svn commit: r350345 - stable/11/contrib/tcp_wrappers
Brooks Davis
brooks at FreeBSD.org
Fri Jul 26 02:49:38 UTC 2019
Author: brooks
Date: Fri Jul 26 02:49:34 2019
New Revision: 350345
URL: https://svnweb.freebsd.org/changeset/base/350345
Log:
MFC r316803,320033,338277,350098,350100-350101
r316803:
tcp_wrappers: Sprinkle some bounds-checked string copying
Reported by: Coverity
CIDs: 1006710, 1006804
Sponsored by: Dell EMC Isilon
r320033:
TCP Wrappers: tcpdchk (tcp wrapper configuration checker) and tcpdmatch
(tcp wrapper oracle) warning fixes via edits to the C code files
contrib/tcp_wrappers/fakelog.c
Warnings for each of functions: openlog( ), vsyslog( ), VARARGS( ),
closelog( )
warning: type specifier missing, defaults to 'int' [-Wimplicit-int]
warning: control reaches end of non-void function [-Wreturn-type]
Fixes:
Explicitly added specification of function type to void for each
function, suppressing both warnings for each function listed
contrib/tcp_wrappers/inetcf.c
Warnings:
warning: incompativle redeclaration of library function 'malloc'
note: 'malloc' is a builtin with type 'void *(unsigned long)'
warning: implicit declaration of function 'check_path' is invalid in C99
[-Wimplicit-function-declaration]
Fixes:
Removed redeclaration of malloc on line 21
Included library <stdlib.h> in the code which contains the malloc( )
function in it's library
Included scaffold.h header file in the code that contains check-path( )
function
contrib/tcp_wrappers/scaffold.c
Warnings:
warning: implicitly declaring library function 'exit' with type
'void (int) __attribute__((noreturn))' [-Wimplicit-function-declaration]
note: include the header <stdlib.h> or explicitly provide a declaration
for 'exit'
Fixes:
Included <stdlib.h> in the code which contains the exit( ) function in
it's library
contrib/tcp_wrappers/tcpdchk.c
Warnings:
warning: implicit declaration of function 'getopt' is invalid
in C99 [-Wimplicit-function-declaration]
warning: implicit declaration of function 'atoi' is invalid
in C99 [-Wimplicit-function-declaration]
Fixes:
Included the specific function <getopt.h> library to the code
Included<stdlib.h> to the code which contains the atoi( ) function in
the library
contrib/tcp_wrappers/tcpdmatch.c
Warnings:
warning: implicit declaration of function 'getopt' is invalid in C99
[-Wimplicit-function-declaration]
Fixes:
Included<stdlib.h> to the code which contains the getopt( ) function in
the library
Submitted by: Aaron Prieger <aprieger at llnw.com>
Reviewed by: vangyzen
Sponsored by: Limelight Networks
Differential Revision: https://reviews.freebsd.org/D10995
r338277:
Reduce the log level of tcpd_warn calls from ERR to WARNING.
This matches the name and avoids logging of warnings to console with
default syslog.conf, esp. getting rid of:
warning: /etc/hosts.allow, line ..: can't verify hostname: \
getaddrinfo(.., AF_INET) failed
r350098:
Use ANSI C function definitions and declerations.
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
r350100:
Use headers instead of manual declerations of standard functions and
variables.
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
r350101:
Remove a duplicate global (rfc931_timeout).
It is declared here and in rfc931.c and unused here so keep that copy
and discard this one.
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Modified:
stable/11/contrib/tcp_wrappers/diag.c
stable/11/contrib/tcp_wrappers/fakelog.c
stable/11/contrib/tcp_wrappers/hosts_access.c
stable/11/contrib/tcp_wrappers/inetcf.c
stable/11/contrib/tcp_wrappers/inetcf.h
stable/11/contrib/tcp_wrappers/mystdarg.h
stable/11/contrib/tcp_wrappers/options.c
stable/11/contrib/tcp_wrappers/rfc931.c
stable/11/contrib/tcp_wrappers/scaffold.c
stable/11/contrib/tcp_wrappers/scaffold.h
stable/11/contrib/tcp_wrappers/shell_cmd.c
stable/11/contrib/tcp_wrappers/socket.c
stable/11/contrib/tcp_wrappers/tcpd.c
stable/11/contrib/tcp_wrappers/tcpdchk.c
stable/11/contrib/tcp_wrappers/tcpdmatch.c
Directory Properties:
stable/11/ (props changed)
Modified: stable/11/contrib/tcp_wrappers/diag.c
==============================================================================
--- stable/11/contrib/tcp_wrappers/diag.c Fri Jul 26 01:49:58 2019 (r350344)
+++ stable/11/contrib/tcp_wrappers/diag.c Fri Jul 26 02:49:34 2019 (r350345)
@@ -52,7 +52,7 @@ void VARARGS(tcpd_warn, char *, format)
va_list ap;
VASTART(ap, char *, format);
- tcpd_diag(LOG_ERR, "warning", format, ap);
+ tcpd_diag(LOG_WARNING, "warning", format, ap);
VAEND(ap);
}
Modified: stable/11/contrib/tcp_wrappers/fakelog.c
==============================================================================
--- stable/11/contrib/tcp_wrappers/fakelog.c Fri Jul 26 01:49:58 2019 (r350344)
+++ stable/11/contrib/tcp_wrappers/fakelog.c Fri Jul 26 02:49:34 2019 (r350345)
@@ -17,7 +17,7 @@ static char sccsid[] = "@(#) fakelog.c 1.3 94/12/28 17
/* ARGSUSED */
-openlog(name, logopt, facility)
+void openlog(name, logopt, facility)
char *name;
int logopt;
int facility;
@@ -27,7 +27,7 @@ int facility;
/* vsyslog - format one record */
-vsyslog(severity, fmt, ap)
+void vsyslog(severity, fmt, ap)
int severity;
char *fmt;
va_list ap;
@@ -43,7 +43,7 @@ va_list ap;
/* VARARGS */
-VARARGS(syslog, int, severity)
+void VARARGS(syslog, int, severity)
{
va_list ap;
char *fmt;
@@ -56,7 +56,7 @@ VARARGS(syslog, int, severity)
/* closelog - dummy */
-closelog()
+void closelog()
{
/* void */
}
Modified: stable/11/contrib/tcp_wrappers/hosts_access.c
==============================================================================
--- stable/11/contrib/tcp_wrappers/hosts_access.c Fri Jul 26 01:49:58 2019 (r350344)
+++ stable/11/contrib/tcp_wrappers/hosts_access.c Fri Jul 26 02:49:34 2019 (r350345)
@@ -87,16 +87,17 @@ int resident = (-1); /* -1, 0: unknown; +1: yes *
/* Forward declarations. */
-static int table_match();
-static int list_match();
-static int server_match();
-static int client_match();
-static int host_match();
-static int string_match();
-static int masked_match();
+static int table_match(char *table, struct request_info *request);
+static int list_match(char *list, struct request_info *request,
+ int (*match_fn)(char *, struct request_info *));
+static int server_match(char *tok, struct request_info *request);
+static int client_match(char *tok, struct request_info *request);
+static int host_match(char *tok, struct host_info *host);
+static int string_match(char *tok, char *string);
+static int masked_match(char *net_tok, char *mask_tok, char *string);
#ifdef INET6
-static int masked_match4();
-static int masked_match6();
+static int masked_match4(char *net_tok, char *mask_tok, char *string);
+static int masked_match6(char *net_tok, char *mask_tok, char *string);
#endif
/* Size of logical line buffer. */
@@ -213,10 +214,8 @@ struct request_info *request;
/* list_match - match a request against a list of patterns with exceptions */
-static int list_match(list, request, match_fn)
-char *list;
-struct request_info *request;
-int (*match_fn) ();
+static int list_match(char *list, struct request_info *request,
+ int (*match_fn)(char *, struct request_info *))
{
char *tok;
Modified: stable/11/contrib/tcp_wrappers/inetcf.c
==============================================================================
--- stable/11/contrib/tcp_wrappers/inetcf.c Fri Jul 26 01:49:58 2019 (r350344)
+++ stable/11/contrib/tcp_wrappers/inetcf.c Fri Jul 26 02:49:34 2019 (r350345)
@@ -14,14 +14,12 @@ static char sccsid[] = "@(#) inetcf.c 1.7 97/02/12 02:
#include <sys/stat.h>
#include <stdio.h>
#include <errno.h>
+#include <stdlib.h>
#include <string.h>
-extern int errno;
-extern void exit();
-extern char *malloc();
-
#include "tcpd.h"
#include "inetcf.h"
+#include "scaffold.h"
/*
* Network configuration files may live in unusual places. Here are some
@@ -38,8 +36,9 @@ char *inet_files[] = {
0,
};
-static void inet_chk();
-static char *base_name();
+static void inet_chk(char *protocol, char *path, char *arg0, char *arg1);
+static char *base_name(char *path);
+extern char *percent_m(char *obuf, char *ibuf);
/*
* Structure with everything we know about a service.
@@ -68,7 +67,6 @@ char *conf;
char *arg0;
char *arg1;
struct tcpd_context saved_context;
- char *percent_m();
int i;
struct stat st;
Modified: stable/11/contrib/tcp_wrappers/inetcf.h
==============================================================================
--- stable/11/contrib/tcp_wrappers/inetcf.h Fri Jul 26 01:49:58 2019 (r350344)
+++ stable/11/contrib/tcp_wrappers/inetcf.h Fri Jul 26 02:49:34 2019 (r350345)
@@ -4,9 +4,9 @@
* Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
*/
-extern char *inet_cfg(); /* read inetd.conf file */
-extern void inet_set(); /* remember internet service */
-extern int inet_get(); /* look up internet service */
+extern char *inet_cfg(char *conf); /* read inetd.conf file */
+extern void inet_set(char *name, int type); /* remember internet service */
+extern int inet_get(char *name); /* look up internet service */
#define WR_UNKNOWN (-1) /* service unknown */
#define WR_NOT 1 /* may not be wrapped */
Modified: stable/11/contrib/tcp_wrappers/mystdarg.h
==============================================================================
--- stable/11/contrib/tcp_wrappers/mystdarg.h Fri Jul 26 01:49:58 2019 (r350344)
+++ stable/11/contrib/tcp_wrappers/mystdarg.h Fri Jul 26 02:49:34 2019 (r350345)
@@ -16,4 +16,4 @@
#define VAEND(ap) va_end(ap);}
#endif
-extern char *percent_m();
+extern char *percent_m(char *obuf, char *ibuf);
Modified: stable/11/contrib/tcp_wrappers/options.c
==============================================================================
--- stable/11/contrib/tcp_wrappers/options.c Fri Jul 26 01:49:58 2019 (r350344)
+++ stable/11/contrib/tcp_wrappers/options.c Fri Jul 26 02:49:34 2019 (r350345)
@@ -71,8 +71,8 @@ extern jmp_buf tcpd_buf; /* tcpd_jump() support */
static char whitespace_eq[] = "= \t\r\n";
#define whitespace (whitespace_eq + 1)
-static char *get_field(); /* chew :-delimited field off string */
-static char *chop_string(); /* strip leading and trailing blanks */
+static char *get_field(char *string); /* chew :-delimited field off string */
+static char *chop_string(char *string); /* strip leading and trailing blanks */
/* List of functions that implement the options. Add yours here. */
Modified: stable/11/contrib/tcp_wrappers/rfc931.c
==============================================================================
--- stable/11/contrib/tcp_wrappers/rfc931.c Fri Jul 26 01:49:58 2019 (r350344)
+++ stable/11/contrib/tcp_wrappers/rfc931.c Fri Jul 26 02:49:34 2019 (r350345)
@@ -66,8 +66,7 @@ int protocol;
/* timeout - handle timeouts */
-static void timeout(sig)
-int sig;
+static void timeout(int sig)
{
longjmp(timebuf, sig);
}
Modified: stable/11/contrib/tcp_wrappers/scaffold.c
==============================================================================
--- stable/11/contrib/tcp_wrappers/scaffold.c Fri Jul 26 01:49:58 2019 (r350344)
+++ stable/11/contrib/tcp_wrappers/scaffold.c Fri Jul 26 02:49:34 2019 (r350345)
@@ -21,7 +21,9 @@ static char sccs_id[] = "@(#) scaffold.c 1.6 97/03/21
#include <stdio.h>
#include <syslog.h>
#include <setjmp.h>
+#include <stdlib.h>
#include <string.h>
+#include <stdlib.h>
#ifndef INADDR_NONE
#define INADDR_NONE (-1) /* XXX should be 0xffffffff */
@@ -37,7 +39,6 @@ static char sccs_id[] = "@(#) scaffold.c 1.6 97/03/21
*/
int allow_severity = SEVERITY;
int deny_severity = LOG_WARNING;
-int rfc931_timeout = RFC931_TIMEOUT;
#ifndef INET6
/* dup_hostent - create hostent in one memory block */
Modified: stable/11/contrib/tcp_wrappers/scaffold.h
==============================================================================
--- stable/11/contrib/tcp_wrappers/scaffold.h Fri Jul 26 01:49:58 2019 (r350344)
+++ stable/11/contrib/tcp_wrappers/scaffold.h Fri Jul 26 02:49:34 2019 (r350345)
@@ -7,9 +7,9 @@
*/
#ifdef INET6
-extern struct addrinfo *find_inet_addr();
+extern struct addrinfo *find_inet_addr(char *host);
#else
-extern struct hostent *find_inet_addr();
+extern struct hostent *find_inet_addr(char *host);
#endif
-extern int check_dns();
-extern int check_path();
+extern int check_dns(char *host);
+extern int check_path(char *path, struct stat *st);
Modified: stable/11/contrib/tcp_wrappers/shell_cmd.c
==============================================================================
--- stable/11/contrib/tcp_wrappers/shell_cmd.c Fri Jul 26 01:49:58 2019 (r350344)
+++ stable/11/contrib/tcp_wrappers/shell_cmd.c Fri Jul 26 02:49:34 2019 (r350345)
@@ -32,7 +32,7 @@ extern void exit();
/* Forward declarations. */
-static void do_child();
+static void do_child(char *command);
/* shell_cmd - execute shell command */
@@ -62,8 +62,7 @@ char *command;
/* do_child - exec command with { stdin, stdout, stderr } to /dev/null */
-static void do_child(command)
-char *command;
+static void do_child(char *command)
{
char *error;
int tmp_fd;
Modified: stable/11/contrib/tcp_wrappers/socket.c
==============================================================================
--- stable/11/contrib/tcp_wrappers/socket.c Fri Jul 26 01:49:58 2019 (r350344)
+++ stable/11/contrib/tcp_wrappers/socket.c Fri Jul 26 02:49:34 2019 (r350345)
@@ -42,7 +42,7 @@ extern char *inet_ntoa();
/* Forward declarations. */
-static void sock_sink();
+static void sock_sink(int);
#ifdef APPEND_DOT
@@ -406,8 +406,7 @@ struct host_info *host;
/* sock_sink - absorb unreceived IP datagram */
-static void sock_sink(fd)
-int fd;
+static void sock_sink(int fd)
{
char buf[BUFSIZ];
#ifdef INET6
Modified: stable/11/contrib/tcp_wrappers/tcpd.c
==============================================================================
--- stable/11/contrib/tcp_wrappers/tcpd.c Fri Jul 26 01:49:58 2019 (r350344)
+++ stable/11/contrib/tcp_wrappers/tcpd.c Fri Jul 26 02:49:34 2019 (r350345)
@@ -26,6 +26,7 @@ static char sccsid[] = "@(#) tcpd.c 1.10 96/02/11 17:0
#include <stdio.h>
#include <syslog.h>
#include <string.h>
+#include <unistd.h>
#ifndef MAXPATHNAMELEN
#define MAXPATHNAMELEN BUFSIZ
@@ -62,10 +63,10 @@ char **argv;
*/
if (argv[0][0] == '/') {
- strcpy(path, argv[0]);
+ strlcpy(path, argv[0], sizeof(path));
argv[0] = strrchr(argv[0], '/') + 1;
} else {
- sprintf(path, "%s/%s", REAL_DAEMON_DIR, argv[0]);
+ snprintf(path, sizeof(path), "%s/%s", REAL_DAEMON_DIR, argv[0]);
}
/*
Modified: stable/11/contrib/tcp_wrappers/tcpdchk.c
==============================================================================
--- stable/11/contrib/tcp_wrappers/tcpdchk.c Fri Jul 26 01:49:58 2019 (r350344)
+++ stable/11/contrib/tcp_wrappers/tcpdchk.c Fri Jul 26 02:49:34 2019 (r350345)
@@ -34,13 +34,10 @@ static char sccsid[] = "@(#) tcpdchk.c 1.8 97/02/12 02
#include <setjmp.h>
#include <errno.h>
#include <netdb.h>
+#include <stdlib.h>
#include <string.h>
+#include <unistd.h>
-extern int errno;
-extern void exit();
-extern int optind;
-extern char *optarg;
-
#ifndef INADDR_NONE
#define INADDR_NONE (-1) /* XXX should be 0xffffffff */
#endif
@@ -71,15 +68,15 @@ extern jmp_buf tcpd_buf;
/*
* Local stuff.
*/
-static void usage();
-static void parse_table();
-static void print_list();
-static void check_daemon_list();
-static void check_client_list();
-static void check_daemon();
-static void check_user();
-static int check_host();
-static int reserved_name();
+static void usage(void);
+static void parse_table(char *table, struct request_info *request);
+static void print_list(char *title, char *list);
+static void check_daemon_list(char *list);
+static void check_client_list(char *list);
+static void check_daemon(char *pat);
+static void check_user(char *pat);
+static int check_host(char *pat);
+static int reserved_name(char *pat);
#define PERMIT 1
#define DENY 0
@@ -183,7 +180,7 @@ char **argv;
/* usage - explain */
-static void usage()
+static void usage(void)
{
fprintf(stderr, "usage: %s [-a] [-d] [-i inet_conf] [-v]\n", myname);
fprintf(stderr, " -a: report rules with implicit \"ALLOW\" at end\n");
Modified: stable/11/contrib/tcp_wrappers/tcpdmatch.c
==============================================================================
--- stable/11/contrib/tcp_wrappers/tcpdmatch.c Fri Jul 26 01:49:58 2019 (r350344)
+++ stable/11/contrib/tcp_wrappers/tcpdmatch.c Fri Jul 26 02:49:34 2019 (r350345)
@@ -30,12 +30,10 @@ static char sccsid[] = "@(#) tcpdmatch.c 1.5 96/02/11
#include <stdio.h>
#include <syslog.h>
#include <setjmp.h>
+#include <stdlib.h>
#include <string.h>
+#include <unistd.h>
-extern void exit();
-extern int optind;
-extern char *optarg;
-
#ifndef INADDR_NONE
#define INADDR_NONE (-1) /* XXX should be 0xffffffff */
#endif
@@ -50,8 +48,8 @@ extern char *optarg;
#include "inetcf.h"
#include "scaffold.h"
-static void usage();
-static void tcpdmatch();
+static void usage(char *myname);
+static void tcpdmatch(struct request_info *request);
/* The main program */
More information about the svn-src-all
mailing list