Differential D8074

portsnap: use lam on the 'good' hash list instead of sed on the untrusted one
ClosedPublic
Actions

Authored by emaste on Sep 29 2016, 1:43 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Fri, Nov 7, 6:03 AM

	Unknown Object (File)
	Sun, Oct 19, 12:11 AM

	Unknown Object (File)
	Sat, Oct 18, 6:02 AM

	Unknown Object (File)
	Aug 24 2025, 5:38 PM

	Unknown Object (File)
	Jul 27 2025, 3:22 AM

	Unknown Object (File)
	Jun 27 2025, 4:55 PM

	Unknown Object (File)
	Jun 25 2025, 5:17 AM

	Unknown Object (File)
	Jun 18 2025, 6:48 PM

View All 64 Files

Subscribers

Details

Reviewers

allanjude
cperciva
oshogbo

Summary

This change should be equivalent to the approach committed in rS306417, but if sed has a bug it could be exploited by the untrusted tar file. Instead, convert the expected hash list to the expected tar content filesystem layout, and compare that with find's output.

Submitted by: @cperciva in D8052

Diff Detail

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

emaste updated this revision to Diff 20810.Sep 29 2016, 1:43 PM

emaste retitled this revision from to portsnap: use lam on the 'good' hash list instead of sed on the untrusted one.

emaste updated this object.

emaste edited the test plan for this revision. (Show Details)

emaste added reviewers: cperciva, allanjude.

emaste added a subscriber: cperciva.

I am capsicumizing lam(1), and will have a review soon

allanjude mentioned this in D8076: Capsicum-ize lam(1).Sep 29 2016, 3:21 PM

emaste added a reviewer: oshogbo.Oct 7 2016, 7:44 PM

oshogbo accepted this revision.Oct 7 2016, 7:52 PM

oshogbo edited edge metadata.

oshogbo added inline comments.

usr.sbin/portsnap/portsnap/portsnap.sh
694	\ - is not needed, or you should add some space like in rest file.

This revision is now accepted and ready to land.Oct 7 2016, 7:52 PM

Committed in rS306825

Revision Contents
Changeset List

Path

Size

usr.sbin/

portsnap/

portsnap/

5 lines

Diff 20810

usr.sbin/portsnap/portsnap/portsnap.sh

Loading...