Page MenuHomeFreeBSD
Differential D8074

portsnap: use lam on the 'good' hash list instead of sed on the untrusted one
ClosedPublic
Actions

Authored by emaste on Sep 29 2016, 1:43 PM.
Tags
None
Referenced Files
F115155773: D8074.id.diff
Mon, Apr 21, 12:06 AM
Unknown Object (File)
Sat, Apr 19, 2:41 AM
Unknown Object (File)
Fri, Apr 18, 8:04 PM
Unknown Object (File)
Fri, Apr 18, 4:50 PM
Unknown Object (File)
Mon, Apr 14, 6:15 AM
Unknown Object (File)
Mon, Apr 14, 3:15 AM
Unknown Object (File)
Mon, Apr 14, 2:26 AM
Unknown Object (File)
Mar 7 2025, 4:47 AM
View All 52 Files
Subscribers
cperciva

Details

Reviewers
allanjude
cperciva
oshogbo
Summary

This change should be equivalent to the approach committed in rS306417, but if sed has a bug it could be exploited by the untrusted tar file. Instead, convert the expected hash list to the expected tar content filesystem layout, and compare that with find's output.

Submitted by: @cperciva in D8052

Diff Detail

Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

emaste updated this revision to Diff 20810.Sep 29 2016, 1:43 PM
emaste retitled this revision from to portsnap: use lam on the 'good' hash list instead of sed on the untrusted one.
emaste updated this object.
emaste edited the test plan for this revision. (Show Details)
emaste added reviewers: cperciva, allanjude.
emaste added a subscriber: cperciva.
allanjude edited edge metadata.Sep 29 2016, 2:40 PM

I am capsicumizing lam(1), and will have a review soon

allanjude mentioned this in D8076: Capsicum-ize lam(1).Sep 29 2016, 3:21 PM
emaste added a reviewer: oshogbo.Oct 7 2016, 7:44 PM
oshogbo accepted this revision.Oct 7 2016, 7:52 PM
oshogbo edited edge metadata.
oshogbo added inline comments.
usr.sbin/portsnap/portsnap/portsnap.sh
694

\ - is not needed, or you should add some space like in rest file.

This revision is now accepted and ready to land.Oct 7 2016, 7:52 PM
emaste closed this revision.Oct 7 2016, 8:04 PM

Committed in rS306825

Revision Contents
Changeset List

PathSize
usr.sbin/
portsnap/
portsnap/
5 lines

Diff 20810

View Options

usr.sbin/portsnap/portsnap/portsnap.sh

Show First 20 LinesShow All 68 Lines▼ Show 20 Lineshelp_getnext(int fd, char **topic, char **subtopic, char **desc)
*topic = *subtopic = *desc = NULL; *topic = *subtopic = *desc = NULL;
for (;;) { for (;;) {
if (fgetstr(line, 80, fd) < 0) if (fgetstr(line, 80, fd) < 0)
return(0); return(0);
if ((strlen(line) < 3) || (line[0] != '#') || (line[1] != ' ')) if ((strlen(line) < 3) || (line[0] != '#') || (line[1] != ' '))
continue; continue;
*topic = *subtopic = *desc = NULL;
cp = line + 2; cp = line + 2;
while((cp != NULL) && (*cp != 0)) { while((cp != NULL) && (*cp != 0)) {
ep = strchr(cp, ' '); ep = strchr(cp, ' ');
if ((*cp == 'T') && (*topic == NULL)) { if ((*cp == 'T') && (*topic == NULL)) {
if (ep != NULL) if (ep != NULL)
*ep++ = 0; *ep++ = 0;
*topic = strdup(cp + 1); *topic = strdup(cp + 1);
} else if ((*cp == 'S') && (*subtopic == NULL)) { } else if ((*cp == 'S') && (*subtopic == NULL)) {
if (ep != NULL) if (ep != NULL)
*ep++ = 0; *ep++ = 0;
*subtopic = strdup(cp + 1); *subtopic = strdup(cp + 1);
} else if (*cp == 'D') { } else if (*cp == 'D') {
*desc = strdup(cp + 1); *desc = strdup(cp + 1);
ep = NULL; ep = NULL;
} }
cp = ep; cp = ep;
} }
if (*topic == NULL) { if (*topic == NULL) {
free(*subtopic); free(*subtopic);
free(*desc); free(*desc);
*subtopic = *desc = NULL;
continue; continue;
} }
return(1); return(1);
} }
} }
static int static int
help_emitsummary(char *topic, char *subtopic, char *desc) help_emitsummary(char *topic, char *subtopic, char *desc)
▲ Show 20 LinesShow All 407 LinesShow Last 20 Lines