#
1.44 |
|
09-Nov-2017 |
christos |
Only open regular files.
|
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107 pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.43 |
|
16-Dec-2014 |
christos |
Fix various security related issues:
0001. Do not recognize paths, mail folders, and pipes in mail addresses by default. That avoids a direct command injection with syntactically valid email addresses starting with |.
Such addresses can be specified both on the command line, the mail headers (with -t) or in address lines copied over from previous while replying.
This was assigned CVE-2014-7844 for some versions of BSD mailx. It is documented behavior for Heirloom mailx, and was mentioned in an old technical report about BSD mailx (which does not usually make its way into operating system installations). The patch switches off this processing and updates the documentation.
Added expandaddr option to explicitly enable this behavior.
0002. When invoking sendmail, prevent option processing for email address arguments. This prevents changing e.g. the Postfix configuration file in unexpected ways. This behavior was documented for BSD mailx (sort of), but not for Heirloom mailx. We did not assign a CVE to this because it is more of a missing feature, and code invoking mailx needs adjustment in the caller as well.
Fixed.
0003. Make wordexp support mandatory. (No functional change.)
Fixed (replaced explicit shell pipe implementation).
0004. Prevent command execution in the expand function, which is IMHO unexpected. (Not really required with patch 1, and there is still information disclosure/DoS potential if this expansion occurs.) This is a historic vulnerability already fixed in the Debian package, retroactively assigned CVE-2004-2771:
Fixed (as part of the pipe replacement with wordexp).
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6 tls-maxphys-base yamt-pagecache-base5
|
#
1.42 |
|
29-Apr-2012 |
christos |
branches: 1.42.10; set close on exec for all opened files.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231 matt-premerge-20091211 jym-xensuspend-nbase jym-xensuspend-base
|
#
1.41 |
|
11-Apr-2009 |
christos |
branches: 1.41.6; - magic fix for short files - knf from Anon Ymous
|
#
1.40 |
|
10-Apr-2009 |
christos |
From Anon Ymous:
- Remove all longjmp(3) calls from signal handlers. Instead, we post to an internal signal queue and check that periodically. All signal related code is now in sig.c, except for the SIGCHLD handler which remains in popen.c as it is intimately tied to routines there.
- Handle SIGPIPE in type1() regardless of mime support, or else the handler in execute() will prevent our error code from being returned resulting in 'sawcom' not being set on the first command as it should. This only affected the initial behavior of the "next" command without mime support.
- Add the 'T' flag to many commands in cmdtab.c that should not look like the first command. E.g., start mail on a mailbox with multiple messages, run "set foo", then "next", and watch the second message get displayed rather than the first as is the case without the first "set" command.
- Add file descriptor and file handle leak detection. Enabled by DEBUG_FILE_LEAK. This will likely disappear in the future.
- Fix a long standing (since import in 1993) longjmp() bug in edstop(): the jmpbuf was invalid when quit() is called at the end of main.
- Fix a long standing bug (since import in 1993) in snarf() where it didn't strip whitespace correctly if the line consisted only of whitespace.
- Lint cleanup.
- New Feature: "Header" command. This allows miscellaneous header fields to be added to the header, e.g., "X-Organization:" or "Reply-To:" fields.
- New Feature: "page-also" variable. This allows the specification of additional commands to page. It is more flexible than "crt".
- Document the "pager-off" variable: if set, it disables paging entirely.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 netbsd-5-base matt-mips64-base2 mjf-devfs2-base wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 wrstuden-revivesa-base-1 yamt-pf42-base4 yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-baseX yamt-pf42-base2 wrstuden-revivesa-base yamt-pf42-base keiichi-mipv6-nbase keiichi-mipv6-base matt-armv6-nbase cube-autoconf-base matt-armv6-base hpcarm-cleanup-base
|
#
1.39 |
|
30-Oct-2007 |
christos |
branches: 1.39.14; From Anon Ymous: Make this compile without MIME_SUPPORT.
|
#
1.38 |
|
30-Oct-2007 |
christos |
From Anon Ymous:
- Add a "forward" command as requested by garbled@. From the manpage:
forward Takes a list of messages and prompts for an address (or addresses) to forward each message to. If no message list is specified, the current message is used. The mail editor is run for each message allowing the user to enter a message that will precede the forward message. The message is sent as a multi- part/mixed MIME encoded message.
- Add the ability to match messages that do (or do not) contain a header field. E.g., the command "f ! /Subject:" will display the list of messages that are missing a "Subject" field.
- Teach savemail() to prefix fake headlines so the mbox doesn't get broken.
- Fixed a couple of "bugs" in the attachment editing routine.
|
#
1.37 |
|
29-Oct-2007 |
christos |
From Anon Ymous: knf changes: - s/sizeof x/sizeof(x)/. - remove unnecessary malloc typecasts. - whitespace nits.
|
#
1.36 |
|
27-Oct-2007 |
christos |
From Anon Ymous: - Add a "bounce" command as requested by garbled@. From the manpage:
bounce Takes a list of messages and prompts for an address to bounce the messages to. All the original header fields are preserved except for the ``Delivered-To'', ``X-Original-To'' and ``Status'' fields. The new ``To'' field contains the bounce address(es) plus any addresses in the old ``To'' field minus the user's local address and any on the alternates list. (See the alternates com- mand.)
|
#
1.35 |
|
23-Oct-2007 |
christos |
From Anon Ymous: - Introduce date_to_tm() and hl_date_to_tm() to parse the date and headline date a bit more efficiently. - If 'tm_isdst' is determined, let strftime(3) handle the '%Z' and '%z' formats. Otherwise, output "-0000" and "???", respectively, to help preserve with alignment; strftime(3) will output an empty string in these case. - Change fail() to use the '-d' flag (which sets the 'debug' variable) rather than the "debug" _environment_ variable. This is more consistent with other warnings. - Don't use gcc C extensions, e.g., "case LOW ... HIGH:". - Define is_WSP() in def.h to be an inline function that for checks whitespace (WSP = ' ' or '\t'), as defined in RFC 2822. Use it consistently in place of isblank(). - For consistency, rename skip_blank() to skip_WSP(). - Add inline skip_space() to complement skip_blank() (now skip_WSP). - Check all ctype(3) calls for argument range issues. - Whitespace and comment cleanup/changes.
|
Revision tags: matt-mips64-base
|
#
1.34 |
|
05-Jun-2007 |
christos |
branches: 1.34.4; Add RCSID's to help files and centralize the function to cat the help files.
|
Revision tags: netbsd-4-0-1-RELEASE wrstuden-fixsa-newbase wrstuden-fixsa-base-1 netbsd-4-0-RELEASE netbsd-4-0-RC5 netbsd-4-0-RC4 netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 wrstuden-fixsa-base netbsd-4-base
|
#
1.33 |
|
28-Nov-2006 |
christos |
From Anon Ymous:
1) Statification of modules.
2) Implement the 'detach' and 'Detach' commands for extracting mime parts from messages.
3) Teach mail to output "In-Reply-To" and "References" header fields when replying so others can thread us.
4) Implement threading, sorting, and tagging, supported by the following commands: 'flatten', 'reverse', 'sort', 'thread', 'unthread', 'down', 'tset', 'up', 'expose', 'hide', 'tag', 'untag', 'invtags', 'tagbelow', 'hidetags', 'showtags'. See the manpage for details (when available - soon).
5) Implement a 'deldups' command to delete duplicate messages based on their "Message-Id" field, e.g., in replies to a mailing list that are also CCed to a subscriber. (This can also be accomplished with the threading and tagging commands.)
6) Implement 'ifdef' and 'ifndef' commands, and make the conditionals nestable (i.e., implement a conditional stack). The if/else/endif commands existed before, but they were primitive and undocumented. The 'if' command currently recognizes the "receiving", "sending", and "headersonly" mode keywords.
7) Teach the message selecting routine to understand regular expressions if "regex-search" is defined. Otherwise only case insensitive substring matches are done (as in the past).
8) Teach the message selection routine to understand boolean expressions. Improved "colon-modifier" support. See the manpage for details (when available - soon).
9) Extend paging to all commands (where relevant).
10) Add shell like piping and redirection of (standard) output (if "enable-piping" is defined). Extend completion to these contexts.
11) The manpage should follow soon!!!!
|
#
1.32 |
|
31-Oct-2006 |
christos |
More fixes from Anon Ymous:
1) Removed the -B flag (it was stupid on my part) and added a short description indicating how to accomplish the same thing under the "Sending Mail" section of man mail(1).
2) Added a -H flag to dump the headers and exit. It takes optional flags to restrict to old, new, read, unread, and deleted messages (the later being kind of useless - it shares code with something that already had it).
3) Restored the 'Save' command which somehow got mistakenly removed in the last commit and add documentation for it! (My apologies to its author.)
4) Added a 'mkread' command to mark messages as read (the inverse of 'unread'). Should we also have a 'mknew' command?
5) Added a 'smopts' command to keep a database of addresses and sendmail options to be used when sending messages to those addresses. See man mail(1) for a fuller description.
6) Added 'indentpreamble' and 'indentpostscript' variables whose values are inserted before and after a quoted message (~m or ~M escapes). =20 7) Added string formatting abilities for the 'prompt', 'insertpreamble', 'insertpostscript', and header display strings. These strings support all the strftime() format parameters as well as many more specific to mail (see man mail(1)).
8) Fix the -a flag so that it only takes a single filename, unless "mime-attach-list" is defined. This is more conventional and avoids unexpected whitespace issues.
|
#
1.31 |
|
21-Oct-2006 |
christos |
From our anonymous user: - mime and character set handling - command line editor and completion - many code improvements
|
#
1.30 |
|
19-Sep-2006 |
christos |
s/ReplyFrom/ReplyAsRecipient/ from our anonymous user.
|
#
1.29 |
|
18-Sep-2006 |
christos |
Jumbo mail patch from our anonymous user:
1) Use editline [optional]: Most of this code was borrowed from src/usr.bin/ftp. It does the appropriate editing, history, and completion for all mail commands (from cmdtab[]) and also does editing on header strings ('~h' inside the mail editor).
2) '-B' flag: This will suppress the "To:" line passed to sendmail. In most configurations it will lead to sendmail adding "To: undisclosed recipients;". Currently, AFAIK mail requires at least one exposed recipient address.
3) Comments in rcfile: Currently, comments in .mailrc are only supported if the first (non-white) character on a line is '#' followed by white space, i.e., '#' is a 'nop' command. This (trivial) patch allows the more normal/expected use of '#' as a comment character. It does not respect quoting, so that might be an objection which I should fix.
4) Sendmail option editing: This adds the sendmail option string to the strings editable by the '~h' command within the mail editor. Currently, you can only set this string from the command-line, which is particularly annoying when replying to mail.
5) Reply from: When replying to a message, grab the "To:" address from the message and, if there is only one such address and it does not match a list of allowed addresses (set in the "ReplyFrom" variable), pass it to sendmail as the "From:" address for the reply (with the '-f' option). I often make aliases for myself so that my primary address is not given out; if the alias gets out, I know who to blame. Unfortunately, a reply to such a message would normally use the primary address without this patch. A warning is displayed when this is going to happen so that it can be modified with '~h'.
6) CC and BCC lists: Allow '-c' and '-b' to accept white-space or ',' delimited lists. Currently, a white-space delimited list of addresses work, but a list of aliases will not get expanded. For example, currently:
mail -c "foo bar" christos
will fail to send mail to 'foo' and 'bar' if these are mail aliases (in ~/.mailrc); sendmail aliases (in /etc/aliases) do work.
7) pipe command: This pipes the current message into a shell command. I use this for quick decoding of uuencoded mail, but I can imagine it might be useful for decrypting encrypted mail, too.
8) show command: This command takes a list of variables and shows their values. It is probably stupid as the 'set' command without any argument displays all variable values. Of course, if there are a lot of variables you have to sift through the list for the one(s) you want.
|
Revision tags: abandoned-netbsd-4-base chap-midi-nbase chap-midi-base
|
#
1.28 |
|
03-Mar-2006 |
christos |
PR/32964: Johan Veenhuizen: implement the unalias command
|
#
1.27 |
|
19-Jul-2005 |
christos |
Pass lint completely.
|
#
1.26 |
|
19-Jul-2005 |
christos |
WARNS=3
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 netbsd-3-0-RC2 netbsd-3-0-RC1 netbsd-2-0-3-RELEASE netbsd-2-1-RELEASE netbsd-2-1-RC6 netbsd-2-1-RC5 netbsd-2-1-RC4 netbsd-2-1-RC3 netbsd-2-1-RC2 netbsd-2-1-RC1 netbsd-2-0-2-RELEASE netbsd-3-base netbsd-2-0-1-RELEASE netbsd-2-base netbsd-2-0-RELEASE netbsd-2-0-RC5 netbsd-2-0-RC4 netbsd-2-0-RC3 netbsd-2-0-RC2 netbsd-2-0-RC1 netbsd-2-0-base
|
#
1.25 |
|
10-Nov-2003 |
ross |
Simplify set(). No functional change.
|
#
1.24 |
|
10-Nov-2003 |
ross |
Refix last delta's string copying edits
|
#
1.23 |
|
31-Oct-2003 |
ross |
Defensively rewrite a string moving loop. Constify. Check for an allocation error.
|
#
1.22 |
|
29-Oct-2003 |
ross |
Fix the broken "!" escape and "shell" (&-prompt) commands. These problems were related to closed PR bin/21896, and to the 2003-3-29 code import.
|
#
1.21 |
|
07-Aug-2003 |
agc |
Move UCB-licensed code from 4-clause to 3-clause licence.
Patches provided by Joel Baker in PR 22365, verified by myself.
|
#
1.20 |
|
29-Mar-2003 |
christos |
bring in fixes from OpenBSD: - use varargs properly. - pid_t - better handling of error conditions on forked jobs.
|
Revision tags: fvdl_fs64_base
|
#
1.19 |
|
12-Aug-2002 |
itojun |
calloc() arg mistake. it's (nelem, size). from openbsd
|
Revision tags: netbsd-1-6-PATCH002-RELEASE netbsd-1-6-PATCH002 netbsd-1-6-PATCH002-RC4 netbsd-1-6-PATCH002-RC3 netbsd-1-6-PATCH002-RC2 netbsd-1-6-PATCH002-RC1 netbsd-1-6-PATCH001 netbsd-1-6-PATCH001-RELEASE netbsd-1-6-PATCH001-RC3 netbsd-1-6-PATCH001-RC2 netbsd-1-6-PATCH001-RC1 netbsd-1-6-RELEASE netbsd-1-6-RC3 netbsd-1-6-RC2 netbsd-1-6-RC1 netbsd-1-6-base
|
#
1.18 |
|
29-Mar-2002 |
ross |
only count header lines that are actually going to be displayed when deciding whether to run $PAGER, otherwise it may start up the pager for a two line message if all 55 header lines are the subject of a .mailrc ignore command.
(And no, I don't find this program directly useful for reading today's mail volumes, but it's great as a component run from wrapper scripts, pretty good for scanning archived mail, and more than adequate for sending mail.)
|
#
1.17 |
|
05-Mar-2002 |
wiz |
Use warn() instead of perror().
|
#
1.16 |
|
05-Mar-2002 |
wiz |
KNF: No space after casts.
|
#
1.15 |
|
04-Mar-2002 |
wiz |
Replace some more special pointers to zero (NIL, NONE, NOVAR, NOGRP, NOGE) with NULL.
|
#
1.14 |
|
04-Mar-2002 |
wiz |
Don't use special null string pointer (NOSTR), just use NULL.
|
#
1.13 |
|
02-Mar-2002 |
wiz |
Rename variables to avoid shadowing.
|
#
1.12 |
|
02-Mar-2002 |
wiz |
ANSIfy, and minimal KNF.
|
Revision tags: netbsd-1-5-PATCH003 netbsd-1-5-PATCH002 netbsd-1-5-PATCH001 netbsd-1-5-RELEASE netbsd-1-5-BETA2 netbsd-1-5-BETA netbsd-1-4-PATCH003 netbsd-1-5-ALPHA2 netbsd-1-5-base minoura-xpg4dl-base netbsd-1-4-PATCH002 wrstuden-devbsize-19991221 wrstuden-devbsize-base comdex-fall-1999-base netbsd-1-4-PATCH001 netbsd-1-4-RELEASE netbsd-1-4-base
|
#
1.11 |
|
09-Feb-1999 |
dean |
fixes for PR 3886, 4719, 5424 mail is more consistent in a su'd environment unset works if the variable is in the environment fixed off by one error with 'z' scrolling
|
#
1.10 |
|
08-Oct-1998 |
wsanchez |
Get rid of commons. Rename vfree() to v_free() to avoid conflict in out libc's vfree().
|
Revision tags: netbsd-1-3-PATCH003 netbsd-1-3-PATCH003-CANDIDATE2 netbsd-1-3-PATCH003-CANDIDATE1 netbsd-1-3-PATCH003-CANDIDATE0 netbsd-1-3-PATCH002 netbsd-1-3-PATCH001 netbsd-1-3-RELEASE netbsd-1-3-BETA netbsd-1-3-base
|
#
1.9 |
|
19-Oct-1997 |
lukem |
WARNSify, fix .Nm usage, deprecate register, use <err.h>
|
#
1.8 |
|
09-Jul-1997 |
mikel |
update printf formats to match type of line counts
|
#
1.7 |
|
17-May-1997 |
pk |
NULL => 0 (Arne Juul; PR#3629)
|
#
1.6 |
|
28-Dec-1996 |
tls |
Sync with 4.4BSD-Lite2
|
#
1.5 |
|
08-Jun-1996 |
christos |
- Fix PR/105: Implement dot locking protocol and check return value of flock. - Fix PR/2247: Don't call unknown users "ubluit". Issue an error message. - Fix/add prototypes. - Fix warnings. - Use POSIX signal mask calls. - RCSid police.
|
Revision tags: netbsd-1-2-PATCH001 netbsd-1-2-RELEASE netbsd-1-2-BETA netbsd-1-2-base netbsd-1-1-PATCH001 netbsd-1-1-RELEASE netbsd-1-1-base netbsd-1-0-PATCH06 netbsd-1-0-PATCH05 netbsd-1-0-PATCH04 netbsd-1-0-PATCH03 netbsd-1-0-PATCH02 netbsd-1-0-PATCH1 netbsd-1-0-PATCH0 netbsd-1-0-RELEASE netbsd-1-0-base
|
#
1.4 |
|
29-Jun-1994 |
deraadt |
4.4-lite, plus our mods
|
#
1.3 |
|
22-May-1994 |
jtc |
cfree() is obsolete, use free()
|
#
1.2 |
|
01-Aug-1993 |
mycroft |
Add RCS identifiers.
|
#
1.1 |
|
21-Mar-1993 |
cgd |
branches: 1.1.1; Initial revision
|