#
304203 |
|
16-Aug-2016 |
ache |
MFC r302943,r302944,r303004,r303010,r303011,r303013,r303014,r303074, r303088,r303142,r303208,r303210,r303530,r303536,r303564,r303565, r303706
In short:
1) All situations with glob(3) error return codes are well defined by POSIX, so rewrite old sporadic errors processing to match those definitions.
Including subcases:
Both C99 and POSIX directly prohibits any standard function to set errno to 0. Breaking this rule in 2001 NetBSD hack was imported which attempts to workaround very limited glob(3) return codes amount. Use POSIX-compatible workaround now with E2BIG which can't comes from other functions used instead of prohibited 0.
Process errors happpens in (*readdirfunc)() too, as POSIX requires.
Per POSIX GLOB_NOCHECK should return original pattern, unmodified, if no matches found. But our code strips all '\' returning it. Rewrite the code to allow to return original pattern.
GLOB_ERR and gl_errfunc are supposed to work only for real directories per POSIX, so don't act on missing or plain files for ENOENT or ENOTDIR (as TODO in the code suggested). Remove the hack in the manpage describing how to skip ENOENT and ENOTDIR in gl_errfunc, it is unneeded now.
Per POSIX GLOB_ERR must be considered even if gl_errfunc is not set, old code skips it in that case.
2) For near MAXPATHLEN long pathes old glob(3) code can operate on truncated results, prevent it in several places.
3) Results was not sorted according to collate as POSIX requires.
4) globtilde() forget to convert expanded user home dir from multibyte to wide chars. Moreover, those chars are addded as not protected, so can be treated as special chars.
5) Backward hack for EILSEQ in g_Ctoc() was not implemented, so all pathes with illegal byte sequences are skipped as result, implement it now.
6) GLOB_BRACE was somehow broken. First it repeatedly calls glob0() in globexp1() recursive calls, but glob0() was not supposed to be called repeatedly in the original code. It finalize results by possible adding original pattern for no match case, may return GLOB_NOMATCH error and by sorting all things. Original pattern adding or GLOB_NOMATCH error can happens each time glob0() called repeatedly, and sorting happens for one item only, all things are never sorted. Second, f.e. "a{a" pattern does not match "a{a" file but match "a" file instead. Third, some errors (f.e. for limits or overflow) can be ignored by GLOB_BRACE code because it forces return (0).
Add non-finalizing flag to glob0() and make globexp0() wrapper around recursively called globexp1() to finalize things like glob0() does. Reorganize braces code to work correctly.
7) Don't allow MB_CUR_MAX * strlen overallocation hits GLOB_LIMIT_STRING (ARG_MAX) limit, use final string length, not malloced space for it.
|
#
303185 |
|
22-Jul-2016 |
ache |
MFC: r302824
1) Eliminate possibility to call __*collate_range_cmp() with inclomplete locale (which cause core dump) by removing whole 'table' argument by which it passed.
2) Restore __collate_range_cmp() in __sccl().
3) Collating [a-z] range in regcomp() works for single byte locales only (we can't do it for other ones). In previous state only first 256 wide chars are considered and all others are just silently dropped from the range.
|
#
256281 |
|
10-Oct-2013 |
gjb |
Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
249381 |
|
11-Apr-2013 |
emaste |
Spelling correction
|
#
243779 |
|
01-Dec-2012 |
marcel |
Protect against DoS attacks, such as being described in CVE-2010-2632. The changes were derived from what has been committed to NetBSD, with modifications. These are: 1. Preserve the existsing GLOB_LIMIT behaviour by including the number of matches to the set of parameters to limit. 2. Change some of the limits to avoid impacting normal use cases: GLOB_LIMIT_STRING - change from 65536 to ARG_MAX so that glob(3) can still provide a full command line of expanded names. GLOB_LIMIT_STAT - change from 128 to 1024 for no other reason than that 128 feels too low (it's not a limit that impacts the behaviour of the test program listed in CVE-2010-2632). GLOB_LIMIT_PATH - change from 1024 to 65536 so that glob(3) can still provide a fill command line of expanded names. 3. Protect against buffer overruns when we hit the GLOB_LIMIT_STAT or GLOB_LIMIT_READDIR limits. We append SEP and EOS to pathend in those cases. Return GLOB_ABORTED instead of GLOB_NOSPACE when we would otherwise overrun the buffer.
This change also modifies the existing behaviour of glob(3) in case GLOB_LIMIT is specifies by limiting the *new* matches and not all matches. This is an important distinction when GLOB_APPEND is set or when the caller uses a non-zero gl_offs. Previously pre-existing matches or the value of gl_offs would be counted in the number of matches even though the man page states that glob(3) would return GLOB_NOSPACE when gl_matchc or more matches were found.
The limits that cannot be circumvented are GLOB_LIMIT_STRING and GLOB_LIMIT_PATH all others can be crossed by simply calling glob(3) again and with GLOB_APPEND set.
The entire description above applies only when GLOB_LIMIT has been specified of course. No limits apply when this flag isn't set!
Obtained from: Juniper Networks, Inc
|
#
243759 |
|
01-Dec-2012 |
marcel |
In globextend(), take advantage of the fact that realloc(NULL, size) is equivalent to malloc(size). This eliminates the conditional expression used for calling either realloc() or malloc() when realloc() will do all the time.
|
#
243758 |
|
01-Dec-2012 |
marcel |
In globextend() when the pathv vector cannot be (re-)allocated, don't free and clear the gl_pathv pointer in the glob_t structure. Such breaks the invariant of the glob_t structure, as stated in the comment right in front of the globextend() function. If gl_pathv was non-NULL, then gl_pathc was > 0. Making gl_pathv a NULL pointer without also setting gl_pathc to 0 is wrong.
Since we otherwise don't free the memory associated with a glob_t in error cases, it's unlikely that this change will cause a memory leak that wasn't already there to begin with. Callers of glob(3) must call globfree(3) irrespective of whether glob(3) returned an error or not.
|
#
228755 |
|
20-Dec-2011 |
eadler |
- Fix style(9) bugs in glob.c
Approved by: jilles
|
#
228754 |
|
20-Dec-2011 |
eadler |
- Add restrict keyword to glob(3)
PR: kern/161958 Submitted by: Henning Petersen <henning.petersen@t-online.de> Approved by: jilles MFC after: 3 days
|
#
227753 |
|
20-Nov-2011 |
theraven |
Implement xlocale APIs from Darwin, mainly for use by libc++. This adds a load of _l suffixed versions of various standard library functions that use the global locale, making them take an explicit locale parameter. Also adds support for per-thread locales. This work was funded by the FreeBSD Foundation.
Please test any code you have that uses the C standard locale functions!
Reviewed by: das (gdtoa changes) Approved by: dim (mentor)
|
#
207981 |
|
12-May-2010 |
gordon |
Fix a bug due to a type conversion from 64 to 32 bits. The side effect of this type conversion is the high bits which were used to indicate if a special character was a literal or special were dropped. As a result, all special character were treated as special, even if they were supposed to be literals.
Reviewed by: gad@ Approved by: mentor (wes@)
|
#
180021 |
|
26-Jun-2008 |
mtm |
Gcc barfs in glob.c when run with -O3. To fix this make g_strchr() work on and return (const Char *) pointers instead of just (Char *) and get rid of all the type casting.
PR: kern/124334
|
#
165903 |
|
08-Jan-2007 |
imp |
Per Regents of the University of Calfornia letter, remove advertising clause.
# If I've done so improperly on a file, please let me know.
|
#
159294 |
|
05-Jun-2006 |
delphij |
- ANSIfy. - Remove two unnecessary casts.
These changes would help gcc4 compile.
|
#
158812 |
|
22-May-2006 |
ache |
Reflect size_t changes in glob.h
Obtained from: NetBSD (mostly)
|
#
150137 |
|
14-Sep-2005 |
ache |
Don't reuse *pl to skip [], it is already used for {} parts in the loop above (submitted patch slightly modified)
PR: 86038 Submitted by: Gerd Rausch <gerd@juniper.net>
|
#
132817 |
|
29-Jul-2004 |
tjr |
Add support for multibyte characters.
|
#
121667 |
|
29-Oct-2003 |
tjr |
Remove incomplete support for running FreeBSD userland on old NetBSD kernels lacking the issetugid() and utrace() syscalls.
|
#
100217 |
|
17-Jul-2002 |
mikeh |
Update glob(3) to add all the POSIX required options, specifically:
- add GLOB_NOMATCH return value and use it when we don't get a match - rename GLOB_ABEND to GLOB_ABORTED and use it instead of returning 1 in some places - add GLOB_NOESCAPE flag and retire GLOB_QUOTE to compatibility section
Suggestions/advice on correct usage of POSIX defines: wollman
|
#
90045 |
|
31-Jan-2002 |
obrien |
* Remove __P and convert to ANSI prototypes. * Remove 'register'. (some functions had 7+ register functions...) * Fix SCM ID's.
|
#
80525 |
|
28-Jul-2001 |
mikeh |
Rename the GLOB_MAXPATH flag of glob(3) to GLOB_LIMIT to be compatible with NetBSD and OpenBSD. glob(3) will now return GLOB_NOSPACE with errno set to 0 instead of GLOB_LIMIT when we match more than `gl_matchc' patterns. GLOB_MAXPATH has been left as an alias of GLOB_LIMIT to maintain backwards compatibility.
Reviewed by: sheldonh, assar Obtained from: NetBSD/OpenBSD
|
#
74963 |
|
28-Mar-2001 |
peter |
Mostly pick up OpenBSD's rev 1.14 by deraadt@ and millert@. I've left out a couple of unused args between internal functions. Use MAXPATHLEN, not MAXPATHLEN + 1 in a couple of places. Pass a pointer to the end of the target filename space.
|
#
74921 |
|
28-Mar-2001 |
peter |
OpenBSD's g_Ctoc() returned a false error when the target buffer was exactly the right size. Do it differently - pass a length rather than an end-of-string+1 pointer as this is more convenient anyway. Get rid of the bogus +1's.
|
#
74918 |
|
28-Mar-2001 |
peter |
Fix g_Ctoc() interface, approximately based on OpenBSD's recent changes. Also, set gl_pathv to NULL after we free it, especially when dealing with realloc failures.
Obtained from: OpenBSD
|
#
74469 |
|
19-Mar-2001 |
jlemon |
Introduce the GLOB_MAXPATH flag, which allows the user to limit the number of paths which glob(3) will return. Remove the hardcoded limit from the last commit, which restores the previous unbounded behavior.
Document the new flag in the manual page.
|
#
74357 |
|
16-Mar-2001 |
jlemon |
Bump MAX_GLOBENTRIES up to 16384, so it is a power of two. Add some comments explaining that this is an arbitrary limit.
Requested by: jkh
|
#
74307 |
|
15-Mar-2001 |
jlemon |
Limit the number of paths that glob can return to MAX_GLOBENTRIES, which is currently set to 10000. This is intended to prevent glob from running amok when a highly recursive path is provided (such as "../*/../*/../*/...")
Reviewed by: Diane Bruce <db@db.net>, jhb
|
#
33664 |
|
20-Feb-1998 |
jb |
NetBSD kernels don't have issetugid(), so #ifdef this out when building FreeBSD's libc to run with a NetBSD kernel. We'll get to the alpha kernel later, I promise. 8-)
|
#
28836 |
|
27-Aug-1997 |
ache |
Use getpwnam(getlogin()) before getpwuid(getuid())
|
#
28820 |
|
27-Aug-1997 |
imp |
Don't getenv(HOME) when set[ug]od. This can lead to a buffer overflow and elevated privs. Obtained from: OpenBSD
|
#
24633 |
|
04-Apr-1997 |
ache |
Speedup in case locale not used
|
#
24158 |
|
23-Mar-1997 |
imp |
Buffer overflow. Similar, but different, to the fix that Julian A submitted in PR 2580.
Obtained from: BSDi by way of Keith Bostic
Should be in 2.2 and 2.1.x. I'll merge into 2.2.
|
#
19276 |
|
31-Oct-1996 |
ache |
collate_range_cmp -> __collate_range_cmp
|
#
17552 |
|
12-Aug-1996 |
ache |
Convert to newly aded collate compare function
|
#
17531 |
|
12-Aug-1996 |
ache |
Remove static collcmp, ise new internal function now
|
#
17528 |
|
12-Aug-1996 |
ache |
Use collate for alpha character ranges
|
#
8870 |
|
30-May-1995 |
rgrimes |
Remove trailing whitespace.
|
#
1574 |
|
27-May-1994 |
rgrimes |
This commit was generated by cvs2svn to compensate for changes in r1573, which included commits to RCS files with non-trunk default branches.
|
#
1573 |
|
27-May-1994 |
rgrimes |
BSD 4.4 Lite Lib Sources
|