinct that their manual pages
should not be mixed in whereis output.
Theoretically this works for commands and binaries with links to each
other, e.g. gpg and gpg2, but if gpg is version 1 and gpg2 is version 2
then manual pages do not match either.
Also the while loop does not decrement "i" while incrementing "dp". The
effect of this is that the output of whereis depends on manual pages
being compressed or not.
The easiest solution is to not ignore trailing numbers.
Egor Chelak [Thu, 29 Oct 2020 17:06:13 +0000 (19:06 +0200)]
vipw: fix short write handling in copyfile
Since `off` and `nr` approach each other, the for-loop ends prematurely
when at least half of the buffer was written. I think under certain
conditions this could cause the copy to be incomplete.
Karel Zak [Wed, 21 Oct 2020 09:08:11 +0000 (11:08 +0200)]
Merge branch 'ul-refactor' of https://github.com/kerolasa/util-linux
* 'ul-refactor' of https://github.com/kerolasa/util-linux:
ul: flip comparisons to lesser to greater order
ul: use size_t to measure memory allocation size
ul: improve function and variable names
ul: rename enumerated mode symbols
ul: remove function like putwp preprocessor define
ul: free most allocations ncurses did during setupterm()
ul: replace global runtime variables with a control structure
ul: add a term capabilities tracking structure
ul: remove function prototypes
ul: tidy up coding style
ul: add basic tests
Karel Zak [Wed, 21 Oct 2020 08:19:26 +0000 (10:19 +0200)]
cal: do not use putp(), directly use stdio functions
It seems our putp() based output is not portable as some ncurses
implementations strictly follow POSIX where putp() accepts only
terminfo capability strings and nothing else.
We already use standard stdio.h functions to output terminfo strings
(e.g. for colors). It seems we can do the same for cal(1) to
highlight the current day.
Note that mix putp() and fputs() is bad idea due to different
buffering ways in some cases (see cal.c git log for more details).
This patch also reduces complexity of the code as we can directly
output to stdout without snprintf to string.
Addresses: https://github.com/karelzak/util-linux/pull/1167 Signed-off-by: Karel Zak <kzak@redhat.com>
Sami Kerola [Fri, 16 Oct 2020 21:26:15 +0000 (22:26 +0100)]
ul: use size_t to measure memory allocation size
The size_t is the type libc memory allocation functions use. The size_t
also provides allocation range that is enough not to a simple tool like this
to perform paranoia size checks. Just let the realloc(3) fail if there is
not enough memory available to handle the requested line size. That is a
lot more straightforward.
Sami Kerola [Wed, 14 Oct 2020 21:51:37 +0000 (22:51 +0100)]
ul: rename enumerated mode symbols
First two are are ISO/IEC 2022 graphic character sets G0 (normal) and G1
(alternative), that one has to Switch In (SI) and Switch Out (SO). The rest
are about how ul(1) is interacting with various text emphasis.
Reference: https://tldp.org/HOWTO/Keyboard-and-Console-HOWTO-6.html Signed-off-by: Sami Kerola <kerolasa@iki.fi>
There's a couple of places which use varients on "0x%u" in format strings;
that's almost always wrong - you either want 0x%x or just %u. In libmount's
case it's flags, so I'm assuming the intention really is hex. In the ja.po
case it's %u in the original msgid.
Signed-off-by: Dr. David Alan Gilbert <dave@treblig.org>
Sami Kerola [Sun, 9 Aug 2020 11:59:38 +0000 (12:59 +0100)]
fsck, libblkid: fix printf format string issue [coverity scan]
According to coverirty a printf format string contains an unrecognized
format specifier (CWE-628). Lets avoid glibc extension "%m" that is same
as "%s", strerror(errno).
CID: 360699
CID: 360718 Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Dusty Mabe [Tue, 13 Oct 2020 15:26:16 +0000 (11:26 -0400)]
fstrim: remove fstab condition from fstrim.timer
In 9995da0 we added support to fstrim to be able to fall back to
`/proc/self/mountinfo` if `/etc/fstab` didn't exist, but we forgot
to remove the `/etc/fstab` condition from the timer. Let's remove
that condition from the timer so we can go back to periodically
running `fstrim.service`.
Karel Zak [Tue, 13 Oct 2020 08:31:42 +0000 (10:31 +0200)]
losetup: avoid infinite busy loop
issue report:
if i run the heavy duty test from #16859 a couple of times I can get
the loopback layer in the kernel into a state where there's a loopback
block device allocated, that you can open, but where both LOOP_CLR_FD
and _SET_FD fail with EBUSY. and /dev/loop-control still returns it as
the next free one... weird state util-linux losetup when called to
allocate a new device then freezes
This commit:
* restrict number of attempts to 16
* use 200000ms sleep between attempts
* add note about non-atomic loop device setup to the man page
Reported-by: Lennart Poettering <lennart@poettering.net> Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Tue, 6 Oct 2020 11:26:36 +0000 (13:26 +0200)]
build-sys: exclude GPL from libcommon
The library is not distributed and almost all code in this ar(1)
archive is Public Domain or LGPL ... but let's avoid any doubts and do
not mix non-GPL and GPL code there.
Addresses: https://github.com/karelzak/util-linux/issues/1157 Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Tue, 6 Oct 2020 11:15:29 +0000 (13:15 +0200)]
lib/procutils: use Public Domain for this file
It's was originally GPL, but all the current code in the file is from
me and I don't think it makes sense to use GPL here anymore. We need
to use lib/ files in LGPL as well as in GPL binaries, etc. Let's makes
things (build-system) less complicated.
Karel Zak [Thu, 1 Oct 2020 12:04:21 +0000 (14:04 +0200)]
login: use mem2strcpy() rather than rely on printf()
The strings from utmp does not have to be terminated. It's seems
better to explicitly terminate it than rely on "%.*s" printf()
functionality -- printf() man page assumes that "If a precision is
given, no null byte need be present", but static analyzers are pretty
unhappy with it.
projects / thirdparty / util-linux.git / log
