Commit 397f0cd9 authored by Sören Tempel's avatar Sören Tempel

main/busybox: upgrade to 1.30.0

Notable changes:

* The sysklogd -Z option has been removed in favor of -t option
  which has been added by upstream.
* Our own nologin.c applet has been replaced by an upstream
  nologin shell applet.
* New bc applet.

OK ncopa@

Fixes #9279
Fixes #7818
parent ba2aa302
From 79fb6ac7a5acc4178b66314c573aeada1d387ed9 Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Fri, 13 Jul 2018 20:30:02 +0200
Subject: [PATCH] cp: optional --reflink support
function old new delta
cp_main 428 512 +84
copy_file 1676 1742 +66
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
---
coreutils/cp.c | 24 ++++++++++++++++++++++++
include/libbb.h | 3 +++
libbb/copy_file.c | 19 +++++++++++++++++++
3 files changed, 46 insertions(+)
diff --git a/coreutils/cp.c b/coreutils/cp.c
index 455bffbba..b623aaf33 100644
--- a/coreutils/cp.c
+++ b/coreutils/cp.c
@@ -24,6 +24,11 @@
//config: help
//config: Enable long options.
//config: Also add support for --parents option.
+//config:
+//config:config FEATURE_CP_REFLINK
+//config: bool "Enable --reflink[=auto]
+//config: default y
+//config: depends on FEATURE_CP_LONG_OPTIONS
//applet:IF_CP(APPLET_NOEXEC(cp, cp, BB_DIR_BIN, BB_SUID_DROP, cp))
/* NOEXEC despite cases when it can be a "runner" (cp -r LARGE_DIR NEW_DIR) */
@@ -72,10 +77,14 @@ int cp_main(int argc, char **argv)
#if ENABLE_FEATURE_CP_LONG_OPTIONS
/*OPT_rmdest = FILEUTILS_RMDEST = 1 << FILEUTILS_CP_OPTNUM */
OPT_parents = 1 << (FILEUTILS_CP_OPTNUM+1),
+ OPT_reflink = 1 << (FILEUTILS_CP_OPTNUM+2),
#endif
};
#if ENABLE_FEATURE_CP_LONG_OPTIONS
+# if ENABLE_FEATURE_CP_REFLINK
+ char *reflink = NULL;
+# endif
flags = getopt32long(argv, "^"
FILEUTILS_CP_OPTSTR
"\0"
@@ -99,7 +108,22 @@ int cp_main(int argc, char **argv)
"update\0" No_argument "u"
"remove-destination\0" No_argument "\xff"
"parents\0" No_argument "\xfe"
+# if ENABLE_FEATURE_CP_REFLINK
+ "reflink\0" Optional_argument "\xfd"
+ , &reflink
+# endif
);
+# if ENABLE_FEATURE_CP_REFLINK
+ BUILD_BUG_ON(OPT_reflink != FILEUTILS_REFLINK);
+ if (flags & FILEUTILS_REFLINK) {
+ if (!reflink)
+ flags |= FILEUTILS_REFLINK_ALWAYS;
+ else if (strcmp(reflink, "always") == 0)
+ flags |= FILEUTILS_REFLINK_ALWAYS;
+ else if (strcmp(reflink, "auto") != 0)
+ bb_show_usage();
+ }
+# endif
#else
flags = getopt32(argv, "^"
FILEUTILS_CP_OPTSTR
diff --git a/include/libbb.h b/include/libbb.h
index d4ba031df..94caba2bb 100644
--- a/include/libbb.h
+++ b/include/libbb.h
@@ -410,6 +410,9 @@ enum { /* cp.c, mv.c, install.c depend on these values. CAREFUL when changing th
FILEUTILS_PRESERVE_SECURITY_CONTEXT = 1 << 15, /* -c */
#endif
FILEUTILS_RMDEST = 1 << (16 - !ENABLE_SELINUX), /* --remove-destination */
+ /* bit 17 skipped for "cp --parents" */
+ FILEUTILS_REFLINK = 1 << (18 - !ENABLE_SELINUX), /* cp --reflink=auto */
+ FILEUTILS_REFLINK_ALWAYS = 1 << (19 - !ENABLE_SELINUX), /* cp --reflink[=always] */
/*
* Hole. cp may have some bits set here,
* they should not affect remove_file()/copy_file()
diff --git a/libbb/copy_file.c b/libbb/copy_file.c
index 1b8befd65..98bd4fe72 100644
--- a/libbb/copy_file.c
+++ b/libbb/copy_file.c
@@ -339,9 +339,28 @@ int FAST_FUNC copy_file(const char *source, const char *dest, int flags)
freecon(con);
}
}
+#endif
+#if ENABLE_FEATURE_CP_REFLINK
+# undef BTRFS_IOCTL_MAGIC
+# define BTRFS_IOCTL_MAGIC 0x94
+# undef BTRFS_IOC_CLONE
+# define BTRFS_IOC_CLONE _IOW (BTRFS_IOCTL_MAGIC, 9, int)
+ if (flags & FILEUTILS_REFLINK) {
+ retval = ioctl(dst_fd, BTRFS_IOC_CLONE, src_fd);
+ if (retval == 0)
+ goto do_close;
+ /* reflink did not work */
+ if (flags & FILEUTILS_REFLINK_ALWAYS) {
+ bb_perror_msg("failed to clone '%s' from '%s'", dest, source);
+ goto do_close;
+ }
+ /* fall through to standard copy */
+ retval = 0;
+ }
#endif
if (bb_copyfd_eof(src_fd, dst_fd) == -1)
retval = -1;
+ IF_FEATURE_CP_REFLINK(do_close:)
/* Careful with writing... */
if (close(dst_fd) < 0) {
bb_perror_msg("error writing to '%s'", dest);
--
2.20.1
From fa5c4b2e60a98944863097b448960d0744916b1f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=B6ren=20Tempel?= <soeren+git@soeren-tempel.net>
Date: Wed, 13 Feb 2019 22:32:44 +0100
Subject: [PATCH] nologin: Install applet to /sbin instead of /usr/sbin
This is required to retain compatibility with our old custom nologin
applet written in C which was also installed to /sbin.
Compatibility with the old path is required because login shell paths
are hardcoded in /etc/passwd.
---
util-linux/nologin.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/util-linux/nologin.c b/util-linux/nologin.c
index 5e5e42305..b03470ac6 100644
--- a/util-linux/nologin.c
+++ b/util-linux/nologin.c
@@ -19,7 +19,7 @@
//config: If you know these will be available externally you can
//config: disable this option.
-//applet:IF_NOLOGIN(APPLET_SCRIPTED(nologin, scripted, BB_DIR_USR_SBIN, BB_SUID_DROP, nologin))
+//applet:IF_NOLOGIN(APPLET_SCRIPTED(nologin, scripted, BB_DIR_SBIN, BB_SUID_DROP, nologin))
//usage:#define nologin_trivial_usage
//usage: ""
From a89f8ef7ddb7506636b535daaf4fb4cfc2f7f6af Mon Sep 17 00:00:00 2001
From 4fcea48c7a0c6b63a316764932f7ba4854e444f9 Mon Sep 17 00:00:00 2001
From: Natanael Copa <ncopa@alpinelinux.org>
Date: Wed, 30 May 2018 09:52:20 +0000
Subject: [PATCH] properly fix wget https support
See: https://git.alpinelinux.org/cgit/aports/commit/?id=1d0560a9b6b5597b191e5aff69a31c2fe0aba273
---
networking/wget.c | 19 ++++++++++++-------
1 file changed, 12 insertions(+), 7 deletions(-)
networking/wget.c | 21 ++++++++++++---------
1 file changed, 12 insertions(+), 9 deletions(-)
diff --git a/networking/wget.c b/networking/wget.c
index 33c93bad3..e296d241a 100644
index 30683dfc0..1ad4e1769 100644
--- a/networking/wget.c
+++ b/networking/wget.c
@@ -51,7 +51,6 @@
......@@ -20,18 +20,20 @@ index 33c93bad3..e296d241a 100644
//config: help
//config: wget will use internal TLS code to connect to https:// URLs.
//config: Note:
@@ -716,8 +715,8 @@ static void spawn_ssl_client(const char *host, int network_fd, int flags)
@@ -717,10 +716,8 @@ static void spawn_ssl_client(const char *host, int network_fd, int flags)
int pid;
char *servername, *p;
- if (!(option_mask32 & WGET_OPT_NO_CHECK_CERT))
- if (!(option_mask32 & WGET_OPT_NO_CHECK_CERT)) {
- option_mask32 |= WGET_OPT_NO_CHECK_CERT;
- bb_error_msg("note: TLS certificate validation not implemented");
- }
+ if (ENABLE_SSL_CLIENT && !(option_mask32 & WGET_OPT_NO_CHECK_CERT))
+ bb_error_msg_and_die("note: TLS certificate validation not implemented");
servername = xstrdup(host);
p = strrchr(servername, ':');
@@ -734,14 +733,14 @@ static void spawn_ssl_client(const char *host, int network_fd, int flags)
@@ -737,14 +734,14 @@ static void spawn_ssl_client(const char *host, int network_fd, int flags)
close(sp[0]);
xmove_fd(sp[1], 0);
xdup2(0, 1);
......@@ -48,7 +50,7 @@ index 33c93bad3..e296d241a 100644
xmove_fd(network_fd, 3);
argv[0] = (char*)"ssl_client";
@@ -749,8 +748,14 @@ static void spawn_ssl_client(const char *host, int network_fd, int flags)
@@ -752,8 +749,14 @@ static void spawn_ssl_client(const char *host, int network_fd, int flags)
//TODO: if (!is_ip_address(servername))...
argv[2] = (char*)"-n";
argv[3] = servername;
......
From 7282c6ce8ec6cc3e817ed948d8ce2d0df2a08e5b Mon Sep 17 00:00:00 2001
From: Shiz <hi@shiz.me>
Date: Mon, 8 May 2017 23:09:13 +0200
Subject: [PATCH] sysklogd: add -Z option to adjust message timezones
Some syslog() implementations like musl's[1] always send timestamps in UTC.
This change adds a new option to syslogd, -Z, to assume incoming timestamps
are always UTC and adjust them to the local timezone (of the syslogd) before
logging.
[1]: http://www.openwall.com/lists/musl/2014/01/29/1
Signed-off-by: Shiz <hi@shiz.me>
---
sysklogd/syslogd.c | 23 +++++++++++++++++++----
1 file changed, 19 insertions(+), 4 deletions(-)
diff --git a/sysklogd/syslogd.c b/sysklogd/syslogd.c
index 4265f4f90..eca955891 100644
--- a/sysklogd/syslogd.c
+++ b/sysklogd/syslogd.c
@@ -122,6 +122,7 @@
//usage: "(this version of syslogd ignores /etc/syslog.conf)\n"
//usage: )
//usage: "\n -n Run in foreground"
+//usage: "\n -Z Adjust incoming UTC times to local time"
//usage: IF_FEATURE_REMOTE_LOG(
//usage: "\n -R HOST[:PORT] Log to HOST:PORT (default PORT:514)"
//usage: "\n -L Log locally and via network (default is network only if -R)"
@@ -233,6 +234,8 @@ typedef struct logRule_t {
/*int markInterval;*/ \
/* level of messages to be logged */ \
int logLevel; \
+ /* whether to adjust message timezone */\
+ int adjustTimezone; \
IF_FEATURE_ROTATE_LOGFILE( \
/* max size of file before rotation */ \
unsigned logFileSize; \
@@ -316,6 +319,7 @@ enum {
OPTBIT_outfile, // -O
OPTBIT_loglevel, // -l
OPTBIT_small, // -S
+ OPTBIT_adjusttz, // -Z
IF_FEATURE_ROTATE_LOGFILE(OPTBIT_filesize ,) // -s
IF_FEATURE_ROTATE_LOGFILE(OPTBIT_rotatecnt ,) // -b
IF_FEATURE_REMOTE_LOG( OPTBIT_remotelog ,) // -R
@@ -330,6 +334,7 @@ enum {
OPT_outfile = 1 << OPTBIT_outfile ,
OPT_loglevel = 1 << OPTBIT_loglevel,
OPT_small = 1 << OPTBIT_small ,
+ OPT_adjusttz = 1 << OPTBIT_adjusttz,
OPT_filesize = IF_FEATURE_ROTATE_LOGFILE((1 << OPTBIT_filesize )) + 0,
OPT_rotatecnt = IF_FEATURE_ROTATE_LOGFILE((1 << OPTBIT_rotatecnt )) + 0,
OPT_remotelog = IF_FEATURE_REMOTE_LOG( (1 << OPTBIT_remotelog )) + 0,
@@ -339,7 +344,7 @@ enum {
OPT_cfg = IF_FEATURE_SYSLOGD_CFG( (1 << OPTBIT_cfg )) + 0,
OPT_kmsg = IF_FEATURE_KMSG_SYSLOG( (1 << OPTBIT_kmsg )) + 0,
};
-#define OPTION_STR "m:nO:l:S" \
+#define OPTION_STR "m:nO:l:SZ" \
IF_FEATURE_ROTATE_LOGFILE("s:" ) \
IF_FEATURE_ROTATE_LOGFILE("b:" ) \
IF_FEATURE_REMOTE_LOG( "R:*") \
@@ -815,17 +820,23 @@ static void timestamp_and_log(int pri, char *msg, int len)
{
char *timestamp;
time_t now;
+ struct tm nowtm = { .tm_isdst = 0 };
/* Jan 18 00:11:22 msg... */
/* 01234567890123456 */
if (len < 16 || msg[3] != ' ' || msg[6] != ' '
|| msg[9] != ':' || msg[12] != ':' || msg[15] != ' '
) {
- time(&now);
+ now = time(NULL);
timestamp = ctime(&now) + 4; /* skip day of week */
} else {
- now = 0;
- timestamp = msg;
+ if (G.adjustTimezone && strptime(msg, "%b %e %T", &nowtm)) {
+ now = mktime(&nowtm) - timezone;
+ timestamp = ctime(&now) + 4; /* skip day of week */
+ } else {
+ now = 0;
+ timestamp = msg;
+ }
msg += 16;
}
timestamp[15] = '\0';
@@ -1129,6 +1140,10 @@ int syslogd_main(int argc UNUSED_PARAM, char **argv)
if (opts & OPT_loglevel) // -l
G.logLevel = xatou_range(opt_l, 1, 8);
//if (opts & OPT_small) // -S
+ if (opts & OPT_adjusttz) { // -Z
+ G.adjustTimezone = 1;
+ tzset();
+ }
#if ENABLE_FEATURE_ROTATE_LOGFILE
if (opts & OPT_filesize) // -s
G.logFileSize = xatou_range(opt_s, 0, INT_MAX/1024) * 1024;
......@@ -2,8 +2,8 @@
# Contributor: Oliver Smith <ollieparanoid@bitmessage.ch>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=busybox
pkgver=1.29.3
pkgrel=12
pkgver=1.30.0
pkgrel=0
pkgdesc="Size optimized toolbox of many common UNIX utilities"
url=http://busybox.net
arch="all"
......@@ -19,6 +19,9 @@ subpackages="$pkgname-static $pkgname-suid $pkgname-extras ssl_client"
options="suid !check"
triggers="busybox.trigger=/bin:/usr/bin:/sbin:/usr/sbin:/lib/modules/*"
source="https://busybox.net/downloads/$pkgname-$pkgver.tar.bz2
0001-nologin-Install-applet-to-sbin-instead-of-usr-sbin.patch
0001-adduser-default-to-sbin-nologin-as-shell-for-system-.patch
0001-adduser-prevent-creation-from-invalid-entry-without-.patch
0001-properly-fix-wget-https-support.patch
0002-fsck-resolve-LABEL-.-UUID-.-spec-to-device.patch
0003-ash-exec-busybox.static.patch
......@@ -29,23 +32,16 @@ source="https://busybox.net/downloads/$pkgname-$pkgver.tar.bz2
0008-fbsplash-support-image-and-bar-alignment-and-positio.patch
0009-depmod-support-generating-kmod-binary-index-files.patch
0010-Add-flag-for-not-following-symlinks-when-recursing.patch
0011-sysklogd-add-Z-option-to-adjust-message-timezones.patch
0012-udhcpc-Don-t-background-if-n-is-given.patch
0013-testsuite-fix-cpio-tests.patch
0014-miscutils-microcom-Fixed-segfault.patch
0015-ip-print-dadfailed-flag.patch
0001-cp-optional-reflink-support.patch
0001-adduser-prevent-creation-from-invalid-entry-without-.patch
0001-adduser-default-to-sbin-nologin-as-shell-for-system-.patch
CVE-2018-20679.patch
CVE-2019-5747.patch
acpid.logrotate
busyboxconfig
busyboxconfig-extras
bbsuid.c
dad.if-up
nologin.c
ssl_client.c
"
......@@ -71,7 +67,6 @@ prepare() {
cd "$builddir"
mkdir -p "$_staticdir" "$_dyndir" "$_dyndir_extras"
cp "$srcdir"/nologin.c loginutils/
}
build() {
......@@ -87,6 +82,7 @@ build() {
# build dynamic
cd "$_dyndir"
msg "Building dynamic busybox"
echo "COPIED CONFIG to $(pwd)/.config"
cp "$_config" .config
[ "$CLIBC" = musl ] && sed -i \
-e "s/CONFIG_EXTRA_COMPAT=y/CONFIG_EXTRA_COMPAT=n/" \
......@@ -202,8 +198,12 @@ ssl_client() {
"$subpkgdir"/usr/bin/ssl_client
}
sha512sums="bf90e24b4564071e0ac2785e2ee4ec4ea0e229a1ff330bb38befe7a27c5a529e7b0657354ce731473814325a27a0c181ab922e0a0a89d5023ba08a6d80472297 busybox-1.29.3.tar.bz2
d09a5cca79b33a7ae05b2c52ba11028ef104aa8a2378c31ef1fa50c45d8e32c397906d4349d48fcbdf65f328b4875efde811704540bdc4c6981895921ef0e445 0001-properly-fix-wget-https-support.patch
sha512sums="c494278f6655cb855e8bd3a316d77b879cf6ee70fa5b0408705391b1108f298d45ab4c2921d939c17122f50c4a9d7b5c77e57bacf5e6c7ac4dc4f78c1bd70a79 busybox-1.30.0.tar.bz2
ead3403578c071c2216de17ab0543984c1f1509c12c062f03af49141547c3ea21356f3e8f0f0695550f05a41a1379dd73fc3cc18dcd78addbb411f247351e353 0001-nologin-Install-applet-to-sbin-instead-of-usr-sbin.patch
a2787a3ecaf6746dadef62166e8ee6ecaa166147e5ad8b917c5838536057c875bab5f9cf40c3e05eba74d575484ac662929ac3799d58432d3a99ac46f364f302 0001-adduser-default-to-sbin-nologin-as-shell-for-system-.patch
06a341de7b34bbe5d7981366772c2ce46599af3e9640d114aa28f7ba4936489fc00c58d4b09c546409e383ef70ca51da179223a9ef53ed51f3575e652506e08e 0001-adduser-prevent-creation-from-invalid-entry-without-.patch
78f4c602e518b01d600824cea246992e58961f2a65737741b1a2283c96900f11504b791423f2482eec79090a9f612b2088c66f6c9f22153daca08b7fe534cca5 0001-properly-fix-wget-https-support.patch
d8694293edc8cd55cecafeb902f03c01af318e13966f399365cf792b840793891ac086bb67ef83e7a5a2e01b246497a6c6511cb6a856834f6672dee4bca76896 0002-fsck-resolve-LABEL-.-UUID-.-spec-to-device.patch
8c34dd5ce9a6e84279fa6494cbae0b254778976f341af1d0ccc2a3afb405fb22d374e9623ea83d1500da77c7463db2ed5218d2c9f49350a21114bd0bb17fd87d 0003-ash-exec-busybox.static.patch
e4be12a1453a306a58c4ea59cd8a0bf1f261514ae090ea962ac6f7609dc1e9dab0d4d8d351d7adf4f76bf52d37db9ad0102116635e437945c131f762d5750d19 0004-app-location-for-cpio-vi-and-lspci.patch
......@@ -213,20 +213,13 @@ f96d66ce5a0295a2459a2c49c281b64e016de675ebd31a49af18cb06f3498fe27dfbc8667324b439
2c56906dac70dea6276e4c573707cb06c4c8b53defcd33b1e5a28f928e7dafe905a52ce40571de430e4af7e00a75ecc0f249d2fec02da5f3d9edd4e904919a35 0008-fbsplash-support-image-and-bar-alignment-and-positio.patch
907aef47c88f60e93bcd290eb43102721978ab6fc6eca52914172801ace7306ae8b11f38ed8b086452bbf46d75424740161e4f1e7840a485f0f78024455f902b 0009-depmod-support-generating-kmod-binary-index-files.patch
3b13ba6bd9b697e48864cb5376849c1ac95b30650e3e27605cc05edf4fdc1ecbb4c4503d4fe9012a581bcd660f6bb44d644575cf437d30423614cb83ee92c22c 0010-Add-flag-for-not-following-symlinks-when-recursing.patch
60863a5eca8b88189ee93822fb3f9d45dd5ff43022e64b8ec5394c129c0cfe9999075c3e9f187dff76aea280726e02e5329dd48e9eb21954b118aa454a5da331 0011-sysklogd-add-Z-option-to-adjust-message-timezones.patch
025ad19f4e0cd299f11eba4a0c852c166fc91787756838f9c755405dad924fd1fe3c08067b938e14f9d8c609881d2ce5915152810e855eaa5ca510a76650069e 0012-udhcpc-Don-t-background-if-n-is-given.patch
d8926f0e4ed7d2fe5af89ff2a944d781b45b109c9edf1ef2591e7bce2a8bbadd7c8ca814cb3c928ae09027d9603434fe70496f308d701f3d42260ebd1e9e9b29 0013-testsuite-fix-cpio-tests.patch
8cb91903f2be3620b5500a4e8f4190537c93601282510b82303c3b516141b36ab872aeff5a7f5ae00f270439abab862ceabda531bdf180643da165b2f3b35d9f 0014-miscutils-microcom-Fixed-segfault.patch
2fdf01e4bb26a3b6fd7ff73649f15eff599d38db1bc61a699576ec9caae2fb37c49d689baca8b1a3a7b2999fbe04751da897518c2fb42d6f21756b468aa7599d 0015-ip-print-dadfailed-flag.patch
c26e846dc4576a94c376132644ea26755f8cc531fa03b975f2f7e874e2fcbaaca3804ba46849c29b69061b1f411aebedef451418063ec457f88636198dae3be9 0001-cp-optional-reflink-support.patch
06a341de7b34bbe5d7981366772c2ce46599af3e9640d114aa28f7ba4936489fc00c58d4b09c546409e383ef70ca51da179223a9ef53ed51f3575e652506e08e 0001-adduser-prevent-creation-from-invalid-entry-without-.patch
a2787a3ecaf6746dadef62166e8ee6ecaa166147e5ad8b917c5838536057c875bab5f9cf40c3e05eba74d575484ac662929ac3799d58432d3a99ac46f364f302 0001-adduser-default-to-sbin-nologin-as-shell-for-system-.patch
7d94fbd6e25a3d7bbe150fba4edbd18cc29922d5769b63de10d8f1cd65522e5b2a880a275e0970d6180b7519c376c70775d8f88c308ab197e71be1c974c60aea CVE-2018-20679.patch
6952770be92a980174691ac65fda778eaafd23bf8da63ad62149f2cb0f289bef216bb512ae5e013328b3bd5289a351124d22dd819b1e3116cc2244b435eb7287 CVE-2019-5747.patch
aa93095e20de88730f526c6f463cef711b290b9582cdbd8c1ba2bd290019150cbeaa7007c2e15f0362d5b9315dd63f60511878f0ea05e893f4fdfb4a54af3fb1 acpid.logrotate
924ff0dac14b4f7213618bd1503ae1b251fea9c3ce11dd87a6ad23ac4fca9b3f765afefdc50f39613579f56b200547320977ec815f87f2c69e20b5aeb484116c busyboxconfig
74ab7aa1bad3d572869aa5dffae1e3c87d0d24159db5dc8b5521fc652dd32f904d973abd6adf43f21624d53b0844cd66ba93f02f962133a9c432f2ac7bfb42b3 busyboxconfig-extras
fc1f4e44e3f7874a8036d48e039c45e08761007a0f4f9b6f242b63f57b641b7609f47cffc620e08ab6384885a0bec822f840e79567c304dc1944124f27a9f4ad busyboxconfig
c6f0fc8e6f5a166309d8548bd1a7e11a2bc71b67c1222567485329602b55fbd4e12b627fa092fff3c269ebc01f20eb55ae7fca12f7c655afe0e563af4fd2c873 busyboxconfig-extras
0becc2186d6c32fb0c401cf7bc0e46268b38ce8892db33be1daf40273024c1c02d518283f44086a313a2ccef34230a1d945ec148cc173f26e6aa9d88a7426e54 bbsuid.c
b993ce589685d5d1f806153d0b7f71657f2d37556654ec60884130a40f09acc4944a13e0a4d02914000bedd779e5a35da08c760fed5f7ca5b601243aff7ba2c9 dad.if-up
061f7417c1cbf0424a5fab77e2f5912aa1593f39b33ea294af4c03518ca712d793a77ea82ff1f36e9cb98751d9faacb9d0240cdf0894efd8f26c13c28a692404 nologin.c
646ad9aefe3596d0170d92c8506ca1846e43b5b83cbef97ae565f15ffa7b14665a8c7061bc69c608c043f834c134c5d63f042509f8999031e89163508a868e46 ssl_client.c"
From 6d3b4bb24da9a07c263f3c1acf8df85382ff562c Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Mon, 17 Dec 2018 18:07:18 +0100
Subject: udhcpc: check that 4-byte options are indeed 4-byte, closes 11506
function old new delta
udhcp_get_option32 - 27 +27
udhcp_get_option 231 248 +17
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 1/0 up/down: 44/0) Total: 44 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
---
networking/udhcp/common.c | 19 +++++++++++++++++++
networking/udhcp/common.h | 4 ++++
networking/udhcp/dhcpc.c | 6 +++---
networking/udhcp/dhcpd.c | 6 +++---
4 files changed, 29 insertions(+), 6 deletions(-)
diff --git a/networking/udhcp/common.c b/networking/udhcp/common.c
index e5fd74f91..41b05b855 100644
--- a/networking/udhcp/common.c
+++ b/networking/udhcp/common.c
@@ -272,6 +272,15 @@ uint8_t* FAST_FUNC udhcp_get_option(struct dhcp_packet *packet, int code)
goto complain; /* complain and return NULL */
if (optionptr[OPT_CODE] == code) {
+ if (optionptr[OPT_LEN] == 0) {
+ /* So far no valid option with length 0 known.
+ * Having this check means that searching
+ * for DHCP_MESSAGE_TYPE need not worry
+ * that returned pointer might be unsafe
+ * to dereference.
+ */
+ goto complain; /* complain and return NULL */
+ }
log_option("option found", optionptr);
return optionptr + OPT_DATA;
}
@@ -289,6 +298,16 @@ uint8_t* FAST_FUNC udhcp_get_option(struct dhcp_packet *packet, int code)
return NULL;
}
+uint8_t* FAST_FUNC udhcp_get_option32(struct dhcp_packet *packet, int code)
+{
+ uint8_t *r = udhcp_get_option(packet, code);
+ if (r) {
+ if (r[-1] != 4)
+ r = NULL;
+ }
+ return r;
+}
+
/* Return the position of the 'end' option (no bounds checking) */
int FAST_FUNC udhcp_end_option(uint8_t *optionptr)
{
diff --git a/networking/udhcp/common.h b/networking/udhcp/common.h
index 7ad603d33..9511152ff 100644
--- a/networking/udhcp/common.h
+++ b/networking/udhcp/common.h
@@ -205,6 +205,10 @@ extern const uint8_t dhcp_option_lengths[] ALIGN1;
unsigned FAST_FUNC udhcp_option_idx(const char *name, const char *option_strings);
uint8_t *udhcp_get_option(struct dhcp_packet *packet, int code) FAST_FUNC;
+/* Same as above + ensures that option length is 4 bytes
+ * (returns NULL if size is different)
+ */
+uint8_t *udhcp_get_option32(struct dhcp_packet *packet, int code) FAST_FUNC;
int udhcp_end_option(uint8_t *optionptr) FAST_FUNC;
void udhcp_add_binary_option(struct dhcp_packet *packet, uint8_t *addopt) FAST_FUNC;
#if ENABLE_UDHCPC || ENABLE_UDHCPD
diff --git a/networking/udhcp/dhcpc.c b/networking/udhcp/dhcpc.c
index 4b23e4d39..5b3fd531c 100644
--- a/networking/udhcp/dhcpc.c
+++ b/networking/udhcp/dhcpc.c
@@ -1691,7 +1691,7 @@ int udhcpc_main(int argc UNUSED_PARAM, char **argv)
* They say ISC DHCP client supports this case.
*/
server_addr = 0;
- temp = udhcp_get_option(&packet, DHCP_SERVER_ID);
+ temp = udhcp_get_option32(&packet, DHCP_SERVER_ID);
if (!temp) {
bb_error_msg("no server ID, using 0.0.0.0");
} else {
@@ -1718,7 +1718,7 @@ int udhcpc_main(int argc UNUSED_PARAM, char **argv)
struct in_addr temp_addr;
uint8_t *temp;
- temp = udhcp_get_option(&packet, DHCP_LEASE_TIME);
+ temp = udhcp_get_option32(&packet, DHCP_LEASE_TIME);
if (!temp) {
bb_error_msg("no lease time with ACK, using 1 hour lease");
lease_seconds = 60 * 60;
@@ -1813,7 +1813,7 @@ int udhcpc_main(int argc UNUSED_PARAM, char **argv)
uint32_t svid;
uint8_t *temp;
- temp = udhcp_get_option(&packet, DHCP_SERVER_ID);
+ temp = udhcp_get_option32(&packet, DHCP_SERVER_ID);
if (!temp) {
non_matching_svid:
log1("received DHCP NAK with wrong"
diff --git a/networking/udhcp/dhcpd.c b/networking/udhcp/dhcpd.c
index a8cd3f03b..477856d11 100644
--- a/networking/udhcp/dhcpd.c
+++ b/networking/udhcp/dhcpd.c
@@ -640,7 +640,7 @@ static void add_server_options(struct dhcp_packet *packet)
static uint32_t select_lease_time(struct dhcp_packet *packet)
{
uint32_t lease_time_sec = server_config.max_lease_sec;
- uint8_t *lease_time_opt = udhcp_get_option(packet, DHCP_LEASE_TIME);
+ uint8_t *lease_time_opt = udhcp_get_option32(packet, DHCP_LEASE_TIME);
if (lease_time_opt) {
move_from_unaligned32(lease_time_sec, lease_time_opt);
lease_time_sec = ntohl(lease_time_sec);
@@ -987,7 +987,7 @@ int udhcpd_main(int argc UNUSED_PARAM, char **argv)
}
/* Get SERVER_ID if present */
- server_id_opt = udhcp_get_option(&packet, DHCP_SERVER_ID);
+ server_id_opt = udhcp_get_option32(&packet, DHCP_SERVER_ID);
if (server_id_opt) {
uint32_t server_id_network_order;
move_from_unaligned32(server_id_network_order, server_id_opt);
@@ -1011,7 +1011,7 @@ int udhcpd_main(int argc UNUSED_PARAM, char **argv)
}
/* Get REQUESTED_IP if present */
- requested_ip_opt = udhcp_get_option(&packet, DHCP_REQUESTED_IP);
+ requested_ip_opt = udhcp_get_option32(&packet, DHCP_REQUESTED_IP);
if (requested_ip_opt) {
move_from_unaligned32(requested_nip, requested_ip_opt);
}
--
cgit v1.2.1
From 74d9f1ba37010face4bd1449df4d60dd84450b06 Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Mon, 7 Jan 2019 15:33:42 +0100
Subject: udhcpc: when decoding DHCP_SUBNET, ensure it is 4 bytes long
function old new delta
udhcp_run_script 795 801 +6
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
---
networking/udhcp/common.c | 2 +-
networking/udhcp/common.h | 2 +-
networking/udhcp/dhcpc.c | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/networking/udhcp/common.c b/networking/udhcp/common.c
index 4c2221b77..fc4de5716 100644
--- a/networking/udhcp/common.c
+++ b/networking/udhcp/common.c
@@ -302,7 +302,7 @@ uint8_t* FAST_FUNC udhcp_get_option32(struct dhcp_packet *packet, int code)
{
uint8_t *r = udhcp_get_option(packet, code);
if (r) {
- if (r[-1] != 4)
+ if (r[-OPT_DATA + OPT_LEN] != 4)
r = NULL;
}
return r;
diff --git a/networking/udhcp/common.h b/networking/udhcp/common.h
index 9511152ff..62f9a2a4a 100644
--- a/networking/udhcp/common.h
+++ b/networking/udhcp/common.h
@@ -119,7 +119,7 @@ enum {
//#define DHCP_TIME_SERVER 0x04 /* RFC 868 time server (32-bit, 0 = 1.1.1900) */
//#define DHCP_NAME_SERVER 0x05 /* IEN 116 _really_ ancient kind of NS */
//#define DHCP_DNS_SERVER 0x06
-//#define DHCP_LOG_SERVER 0x07 /* port 704 UDP log (not syslog)
+//#define DHCP_LOG_SERVER 0x07 /* port 704 UDP log (not syslog) */
//#define DHCP_COOKIE_SERVER 0x08 /* "quote of the day" server */
//#define DHCP_LPR_SERVER 0x09
#define DHCP_HOST_NAME 0x0c /* 12: either client informs server or server gives name to client */
diff --git a/networking/udhcp/dhcpc.c b/networking/udhcp/dhcpc.c
index 5b3fd531c..dcec8cdfd 100644
--- a/networking/udhcp/dhcpc.c
+++ b/networking/udhcp/dhcpc.c
@@ -531,7 +531,7 @@ static char **fill_envp(struct dhcp_packet *packet)
temp = udhcp_get_option(packet, code);
*curr = xmalloc_optname_optval(temp, &dhcp_optflags[i], opt_name);
putenv(*curr++);
- if (code == DHCP_SUBNET) {
+ if (code == DHCP_SUBNET && temp[-OPT_DATA + OPT_LEN] == 4) {
/* Subnet option: make things like "$ip/$mask" possible */
uint32_t subnet;
move_from_unaligned32(subnet, temp);
--
cgit v1.2.1
#
# Automatically generated make config: don't edit
# Busybox version: 1.29.3
# Thu Jan 10 14:55:56 2019
# Busybox version: 1.30.0
# Wed Feb 13 21:57:17 2019
#
CONFIG_HAVE_DOT_CONFIG=y
......@@ -24,6 +24,7 @@ CONFIG_FEATURE_DEVPTS=y
CONFIG_FEATURE_PIDFILE=y
CONFIG_PID_FILE_PATH="/var/run"
CONFIG_BUSYBOX=y
# CONFIG_FEATURE_SHOW_SCRIPT is not set
CONFIG_FEATURE_INSTALLER=y
# CONFIG_INSTALL_NO_USR is not set
CONFIG_FEATURE_SUID=y
......@@ -82,7 +83,9 @@ CONFIG_NO_DEBUG_LIB=y
# Library Tuning
#
# CONFIG_FEATURE_USE_BSS_TAIL is not set
CONFIG_FLOAT_DURATION=y
CONFIG_FEATURE_RTMINMAX=y
CONFIG_FEATURE_RTMINMAX_USE_LIBC_DEFINITIONS=y
CONFIG_FEATURE_BUFFERS_USE_MALLOC=y
# CONFIG_FEATURE_BUFFERS_GO_ON_STACK is not set
# CONFIG_FEATURE_BUFFERS_GO_IN_BSS is not set
......@@ -288,7 +291,6 @@ CONFIG_SHRED=y
CONFIG_SHUF=y
CONFIG_SLEEP=y
CONFIG_FEATURE_FANCY_SLEEP=y
CONFIG_FEATURE_FLOAT_SLEEP=y
CONFIG_SORT=y
CONFIG_FEATURE_SORT_BIG=y
# CONFIG_FEATURE_SORT_OPTIMIZE_MEMORY is not set
......@@ -443,6 +445,7 @@ CONFIG_FEATURE_FIND_MTIME=y
CONFIG_FEATURE_FIND_MMIN=y
CONFIG_FEATURE_FIND_PERM=y
CONFIG_FEATURE_FIND_TYPE=y
CONFIG_FEATURE_FIND_EXECUTABLE=y
CONFIG_FEATURE_FIND_XDEV=y
CONFIG_FEATURE_FIND_MAXDEPTH=y
CONFIG_FEATURE_FIND_NEWER=y
......@@ -456,6 +459,7 @@ CONFIG_FEATURE_FIND_DEPTH=y
CONFIG_FEATURE_FIND_PAREN=y
CONFIG_FEATURE_FIND_SIZE=y
CONFIG_FEATURE_FIND_PRUNE=y
CONFIG_FEATURE_FIND_QUIT=y
CONFIG_FEATURE_FIND_DELETE=y
CONFIG_FEATURE_FIND_PATH=y
CONFIG_FEATURE_FIND_REGEX=y
......@@ -528,7 +532,6 @@ CONFIG_LOGIN_SESSION_AS_CHILD=y
CONFIG_LOGIN_SCRIPTS=y
CONFIG_FEATURE_NOLOGIN=y
CONFIG_FEATURE_SECURETTY=y
CONFIG_NOLOGIN=y
CONFIG_PASSWD=y
CONFIG_FEATURE_PASSWD_WEAK_CHECK=y
CONFIG_SU=y
......@@ -660,6 +663,8 @@ CONFIG_FEATURE_MOUNT_FLAGS=y
CONFIG_FEATURE_MOUNT_FSTAB=y
# CONFIG_FEATURE_MOUNT_OTHERTAB is not set
CONFIG_MOUNTPOINT=y
CONFIG_NOLOGIN=y
CONFIG_NOLOGIN_DEPENDENCIES=y
CONFIG_NSENTER=y
# CONFIG_PIVOT_ROOT is not set
CONFIG_RDATE=y
......@@ -735,6 +740,12 @@ CONFIG_FEATURE_VOLUMEID_XFS=y
CONFIG_ADJTIMEX=y
CONFIG_BBCONFIG=y
CONFIG_FEATURE_COMPRESS_BBCONFIG=y
CONFIG_BC=y
CONFIG_DC=y
CONFIG_FEATURE_DC_BIG=y
# CONFIG_FEATURE_DC_LIBM is not set
CONFIG_FEATURE_BC_INTERACTIVE=y
CONFIG_FEATURE_BC_LONG_OPTIONS=y
CONFIG_BEEP=y
CONFIG_FEATURE_BEEP_FREQ=440
CONFIG_FEATURE_BEEP_LENGTH_MS=30
......@@ -753,8 +764,6 @@ CONFIG_FEATURE_CROND_CALL_SENDMAIL=y
CONFIG_FEATURE_CROND_SPECIAL_TIMES=y
CONFIG_FEATURE_CROND_DIR="/var/spool/cron"
CONFIG_CRONTAB=y
CONFIG_DC=y
CONFIG_FEATURE_DC_LIBM=y
# CONFIG_DEVFSD is not set
# CONFIG_DEVFSD_MODLOAD is not set
# CONFIG_DEVFSD_FG_NP is not set
......@@ -829,6 +838,7 @@ CONFIG_FEATURE_IPV6=y
CONFIG_FEATURE_UNIX_LOCAL=y
CONFIG_FEATURE_PREFER_IPV4_ADDRESS=y
CONFIG_VERBOSE_RESOLUTION_ERRORS=y
# CONFIG_FEATURE_TLS_SHA1 is not set
CONFIG_ARP=y
CONFIG_ARPING=y
CONFIG_BRCTL=y
......@@ -916,6 +926,7 @@ CONFIG_NSLOOKUP=y
CONFIG_NTPD=y
CONFIG_FEATURE_NTPD_SERVER=y
CONFIG_FEATURE_NTPD_CONF=y
CONFIG_FEATURE_NTP_AUTH=y
CONFIG_PING=y
CONFIG_PING6=y
CONFIG_FEATURE_FANCY_PING=y
......@@ -941,7 +952,7 @@ CONFIG_SLATTACH=y
# CONFIG_FEATURE_TFTP_PUT is not set
# CONFIG_FEATURE_TFTP_BLOCKSIZE is not set
# CONFIG_TFTP_DEBUG is not set
# CONFIG_TLS is not set
CONFIG_TLS=y
CONFIG_TRACEROUTE=y
CONFIG_TRACEROUTE6=y
CONFIG_FEATURE_TRACEROUTE_VERBOSE=y
......@@ -1150,6 +1161,7 @@ CONFIG_FEATURE_SH_EXTRA_QUIET=y
# CONFIG_FEATURE_SH_NOFORK is not set
CONFIG_FEATURE_SH_READ_FRAC=y
CONFIG_FEATURE_SH_HISTFILESIZE=y
CONFIG_FEATURE_SH_EMBEDDED_SCRIPTS=y
#
# System Logging Utilities
......
#
# Automatically generated make config: don't edit
# Busybox version: 1.29.3
# Tue Jan 15 19:53:35 2019
# Busybox version: 1.30.0
# Wed Feb 13 21:54:59 2019
#
CONFIG_HAVE_DOT_CONFIG=y
......@@ -24,6 +24,7 @@ CONFIG_FEATURE_DEVPTS=y
# CONFIG_FEATURE_PIDFILE is not set
CONFIG_PID_FILE_PATH=""
CONFIG_BUSYBOX=y
# CONFIG_FEATURE_SHOW_SCRIPT is not set
CONFIG_FEATURE_INSTALLER=y
# CONFIG_INSTALL_NO_USR is not set
# CONFIG_FEATURE_SUID is not set
......@@ -82,7 +83,9 @@ CONFIG_NO_DEBUG_LIB=y
# Library Tuning
#
# CONFIG_FEATURE_USE_BSS_TAIL is not set
# CONFIG_FLOAT_DURATION is not set
# CONFIG_FEATURE_RTMINMAX is not set
# CONFIG_FEATURE_RTMINMAX_USE_LIBC_DEFINITIONS is not set
CONFIG_FEATURE_BUFFERS_USE_MALLOC=y
# CONFIG_FEATURE_BUFFERS_GO_ON_STACK is not set
# CONFIG_FEATURE_BUFFERS_GO_IN_BSS is not set
......@@ -284,7 +287,6 @@ CONFIG_GZIP_FAST=0
# CONFIG_SHUF is not set
# CONFIG_SLEEP is not set
# CONFIG_FEATURE_FANCY_SLEEP is not set
# CONFIG_FEATURE_FLOAT_SLEEP is not set
# CONFIG_SORT is not set
# CONFIG_FEATURE_SORT_BIG is not set