Sami Kerola [Thu, 27 Aug 2015 13:21:26 +0000 (14:21 +0100)]
cal: correct gregorian week numbering
Jan 1 is always First week, and year always has 53 weeks. The week 53
may be cut short, e.g., it may and often has fewer than 7 days. Every
year 28 year intervals US week numbering continues all the way to 54th
week, such as 1972, 2000, and 2028.
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1249486 Reported-by: Michal Toth Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Kees Cook [Wed, 26 Aug 2015 21:39:21 +0000 (14:39 -0700)]
tests: add very long mount line to libmount mtab
Very long mount lines from the kernel (either from escaping or from giant
option lists) could exceed BUFSIZ, leading to parsing failures. This
adds a test for the condition.
Karel Zak [Thu, 27 Aug 2015 08:49:39 +0000 (10:49 +0200)]
libmount: handle arbitrary line length for mounts
Based on patch from Kees Cook, he wrote:
> The kernel's maximum path length is PATH_MAX (4096). The use of BUFSIZ
> (8192) would seem sufficient for reading mountinfo files, but it's
> not. Paths may contain escaped characters (requiring 4x as many bytes
> to read), and filesystem options are of unknown length. To avoid
> mounts being either intentionally or unintentionally hidden from
> libmount and its users, we must accept arbitrary length lines when
> parsing.
>
> Long valid entries are currently ignored, with warnings like this:
> mount: /proc/self/mountinfo: parse error: ignore entry at line 11.
> mount: /proc/self/mountinfo: parse error: ignore entry at line 12.
>
> Instead of using a malloc on every line parsed from mount files, do it
> once per mount file context, growing it as needed. The general case
> will never grow it.
I have moved the parser stuff to the new struct libmnt_parser, maybe
we can move more things (e.g. libmnt_table->fmt) to this struct later.
Reported-by: Kees Cook <keescook@chromium.org> Signed-off-by: Karel Zak <kzak@redhat.com>
hwclock: fix fgets unchecked return value warning on alpha
Build warning:
sys-utils/hwclock-cmos.c: In function 'is_in_cpuinfo':
sys-utils/hwclock-cmos.c:162:4: warning: ignoring return value of 'fgets', declared with attribute warn_unused_result [-Wunused-result]
fgets(field, 256, cpuinfo);
Full build log:
https://buildd.debian.org/status/fetch.php?pkg=util-linux&arch=alpha&ver=2.26.2-9&stamp=1440078034
hwclock: fix signed/unsigned comparison warning on alpha
Fixes the following warning:
sys-utils/hwclock.c: In function 'manipulate_epoch':
sys-utils/hwclock.c:1465:17: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
if (epoch_opt == -1)
Full build log available on:
https://buildd.debian.org/status/fetch.php?pkg=util-linux&arch=alpha&ver=2.26.2-9&stamp=1440078034
Please note that this has never actually been (build-)tested on alpha,
but should hopefully resolve the warning. Note also that limits.h is
already included.
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Sami Kerola [Mon, 17 Aug 2015 17:44:28 +0000 (18:44 +0100)]
misc: fix shadow declarations
sys-utils/zramctl.c: In function 'get_mm_stat':
sys-utils/zramctl.c:276:58: warning: declaration of 'inbytes' shadows a global declaration [-Wshadow]
static char *get_mm_stat(struct zram *z, size_t idx, int inbytes)
sys-utils/zramctl.c:119:39: note: shadowed declaration is here
static unsigned int raw, no_headings, inbytes;
libmount/src/tab.c: In function 'mnt_table_get_fs_root':
libmount/src/tab.c:1221:22: warning: declaration of 'fs' shadows a parameter [-Wshadow]
struct libmnt_fs *fs = mnt_table_find_mountpoint(tb,
libmount/src/tab.c:1197:24: note: shadowed declaration is here
struct libmnt_fs *fs,
disk-utils/fsck.minix.c: In function 'main':
disk-utils/fsck.minix.c:1364:17: warning: declaration of 'i' shadows a previous local [-Wshadow]
unsigned long i, free;
disk-utils/fsck.minix.c:1250:6: note: shadowed declaration is here
int i;
Karel Zak [Mon, 24 Aug 2015 08:05:55 +0000 (10:05 +0200)]
chsh, chfn, vipw: fix filenames collision
The utils when compiled WITHOUT libuser then mkostemp()ing
"/etc/%s.XXXXXX" where the filename prefix is argv[0] basename.
An attacker could repeatedly execute the util with modified argv[0]
and after many many attempts mkostemp() may generate suffix which
makes sense. The result maybe temporary file with name like rc.status
ld.so.preload or krb5.keytab, etc.
Note that distros usually use libuser based ch{sh,fn} or stuff from
shadow-utils.
It's probably very minor security bug.
Addresses: CVE-2015-5224 Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Wed, 12 Aug 2015 20:53:47 +0000 (22:53 +0200)]
Merge branch 'colcrt' of git://github.com/kerolasa/lelux-utiliteetit
* 'colcrt' of git://github.com/kerolasa/lelux-utiliteetit:
tests: add colcrt regression tests
colcrt: allocate enough space for data moves [afl & asan]
colcrt: avoid writing beyond array bound [afl & asan]
colcrt: use #define in place of magic constants
misc: fix redundant assignment and reassignments before use [cppcheck]
tools: stop checkmans.sh validating libtool builds
Karel Zak [Wed, 12 Aug 2015 09:09:04 +0000 (11:09 +0200)]
Merge branch 'patch-1' of https://github.com/borutmrak/util-linux
* 'patch-1' of https://github.com/borutmrak/util-linux:
mount.8: also note diratime does not override noatime.
mount.8: Clarify relation between noatime and nodiratime
Borut Mrak [Tue, 11 Aug 2015 00:51:36 +0000 (02:51 +0200)]
mount.8: Clarify relation between noatime and nodiratime
According to https://lwn.net/Articles/245002/ and checking Linus' git master fs/inode.c it's obvious nodiratime is redundant when mounting with noatime. Clarify that in the man page.
Sami Kerola [Sun, 9 Aug 2015 17:02:18 +0000 (18:02 +0100)]
colcrt: allocate enough space for data moves [afl & asan]
==2807==ERROR: AddressSanitizer: global-buffer-overflow on address 0x0000013a31f0 at pc 0x0000004e3047 bp 0x7fffcb7df8d0 sp 0x7fffcb7df8c8
READ of size 4 at 0x0000013a31f0 thread T0
#0 0x4e3046 in move /home/src/util-linux/text-utils/colcrt.c:309:13
#1 0x4e25b1 in pflush /home/src/util-linux/text-utils/colcrt.c:264:3
#2 0x4e246d in colcrt /home/src/util-linux/text-utils/colcrt.c:157:4
#3 0x4e17d4 in main /home/src/util-linux/text-utils/colcrt.c:141:3
#4 0x7fb0cb2ee60f in __libc_start_main (/usr/lib/libc.so.6+0x2060f)
#5 0x4362c8 in _start (/home/src/util-linux/colcrt+0x4362c8)
0x0000013a31f0 is located 0 bytes to the right of global variable 'page' defined in 'text-utils/colcrt.c:73:9' (0x1380b40) of size 140976
SUMMARY: AddressSanitizer: global-buffer-overflow /home/src/util-linux/text-utils/colcrt.c:309 move
And another crash:
==4578==ERROR: AddressSanitizer: global-buffer-overflow on address 0x0000013a3d24 at pc 0x0000004e2510 bp 0x7ffc9257b0e0 sp 0x7ffc9257b0d8
READ of size 4 at 0x0000013a3d24 thread T0
#0 0x4e250f in colcrt /home/src/util-linux/text-utils/colcrt.c:218:8
#1 0x4e17d4 in main /home/src/util-linux/text-utils/colcrt.c:141:3
#2 0x7fe0ac94160f in __libc_start_main (/usr/lib/libc.so.6+0x2060f)
#3 0x4362c8 in _start (/home/src/util-linux/colcrt+0x4362c8)
0x0000013a3d24 is located 8 bytes to the right of global variable 'page' defined in 'text-utils/colcrt.c:73:9' (0x1381240) of size 142044
SUMMARY: AddressSanitizer: global-buffer-overflow /home/src/util-linux/text-utils/colcrt.c:218 colcrt
Reported-by: Alaa Mubaied <alaamubaied@gmail.com> Signed-off-by: Sami Kerola <kerolasa@iki.fi>
text-utils/colcrt.c:205:10: runtime error: index -1 out of bounds for type 'wchar_t [133]'
SUMMARY: AddressSanitizer: undefined-behavior text-utils/colcrt.c:205
=================================================================
==2357==ERROR: AddressSanitizer: global-buffer-overflow on address 0x0000013811b0 at pc 0x0000004e2514 bp 0x7ffdf6ba4450 sp 0x7ffdf6ba4448
READ of size 4 at 0x0000013811b0 thread T0
#0 0x4e2513 in colcrt /home/src/util-linux/text-utils/colcrt.c:213:8
#1 0x4e17d4 in main /home/src/util-linux/text-utils/colcrt.c:139:3
#2 0x7fb77236960f in __libc_start_main (/usr/lib/libc.so.6+0x2060f)
#3 0x4362c8 in _start (/home/src/util-linux/colcrt+0x4362c8)
Reported-by: Alaa Mubaied <alaamubaied@gmail.com> Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Karel Zak [Tue, 4 Aug 2015 09:26:45 +0000 (11:26 +0200)]
mkfs.cramfs: remove dead code [coverity scan]
There two possible ways, print error and exit on too long names or
truncate the filename -- but it's impossible to do both in the same
code :-) It seems that code already assumes warning on long names, so
let's remove errx() and keep the behavior in dependence on -E.
Sami Kerola [Sun, 2 Aug 2015 20:24:08 +0000 (21:24 +0100)]
bash-completion: update few options changed since v2.26
Attempt to find and update all changes to command line options that has
not been reflected in bash-completion files in between versions v2.26 to
v2.27-rc1.
Sami Kerola [Sat, 1 Aug 2015 18:01:00 +0000 (19:01 +0100)]
mkfs.minix: re-fix block count maths
Error, that Joshua Hudson already pointed out, creapped back to commit da41ff5 when changes were applied from mailbox rather than git remote, as
the corrected change had included some accidental rubbish.
Reference: http://www.spinics.net/lists/util-linux-ng/msg11764.html
Reference: http://www.spinics.net/lists/util-linux-ng/msg11848.html Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Milan Broz [Thu, 30 Jul 2015 14:18:28 +0000 (16:18 +0200)]
lsblk: Display mountpoint even for top-level device
If a filesystem is mounted on top-level block device
with existing partitions, the mountpoint is not displayed
in the lsblk output.
This situation can happen by a configuration mistake
and lsblk could be used to detect such a mistake.
This patch allows searching for a mountpoint for all displayed
devices, not only for leaf nodes.
(It should be pretty cheap operation, mtab is parsed only once.)
For example: lsblk /dev/loop1
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
loop1 7:1 0 128M 0 loop /mnt/tst
└─loop1p1 259:0 0 127M 0 loop
projects / thirdparty / util-linux.git / log
