Re: strlcat manpage
Hi Valentin, On Fri, Jan 11, 2002 at 12:22:21AM +0200, Valentin Nechayev wrote: > There was a fresh discussion in some maillists (security-audit, glibc-alpha) of > strlcpy() and strlcat() in context of possible inclusion to glibc. > Among others, the question was spoken that strlcat manpage contains a dark > moment of strlcat() return value. One should agree with affirmation that > strlcat() must not check characters after dst[size-1], the first reason > is that memory block can end here; but, James Antill reported that > Sun programmers lost their mind and checks full length of dst as a source > nul-terminated string. (I didn't check his report.) > In this context, I think the following patch should be applied to provide > explicit clarification of this moment and full accordance with source code. First, it's better to submit such fixes as FreeBSD Problem Reports, or they'll have a fair chance to get lost in the high volume of freebsd-hackers. Second, the strlcat(3) manpage language has already been improved with respect to this issue. The upcoming 4.5-RELEASE will contain the corrected manpage. Thank you for your effort. [Not removind freebsd-hackers from CC to show to the world such messages won't be just ignored here :-) ] -- Yar To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
New - Just Curious
Warning Unable to process data: multipart/mixed;boundary="=_NextPart_000_6F12_7491.2AC3"
Marketing Services
Warning Unable to process data: multipart/mixed;boundary="=_NextPart_000_280D_6E9D.0BCF"
ftpd patch that saves me a lot of hassle
I got sick of (presumably) warez people probing my anonymous ftp site and
dropping all kinds of hard-to-delete trash in incoming, so I patched my
ftpd to only allow directories to start with alphanumerics. There's
probably a better solution, but this works for me so I figure'd I'd share.
Combining this with a umask that doesn't allow reading uploaded files keeps
things reasonably well in hand.
--Aaron
Index: ftpd.c
===
RCS file: /usr/cvs/src/libexec/ftpd/ftpd.c,v
retrieving revision 1.62.2.15
diff -u -r1.62.2.15 ftpd.c
--- ftpd.c 2001/12/18 18:35:55 1.62.2.15
+++ ftpd.c 2002/01/19 09:47:42
@@ -2216,6 +2216,12 @@
{
LOGCMD("mkdir", name);
+
+ if (!isalnum(*name)) {
+ reply(521, "Bite me.");
+ return;
+ }
+
if (mkdir(name, 0777) < 0)
perror_reply(550, name);
else
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
Re: ftpd patch that saves me a lot of hassle
What? You don't like directories named '...w^Ha^Hr^He^Hz^H^H^H' ?
I like it, but there are a few problems. What about underscore? And
will this mess up people using ftp outside the U.S.?
-Matt
Matthew Dillon
<[EMAIL PROTECTED]>
:I got sick of (presumably) warez people probing my anonymous ftp site and
:dropping all kinds of hard-to-delete trash in incoming, so I patched my
:ftpd to only allow directories to start with alphanumerics. There's
:probably a better solution, but this works for me so I figure'd I'd share.
:
:Combining this with a umask that doesn't allow reading uploaded files keeps
:things reasonably well in hand.
:
:--Aaron
:
:
:Index: ftpd.c
:===
:RCS file: /usr/cvs/src/libexec/ftpd/ftpd.c,v
:retrieving revision 1.62.2.15
:diff -u -r1.62.2.15 ftpd.c
:--- ftpd.c 2001/12/18 18:35:55 1.62.2.15
:+++ ftpd.c 2002/01/19 09:47:42
:@@ -2216,6 +2216,12 @@
: {
:
: LOGCMD("mkdir", name);
:+
:+ if (!isalnum(*name)) {
:+ reply(521, "Bite me.");
:+ return;
:+ }
:+
: if (mkdir(name, 0777) < 0)
: perror_reply(550, name);
: else
:
:To Unsubscribe: send mail to [EMAIL PROTECTED]
:with "unsubscribe freebsd-hackers" in the body of the message
:
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
Re: ftpd patch that saves me a lot of hassle
if you make your incoming Write-only then they will hav elottle point in
puting stuff there..
We do this, in several places, and have a script move the incoming stuff
elsewhere at regular intervals too.
(not that I disagree with your patch but I often mode 'dot files'
e.g. .cshrc, or even CVS "#" files
On Sat, 19 Jan 2002, Aaron Smith wrote:
> I got sick of (presumably) warez people probing my anonymous ftp site and
> dropping all kinds of hard-to-delete trash in incoming, so I patched my
> ftpd to only allow directories to start with alphanumerics. There's
> probably a better solution, but this works for me so I figure'd I'd share.
>
> Combining this with a umask that doesn't allow reading uploaded files keeps
> things reasonably well in hand.
>
> --Aaron
>
>
> Index: ftpd.c
> ===
> RCS file: /usr/cvs/src/libexec/ftpd/ftpd.c,v
> retrieving revision 1.62.2.15
> diff -u -r1.62.2.15 ftpd.c
> --- ftpd.c2001/12/18 18:35:55 1.62.2.15
> +++ ftpd.c2002/01/19 09:47:42
> @@ -2216,6 +2216,12 @@
> {
>
> LOGCMD("mkdir", name);
> +
> + if (!isalnum(*name)) {
> + reply(521, "Bite me.");
> + return;
> + }
> +
> if (mkdir(name, 0777) < 0)
> perror_reply(550, name);
> else
>
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-hackers" in the body of the message
>
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
Re: ftpd patch that saves me a lot of hassle
Use isprint() on the entire string; this will give the desired result in
most cases. It should probably be optional (defaulting to on, since it's
a security measure).
> What? You don't like directories named '...w^Ha^Hr^He^Hz^H^H^H' ?
>
> I like it, but there are a few problems. What about underscore? And
> will this mess up people using ftp outside the U.S.?
>
> -Matt
> Matthew Dillon
> <[EMAIL PROTECTED]>
>
>
> :I got sick of (presumably) warez people probing my anonymous ftp site and
> :dropping all kinds of hard-to-delete trash in incoming, so I patched my
> :ftpd to only allow directories to start with alphanumerics. There's
> :probably a better solution, but this works for me so I figure'd I'd share.
> :
> :Combining this with a umask that doesn't allow reading uploaded files keeps
> :things reasonably well in hand.
> :
> :--Aaron
> :
> :
> :Index: ftpd.c
> :===
> :RCS file: /usr/cvs/src/libexec/ftpd/ftpd.c,v
> :retrieving revision 1.62.2.15
> :diff -u -r1.62.2.15 ftpd.c
> :--- ftpd.c 2001/12/18 18:35:55 1.62.2.15
> :+++ ftpd.c 2002/01/19 09:47:42
> :@@ -2216,6 +2216,12 @@
> : {
> :
> : LOGCMD("mkdir", name);
> :+
> :+if (!isalnum(*name)) {
> :+reply(521, "Bite me.");
> :+return;
> :+}
> :+
> : if (mkdir(name, 0777) < 0)
> : perror_reply(550, name);
> : else
> :
> :To Unsubscribe: send mail to [EMAIL PROTECTED]
> :with "unsubscribe freebsd-hackers" in the body of the message
> :
>
>
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-hackers" in the body of the message
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
Re: ftpd patch that saves me a lot of hassle
The reason I only test the first character is that lots of filenames I
actually want uploaded may have some funkiness somewhere in their midst.
With an alnum first character I can deal with trash using tab completion
and not block the files I deal with normally.
isprint() is too liberal to save me time -- one careless evening, deleting
a directory named '~' made me have to go to backups. isprint allows a great
deal of stuff i don't want to hassle with, like ~ and &.
Allowing directories to start with underscore sounds reasonable to me,
though. Another idea would be mapping certain special characters to
underscore. Does anyone know if other ftpds like luke's or wu address this
issue?
I wasn't proposing this as a default inclusion, but as far as that goes: a
non-default option noted in the "setting up an anonymous FTP site" section
of the ftpd docs seems the most appropriate option. It's just to save
administrators of anonymous ftp sites a little headache of hidden files and
those beginning with spaces or garbage.
Lots of people will be bitten by this if they don't know about it, especially
if it applies to non-anonymous users. "Why can't I upload my file?" It
should probably test whether the user is anonymous.
If people actually would use such an ftpd option, I'll clean it up and
submit a new patch with doc changes.
Aaron
On Sat, Jan 19, 2002 at 01:02:24PM -0800, Michael Smith wrote:
>
> Use isprint() on the entire string; this will give the desired result in
> most cases. It should probably be optional (defaulting to on, since it's
> a security measure).
>
>
> > What? You don't like directories named '...w^Ha^Hr^He^Hz^H^H^H' ?
> >
> > I like it, but there are a few problems. What about underscore? And
> > will this mess up people using ftp outside the U.S.?
> >
> > -Matt
> > Matthew Dillon
> > <[EMAIL PROTECTED]>
> >
> >
> > :I got sick of (presumably) warez people probing my anonymous ftp site and
> > :dropping all kinds of hard-to-delete trash in incoming, so I patched my
> > :ftpd to only allow directories to start with alphanumerics. There's
> > :probably a better solution, but this works for me so I figure'd I'd share.
> > :
> > :Combining this with a umask that doesn't allow reading uploaded files keeps
> > :things reasonably well in hand.
> > :
> > :--Aaron
> > :
> > :
> > :Index: ftpd.c
> > :===
> > :RCS file: /usr/cvs/src/libexec/ftpd/ftpd.c,v
> > :retrieving revision 1.62.2.15
> > :diff -u -r1.62.2.15 ftpd.c
> > :--- ftpd.c 2001/12/18 18:35:55 1.62.2.15
> > :+++ ftpd.c 2002/01/19 09:47:42
> > :@@ -2216,6 +2216,12 @@
> > : {
> > :
> > : LOGCMD("mkdir", name);
> > :+
> > :+ if (!isalnum(*name)) {
> > :+ reply(521, "Bite me.");
> > :+ return;
> > :+ }
> > :+
> > : if (mkdir(name, 0777) < 0)
> > : perror_reply(550, name);
> > : else
> > :
> > :To Unsubscribe: send mail to [EMAIL PROTECTED]
> > :with "unsubscribe freebsd-hackers" in the body of the message
> > :
> >
> >
> > To Unsubscribe: send mail to [EMAIL PROTECTED]
> > with "unsubscribe freebsd-hackers" in the body of the message
>
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
Re: ftpd patch that saves me a lot of hassle
On Sat, Jan 19, 2002 at 12:46:03PM -0800, Julian Elischer wrote:
> if you make your incoming Write-only then they will hav elottle point in
> puting stuff there..
It is already write-only, but I still get lots of directory trees created
and populated with files they cannot read.
> We do this, in several places, and have a script move the incoming stuff
> elsewhere at regular intervals too.
>
> (not that I disagree with your patch but I often mode 'dot files'
> e.g. .cshrc, or even CVS "#" files
This patch only deals with directories, but I definitely see your point.
> On Sat, 19 Jan 2002, Aaron Smith wrote:
>
> > I got sick of (presumably) warez people probing my anonymous ftp site and
> > dropping all kinds of hard-to-delete trash in incoming, so I patched my
> > ftpd to only allow directories to start with alphanumerics. There's
> > probably a better solution, but this works for me so I figure'd I'd share.
> >
> > Combining this with a umask that doesn't allow reading uploaded files keeps
> > things reasonably well in hand.
> >
> > --Aaron
> >
> >
> > Index: ftpd.c
> > ===
> > RCS file: /usr/cvs/src/libexec/ftpd/ftpd.c,v
> > retrieving revision 1.62.2.15
> > diff -u -r1.62.2.15 ftpd.c
> > --- ftpd.c 2001/12/18 18:35:55 1.62.2.15
> > +++ ftpd.c 2002/01/19 09:47:42
> > @@ -2216,6 +2216,12 @@
> > {
> >
> > LOGCMD("mkdir", name);
> > +
> > + if (!isalnum(*name)) {
> > + reply(521, "Bite me.");
> > + return;
> > + }
> > +
> > if (mkdir(name, 0777) < 0)
> > perror_reply(550, name);
> > else
> >
> > To Unsubscribe: send mail to [EMAIL PROTECTED]
> > with "unsubscribe freebsd-hackers" in the body of the message
> >
>
>
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-hackers" in the body of the message
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
Re: ftpd patch that saves me a lot of hassle
>> :+if (!isalnum(*name)) {
>> :+reply(521, "Bite me.");
>> :+return;
>> :+}
>
> Use isprint() on the entire string; this will give the desired result in
> most cases. It should probably be optional (defaulting to on, since it's
> a security measure).
>
>
Actually, what would be nicely functional and general purpose would be a
pair of options, one to prevent the creation of files/directories with a
leading-dot name, the other a full isprint() filter on the whole string.
And for each option, the ability to apply that filtering to all users or
only anon users.
(So why am I kvetching instead of coding and submitting? 'cause I'm still
struggling my way up the nearly-vertical side of the cvs learning curve.)
-- Ian
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
FreeBSD 5.x
Is gcc 3.x going to be the default compiler starting from FBSD 5.x series? Is the development on current branch compiled using gcc 3.0 (or up)? Is 5.x series going to be based on a preemptible kernel? Thanks, Alp To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
can I use other floppies in the FIXIT environment ?
I am in the FIXIT environment trying to solve a problem. Unfortunately, I have to use some files on (floppy X). Is there any way for me to use (floppy X) withint the FIXIT environment ? I tried to unmount the fixit floppy, but I cannot because the device is busy, but I have no way to mount and use (floppy X) unless I dismount the fixit floppy, right ? So is this impossible, or is there a way I can use a second (third, fourth) floppy during my FIXIT operations ? (note, I have no other floppy drives, etc. so i cannot create a custom fixit disk, which is one obvious solution..) Thanks! To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: USB UHCI speed issue ?
On 16-Jan-02 Josef Karthauser wrote: > On Tue, Jan 15, 2002 at 05:50:45PM -0800, Ulf Zimmermann wrote: > >> Has this been fixed in -CURRENT ? And if so, can someone point me >> at what files I can try to get onto -STABLE to get a higher speed >> out ? I am working on an application and 64,000/sec is slow to test >> things. > > I've been doing some work in -current to sychronise our USB stack with > NetBSD's. If you can identify a set of commits in NetBSD that fixed > this problem I'll happily take a look for you. > > Joe I can confirm the problem, and point you to a message in the "current" archives (Dec 15) which contains a simple 3 or 4 line patch to uhui.c. The message, authored by Andrew Gordon, may be found at http://www.FreeBSD.org/cgi/getmsg.cgi?fetch=775757+780830+/usr/local/www/db/text/2001/freebsd-current/20011216.freebsd-curren t or, if you prefer, search the "current" archive for "uhci and driver and marker and terminate". The patch may not provide the same fix that the latest Netbsd sources provide, but it might indicate where to look. It improves transfer speed for my Nikon 990 (using 'photopc' with USB support and the 'ugen' driver), although it does not seem to do everything that could be done. The following numbers show the "before" and "after" numbers for FreeBSD (4.4, last cvsupped Oct 22) and finally for RedHat Linux 7.2 (2.4.7 something kernel). These are from a 'photopc' locally hacked up to report transfer times. = FreeBSD before patch: chevy% photopc image 1-5 . Downloading 1-5 from folder /DCIM/100NIKON image 1: 1143620 of 1143620 taken Tue Dec 25 08:47:24 2001 PST file "./IMG_1298=2001_12_25-08_47_24-003.jpg" 21.577 seconds, 51.7596 KB/sec image 2: 1176877 of 1176877 taken Tue Dec 25 08:48:46 2001 PST file "./IMG_1299=2001_12_25-08_48_46-002.jpg" 22.245 seconds, 51.6653 KB/sec image 3: 1180915 of 1180915 taken Tue Dec 25 08:48:57 2001 PST file "./IMG_1300=2001_12_25-08_48_57-002.jpg" 22.344 seconds, 51.6128 KB/sec image 4: 859381 of 859381 taken Tue Dec 25 08:49:15 2001 PST file "./IMG_1301=2001_12_25-08_49_15-002.jpg" 16.270 seconds, 51.582 KB/sec image 5: 1145191 of 1145191 taken Tue Dec 25 08:49:32 2001 PST file "./IMG_1302=2001_12_25-08_49_32-001.jpg" 21.608 seconds, 51.7563 KB/sec = *Note* that everything I've ever downloaded from the camera (since the end of July) has come down at 51.5 +/- a couple of tenths. Numbers were identical under Netbsd 1.5. = FreeBSD AFTER patch: chevy% photopc image 1-5 /tmp Downloading 1-5 from folder /DCIM/100NIKON image 1: 1143620 of 1143620 taken Tue Dec 25 08:47:24 2001 PST file "/tmp/IMG_1298=2001_12_25-08_47_24-001.jpg"4.910 seconds, 227.458 KB/sec image 2: 1176877 of 1176877 taken Tue Dec 25 08:48:46 2001 PST file "/tmp/IMG_1299=2001_12_25-08_48_46.jpg"5.048 seconds, 227.673 KB/sec image 3: 1180915 of 1180915 taken Tue Dec 25 08:48:57 2001 PST file "/tmp/IMG_1300=2001_12_25-08_48_57.jpg"5.086 seconds, 226.747 KB/sec image 4: 859381 of 859381 taken Tue Dec 25 08:49:15 2001 PST file "/tmp/IMG_1301=2001_12_25-08_49_15.jpg"3.705 seconds, 226.515 KB/sec image 5: 1145191 of 1145191 taken Tue Dec 25 08:49:32 2001 PST file "/tmp/IMG_1302=2001_12_25-08_49_32.jpg"4.986 seconds, 224.298 KB/sec = RedHat Linux 7.2 bash-2.05# photopc image 1-5 . image 1: 1143620 of 1143620 taken Tue Dec 25 08:47:24 2001 file "./IMG_1298_122501-001.jpg"4.282 seconds, 260.817 KB/sec image 2: 1176877 of 1176877 taken Tue Dec 25 08:48:46 2001 file "./IMG_1299_122501-001.jpg"4.402 seconds, 261.084 KB/sec image 3: 1180915 of 1180915 taken Tue Dec 25 08:48:57 2001 file "./IMG_1300_122501-001.jpg"4.425 seconds, 260.619 KB/sec image 4: 859381 of 859381 taken Tue Dec 25 08:49:15 2001 file "./IMG_1301_122501-001.jpg"3.255 seconds, 257.831 KB/sec image 5: 1145191 of 1145191 taken Tue Dec 25 08:49:32 2001 file "./IMG_1302_122501-001.jpg"4.281 seconds, 261.236 KB/sec bash-2.05# exit = Typical downloads under several Linuxes over the past year are 250KB.sec +/-10%. As you can see, the improvement with the patch is substantial, but there is a little room for more improvement. It would be nice to see this (or an improved) patch go in for 4.5, although it's probably a bit late for that to happen. I would be happy to test any related patches anyone might come up with. In the meantime, this patch seems unlikely to slam my CPU up against the wall, so I'll keep running it. It would be nice to see a permanent fix go in soon, though...I'd *really* hate to see ano
Re: can I use other floppies in the FIXIT environment ?
On Sat, 19 Jan 2002, Joan Schunck wrote: > > I am in the FIXIT environment trying to solve a problem. Unfortunately, I > have to use some files on (floppy X). What exactly is the problem? Paul H. http://dp.penix.org To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: FreeBSD 5.x
On Sat, 19 Jan 2002, Alp Atici wrote: > Is gcc 3.x going to be the default compiler starting from FBSD 5.x > series? Is the development on current branch compiled using gcc 3.0 (or > up)? > > Is 5.x series going to be based on a preemptible kernel? Can't answer the gcc question, but yes, John Baldwin currently has support for preemption in his SMPng development tree. Robert N M Watson FreeBSD Core Team, TrustedBSD Project [EMAIL PROTECTED] NAI Labs, Safeport Network Services To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: kernel contribution guidance
On Wed, 16 Jan 2002, K S Sreeram wrote: > My name is K.S.Sreeram, and i am very much interested in contributing to > the > freebsd kernel. I have been browsing through the kernel code, but i was > not able to follow it much, and i dont > know where to begin, Pick something and run with it. Check the PR database if you want to get your feet wet on smaller issues, then see http://www.freebsd.org/projects/ for some larger-scope things to takle. Or browse sourceforge/freshmeat and look for ports to do. Or lurk on the lists and jump on something that sounds interesting to you. Do whatever you want. :-) Doug White| FreeBSD: The Power to Serve [EMAIL PROTECTED] | www.FreeBSD.org To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: kevent() in another thread
On Thu, 17 Jan 2002, Floris 'Tamama' van Gog wrote: > I read that kevent/kqueue weren't very thread-safe. Where did you read this? kqueue/kevent are perfectly threadsafe. Now, whether kevent is useful in threads is a totally different matter Doug White| FreeBSD: The Power to Serve [EMAIL PROTECTED] | www.FreeBSD.org To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Insane performance regression?
Hi all, I have a CPU-bound (well, 'malloc-bound' ;) program which takes about 20 seconds to run on a 'fast' PC (Pentium3-1000, Athlon XP1600 etc) - the source is available as http://www.idesign.fl.net.au/malloc_pain/malloc_pain.tar.gz (NOTE: you *will* need GCC 3 (or more recent) to compile it). At any rate, I did the cvsup/buildkernel/buildworld thing this morning (I'm running 5-CURRENT on an SMP box), and now that same program takes about half an hour to run, rather than 20 seconds. Curiously, it reports about 20% system time (whereas previously there was negligible system time) Any idea what might be going on? Duraid P.S. to run it: gcc -c mt19937b-int.c g++ Graph.cpp mt19937b-int.o ./a.out Known to compile okay with GCC 3.0.3 and 3.1 To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: FreeBSD 5.x
Alp Atici wrote:
> Is gcc 3.x going to be the default compiler starting from
> FBSD 5.x series? Is the development on current branch
> compiled using gcc 3.0 (or up)?
I think that the cut over will happen after the compiler
no longer core dumps on:
main()
{
int i;
i = foo();
switch( i) {
default:
printf( "hello, stupid compiler!\n");
break;
}
}
int
foo()
{
return( 6);
}
> Is 5.x series going to be based on a preemptible kernel?
A multithreaded kernel. Do ISRs count?
-- Terry
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
