Commit Graph

54 Commits

Author SHA1 Message Date
tg
667d792d6a • Address concerns of Chris Palmer from the Android security team
– possible integer overflows in memory allocation, mostly
    ‣ multiplication: all are checked now
    ‣ addition: reviewed them, most were “proven” or guessed to be
      “almost” impossible to run over (e.g. when we have a string
      whose length is taken it is assumed that the length will be
      more than only a few bytes below SIZE_MAX, since code and
      stack have to fit); some are checked now (e.g. when one of
      the summands is an off_t); most of the unchecked ones are
      annotated now
    ⇒ cost (MirBSD/i386 static): +76 .text
    ⇒ cost (Debian sid/i386): +779 .text  -4 .data
  – on Linux targets, setuid() setresuid() setresgid() can fail
    with EAGAIN; check for that and, if so, warn once and retry
    infinitely (other targets to be added later once we know that
    they are “insane”)
    ⇒ cost (Debian sid/i386): +192 .text (includes .rodata)
• setmode.c: Do overflow checking for realloc() too; switch back
  from calloc() to a checked malloc() for simplification while there
• define -DIN_MKSH and let setmode.c look a tad nicer while here
2010-09-14 21:26:19 +00:00
tg
06c6be0a70 shave off another 468 bytes: we’re 300 bytes smaller than BEFORE the
cat builtin was added now… (also removed utf-8 from source files, in
favour of just ASCII)
2010-08-28 20:22:24 +00:00
tg
3747722db4 improve string pooling: saves 316 bytes in .text 2010-08-28 18:50:58 +00:00
tg
297e2ced89 fix blocking_read prototype 2010-08-28 16:47:11 +00:00
tg
c6eedad976 *sigh* this code is interesting: assume you want to output via shf to
a string buffer whose window size is currently 32 (initial), your data
is 96 bytes, this routine used to resize the buffer to 64, append your
first 64 bytes to it (no matter if there's already something in it)
and then writes the remaining bytes to stdio fd instead of the string…
if it doesn’t SIGABRT before

discovered by wbx@ – thanks – bug inherited from pdksh 5.2.14 (AD 1999)
2010-07-19 22:41:04 +00:00
tg
a09f05e77a /me is annoyed
I read, IIRC in the Cederqvist, that 'cvs tag' sets a sticky tag onto
the cwd… it doesn’t, apparently. (I actually like it better this way,
but one needs to know!)
2009-11-28 14:28:03 +00:00
tg
883d9d99b3 switch ${%foo} to wcswidth-like behaviour – slightly problematic, and
the “set +U” case isn’t even handled

committed to branch because I’d like to get more input on this, for now
2009-11-28 14:21:47 +00:00
tg
f8a84f9b46 optimise 2009-09-20 13:33:48 +00:00
tg
3630e1f7dc only one digits instance, thank you very much 2009-09-20 13:08:12 +00:00
tg
0e1266ef90 While mksh R39 builds fine on MirOS #7s8E on my trusty sparc, pgcc 2.95.3
throws out quite some warnings – fix most of them except most emitted via
-Wconversion; work around some others; discard bogus warnings.

sync clog
2009-08-08 13:08:53 +00:00
tg
0432f97ffe more KNF, mostly whitespace, this time more manual labour applying style(9) 2009-06-10 18:12:51 +00:00
tg
6b2ad96bac some rather mechanical KNF, now that style(9) clarified on the status
of sizeof() as a function-like unary operator; use parenthesēs around
sizeof and return args consistently too
2009-06-08 20:06:50 +00:00
tg
b145ca5c9f • sync distrib/special/mksh/Makefile with bin/mksh/Build.sh and
fix the regression test’s results while here, which have been
  broken since cid 10049D9BE5254CE65B8
• get rid of separate copyright file which was intended for De-
  bian; track down commits in all files of oksh-mirbsd and mksh
  to get correct copyright years per-file, as is BSD custom
2009-05-16 16:59:42 +00:00
tg
c841d1513d of *course* I had to introduce an inverse-logic error
d'oh. the XOR check's result needs to be reversed, as it tests for validity
2009-04-07 19:25:41 +00:00
tg
31d2796169 simplify
if ((flags & (1 | 2) == 0) || (flags & (1 | 2) == (1 | 2)))
to
	if (!(flags & 1) ^ !(flags & 2))
which works because ! returns 1 or 0, making the ^ an ^^, and
because XOR survives NOTting its arguments
2009-04-07 19:08:25 +00:00
tg
32bc1dc40e sprinkle mksh_ari_t to limit arithmetics to 32 bit even
on Debian Lenny/amd64 (XXX need more verification; this
can be used for 64 bit arithmetics later too)

PPID, PGRP, RANDOM, USER_ID are now unsigned by default
2009-03-14 18:12:55 +00:00
tg
31d1499219 * back out almost all of the memory allocator related changes, as aalloc
was hard to type and hard to fix, galloc is also hard to fix, and some
  things I learned will probably improve things more but make me use the
  original form as base (especially for space savings)
* let sizeofN die though, remove even more casts
* optimise, polish
* regen Makefiles
* sprinkle a few /* CONSTCOND */ while here
2008-12-13 17:02:18 +00:00
tg
4d3fc2413e switch to a (nmemb,size) API from a (nmemb*size) API
cost: text += (308, 256, 4, -100)
2008-11-12 00:54:52 +00:00
tg
37934a07cf fix prodded by cnuke@ for AIX with IBM xlC 7.0:
fool the compiler into not doing static bounds checking when we do
one-past-the-array-boundary pointer assignments for cases where the
only accesses are like (*--pointer); bump version
2008-10-10 21:30:43 +00:00
tg
f17b8b1c8b • alloc() can’t fail, afree() can take NULL
‣ macro afreechk() is superfluous
• get rid of macro afreechv() by re-doing the “don’t leak that much” code
• some KNF (mostly, whitespace and 80c) while here
2008-05-17 18:47:03 +00:00
tg
4230cf91de thinko: multibyte characters are not always 1 column wide 2008-05-02 18:55:37 +00:00
tg
9b62cf15bf • more unsigned → unsigned int
• more int → bool
• more regression tests: check if the utf8-hack flag is really disabled
  at non-interactive startup, enabled at interactive startup, if the
  current locale is a UTF-8 one
• make the mksh-local multibyte handling functions globally accessible,
  change their names, syntax and semantics a little (XXX more work needed)
• optimise
• utf_wctomb: src → dst, as we’re writing to that char array (pasto?)
• edit.c:x_e_getmbc(): if the second byte of a 2- or 3-byte multibyte
  sequence is invalid utf-8, ungetc it (not possible for the 3rd byte yet)
• edit.c:x_zotc3(): easier (and faster) handling of UTF-8
• implement, document and test for base-1 numbers: they just get the
  ASCII (8-bit) or Unicode (UTF-8) value of the octet(s) after the ‘1#’,
  or do the same as print \x## or \u#### (depending on the utf8-hack flag),
  plus support the PUA assignment of EF80‥EFFF for the MirBSD encoding “hack”
  (print doesn’t, as it has \x## and \u#### to distinguish, but we cannot use
  base-0 numbers which I had planned to use for raw octets first, as they are
  used internally): http://thread.gmane.org/gmane.os.miros.general/7938
• as an application example, add a hexdumper to the regression tests ☺
2008-04-19 22:15:06 +00:00
tg
7ddf56dbbc • new ksh_mbswidth
• fix: when printing menus (tab expansion, for instance), honour width of
  the multibyte characters printed
• some int→bool while here
2008-04-19 17:21:55 +00:00
tg
66f433ace0 fix most of the fixable bitchings of MIPSpro compiler (complainer?) 2008-03-28 13:28:33 +00:00
tg
6976ed8bc3 get rid of u_char, u_int, u_long 2007-10-25 15:23:10 +00:00
tg
3dcf22a319 ok, icc _did_ track down a few ones, and I fixed errno abuse a little too
however, bad S/N ratio

side effect bonus: smaller code size now
2007-06-06 23:28:17 +00:00
tg
0989f7da67 Fix for Coverity CID#2: false bug, but still a problem.
Analysis:
internal_errorf(int, fmt, ...) was only a __dead function if the int argument
was non-0, which the Prevent probably was unable to follow. Change all uses of
internal_errorf(0, fmt, ...) to internal_warningf(fmt, ...); change the pro-
totype of internal_errorf() to internal_errorf(fmt, ...) and all remaining
uses remove the non-0 int argument; add __dead to internal_errorf() proto;
flesh out guts of internal_errorf() and internal_warningf() into a new local
function for optimisation purposes.

Some whitespace cleanup and dead code removal (return after internal_errorf(1))
2007-05-13 17:51:24 +00:00
tg
377dbe464a some gcc 4.1.2pre warning shutup 2007-03-10 18:16:28 +00:00
tg
83c2ee87f4 • remove strcasestr.c, use home-grown implementation¹, call it stricmp,
and have it return an API-correct const char *
• enhance and stylify comments
• a little KNF and simplifications
• #ifdef DEBUG: replace strchr and strstr with ucstrchr and ucstrstr
  that take and return a non-const char *, and fix the violations
• new cstrchr, cstrstr (take and give const char *)
• new vstrchr, vstrstr (take const or not, give boolean value)
• new afreechk(x) = afreechv(x,x) = if (x1) afree(x2, ATEMP)
• new ksh_isdash(str) = (str != NULL) && !strcmp(str, "-")
• replace the only use of strrchr with inlined code to shrink
• minor man page fixes
• Minix 3 signames are autogenerated with gcc
• rename strlfun.c to strlcpy.c since we don't do strlcat(3) anyway,
  only strlcpy(3), and shorten it
• dot.mkshrc: move MKSH=… down to the export line
  to not disturb the PS1 visual impression ☺
• dot.mkshrc: Lstripcom(): optimise
• bump version

¹) side effect from creating API-correct cstrchr, cstrstr, etc.
   uses goto so it must be better ☻

tested on mirbsd-current via both Makefile and Build.sh
2007-03-04 03:04:28 +00:00
tg
c480656076 shrink .data a little 2007-01-15 02:48:28 +00:00
tg
b7978f3bb9 fold POP_INT into code
XXX untested, may break things or have side effects
XXX not optimised and ugly as hell, can't we do it better?
XXX do I understand it entirely?

tested on sun4u -m64 only
2007-01-15 00:37:42 +00:00
tg
87f681b488 * revert some of the const-warning cleanup which must be done
with different means (reads, tricky magical kludgery)
  YES, THIS BREAKS -rHEAD, I KNOW.
* while here, fix spelling
2007-01-12 10:18:22 +00:00
tg
56ffbf7e70 hand-sorted ctypes/chtypes upgrade; use table-driven where they make
sense and preprocessored otherwise; unify the logic
saves 144t 1i and lots of cpp(1) time, as well as improves readability
2006-11-10 07:52:04 +00:00
tg
c43e701025 optional (#ifdef MKSH_SMALL) saving of 364 more bytes of .text
intended e.g. for FreeWRT
2006-11-09 21:00:13 +00:00
tg
7771520c05 rid junk 2006-08-02 12:50:20 +00:00
tg
7672b9b346 apply some fixes from OpenBSD and don't apply some others
but sync RCS IDs for easier future adaption:
* Simplify savefd() by removing the "noclose" flag and make noclose
  behavior the default. Almost all uses of savefd() are followed
  by an implicit or explicit close.
* fix typos
* might as well make ksh_getopt() match real getopt(), ie. get rid of that
  stupid EOF concept that was never true. adobriyan@gmail
* use SEEK_* for lseek()
* fix lint comments, no functional changes
* remove excessive optimization; from adobriyan@gmail
* only santa checks things twice; from adobriyan@gmail
* Interpret zero-filled numbers as decimal; PR 4213; from Alexey Dobriyan
2006-05-10 18:54:13 +00:00
tg
94ee3b388a sync with OpenBSD: remove unused code and vars; name clash with libc
compiles under MirBSD
2006-01-29 20:04:54 +00:00
tg
95cfad6339 * only have one $MirOS RCS ID per file to shrink source size
(this is an exception from normal use)
* bump to R26
2005-11-22 18:40:44 +00:00
tg
9b97d72d5e * move _all_ #include stuff into sh.h
* sort out #include stuff which isn't necessary on MirOS into compat.h
2005-10-25 19:53:29 +00:00
tg
cd7b8bd79b Add mirbsdksh R21, which was developed in a temporary external CVS repo-
sitory whose ChangeLog follows. mksh R21 is licenced under the MirOS li-
cence, shown in "sh.h", and a two-clause UCB-style licence by Marc Espie
as shown in "alloc.c".

This executable is a fair bit smaller and shorter than our /bin/ksh that
it is designed to eventually replace (as /bin/sh hardlink), with the old
/bin/ksh to completely vanish. It is still in beta testing though, and I
don't think it will compile on other operating systems.

mksh R21 is a completely new port, bringing together the OpenBSD-current
/bin/ksh, the MirOS-current /bin/ksh and the older mksh R20 (which still
was portable, ocvs-based).
2005-05-23 03:06:10 +00:00
tg
d8d708aa45 * un-hook bin/ksh, usr.bin/xmlwf and lib/libexpat from the build
- expat as discussed with bsiegert@ today on the phone
  - ksh as announced earlier on the lists
* un-hook lib/libexpat from make includes
* remove /usr/include/{,open}ssl upgrade workaround from includes/Makefile
* nuke old bin/ksh
* nuke libexpat and xmlwf
2005-10-21 11:33:15 +00:00
tg
a90702a5a1 Initial revision 2005-03-06 15:42:55 +00:00
tg
130367d617 further cleanup 2004-12-31 19:37:03 +00:00
tg
1a183984c4 Replace fd_clexec() with calls to fcntl(fd, F_SETFD, FD_CLOEXEC)
From: Todd C. Miller <millert@cvs.openbsd.org>
2004-12-31 17:42:45 +00:00
tg
d5ff21ea1d (anything *)0 -> NULL 2004-12-18 19:22:30 +00:00
tg
c34add61ff un-OS/2 (sorry)
no binary change
2004-12-13 19:05:09 +00:00
tg
97d9512149 bump to mksh R19 2004-12-10 18:12:32 +00:00
tg
7920708324 Initial revision 2004-12-10 18:12:29 +00:00
tg
b2de14e57c run GNU protoize
protect header files
nuke some dead code
regenerate configure script
let silly code die
2004-10-28 11:53:44 +00:00
tg
75e25d6e50 de-register, de-inline, de-__P 2004-10-28 11:11:19 +00:00