[src/trunk]: src/lib import CAVEATS sections from OpenBSD.

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/lib import CAVEATS sections from OpenBSD.
From: yamt <yamt%NetBSD.org@localhost>
Date: Fri, 24 Jan 2020 11:42:02 +0000
details:   https://anonhg.NetBSD.org/src/rev/4c2ce49f4504
branches:  trunk
changeset: 533878:4c2ce49f4504
user:      yamt <yamt%NetBSD.org@localhost>
date:      Wed Jul 10 14:37:12 2002 +0000

description:
import CAVEATS sections from OpenBSD.
with little tweak by me.

diffstat:

 lib/libc/gen/daemon.3       |  21 ++++++++++++++-
 lib/libc/gen/err.3          |  23 +++++++++++++++-
 lib/libc/gen/isalnum.3      |  10 ++++++-
 lib/libc/gen/isalpha.3      |  10 ++++++-
 lib/libc/gen/isascii.3      |  10 ++++++-
 lib/libc/gen/isblank.3      |  10 ++++++-
 lib/libc/gen/iscntrl.3      |  10 ++++++-
 lib/libc/gen/isdigit.3      |  10 ++++++-
 lib/libc/gen/isgraph.3      |  10 ++++++-
 lib/libc/gen/islower.3      |  10 ++++++-
 lib/libc/gen/isprint.3      |  10 ++++++-
 lib/libc/gen/ispunct.3      |  10 ++++++-
 lib/libc/gen/isspace.3      |  10 ++++++-
 lib/libc/gen/isupper.3      |  10 ++++++-
 lib/libc/gen/isxdigit.3     |  10 ++++++-
 lib/libc/gen/setjmp.3       |  35 ++++++++++++++++++++++++-
 lib/libc/gen/setproctitle.3 |  20 +++++++++++++-
 lib/libc/gen/syslog.3       |  20 +++++++++++++-
 lib/libc/stdio/fgetln.3     |  33 +++++++++++++++++++++++-
 lib/libc/stdio/fgets.3      |  47 +++++++++++++++++++++++++++++++++-
 lib/libc/stdio/fopen.3      |  23 +++++++++++++++-
 lib/libc/stdio/printf.3     |  62 +++++++++++++++++++++++++++++++-------------
 lib/libc/stdlib/atoi.3      |  14 +++++++++-
 lib/libc/stdlib/system.3    |  10 ++++++-
 lib/libc/sys/read.2         |  22 +++++++++++++++-
 lib/libc/sys/write.2        |  22 +++++++++++++++-
 lib/libutil/login_cap.3     |  37 ++++++++++++++++++++++++++-
 27 files changed, 474 insertions(+), 45 deletions(-)

diffs (truncated from 829 to 300 lines):

diff -r 06a28df323c9 -r 4c2ce49f4504 lib/libc/gen/daemon.3
--- a/lib/libc/gen/daemon.3     Wed Jul 10 14:29:04 2002 +0000
+++ b/lib/libc/gen/daemon.3     Wed Jul 10 14:37:12 2002 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: daemon.3,v 1.11 2002/02/07 07:00:11 ross Exp $
+.\"    $NetBSD: daemon.3,v 1.12 2002/07/10 14:37:12 yamt Exp $
 .\"
 .\" Copyright (c) 1993
 .\"    The Regents of the University of California.  All rights reserved.
@@ -86,6 +86,25 @@
 .Fn daemon
 function first appeared in
 .Bx 4.4 .
+.Sh CAVEATS
+Unless the
+.Ar noclose
+argument is non-zero,
+.Fn daemon
+will close the first three file descriptors and redirect them to
+.Pa /dev/null .
+Normally, these correspond to standard input, standard output and
+standard error.
+However, if any of those file descriptors refer to something else they
+will still be closed, resulting in incorrect behavior of the calling program.
+This can happen if any of standard input, standard output or standard error
+have been closed before the program was run.
+Programs using
+.Fn daemon
+should therefore make sure to either call
+.Fn daemon
+before opening any files or sockets or, alternately, verifying that
+any file descriptors obtained have a value greater than 2.
 .Sh BUGS
 .Fn daemon
 uses
diff -r 06a28df323c9 -r 4c2ce49f4504 lib/libc/gen/err.3
--- a/lib/libc/gen/err.3        Wed Jul 10 14:29:04 2002 +0000
+++ b/lib/libc/gen/err.3        Wed Jul 10 14:37:12 2002 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: err.3,v 1.14 2002/02/07 07:00:11 ross Exp $
+.\" $NetBSD: err.3,v 1.15 2002/07/10 14:37:12 yamt Exp $
 .\"
 .\" Copyright (c) 1993
 .\"    The Regents of the University of California.  All rights reserved.
@@ -145,3 +145,24 @@
 .Fn warn
 functions first appeared in
 .Bx 4.4 .
+.Sh CAVEATS
+It is important never to pass a string with user-supplied data as a
+format without using
+.Ql %s .
+An attacker can put format specifiers in the string to mangle your stack,
+leading to a possible security hole.
+This holds true even if you have built the string
+.Dq by hand
+using a function like
+.Fn snprintf ,
+as the resulting string may still contain user-supplied conversion specifiers
+for later interpolation by the
+.Fn err
+and
+.Fn warn
+functions.
+.Pp
+Always be sure to use the proper secure idiom:
+.Bd -literal -offset indent
+err(1, "%s", string);
+.Ed
diff -r 06a28df323c9 -r 4c2ce49f4504 lib/libc/gen/isalnum.3
--- a/lib/libc/gen/isalnum.3    Wed Jul 10 14:29:04 2002 +0000
+++ b/lib/libc/gen/isalnum.3    Wed Jul 10 14:37:12 2002 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: isalnum.3,v 1.8 2002/02/07 07:00:14 ross Exp $
+.\"    $NetBSD: isalnum.3,v 1.9 2002/07/10 14:37:13 yamt Exp $
 .\"
 .\" Copyright (c) 1991 The Regents of the University of California.
 .\" All rights reserved.
@@ -86,3 +86,11 @@
 .Fn isalnum
 function conforms to
 .St -ansiC .
+.Sh CAVEATS
+The argument to
+.Fn isalnum
+must be
+.Dv EOF
+or representable as an
+.Li unsigned char ;
+otherwise, the result is undefined.
diff -r 06a28df323c9 -r 4c2ce49f4504 lib/libc/gen/isalpha.3
--- a/lib/libc/gen/isalpha.3    Wed Jul 10 14:29:04 2002 +0000
+++ b/lib/libc/gen/isalpha.3    Wed Jul 10 14:37:12 2002 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: isalpha.3,v 1.8 2002/02/07 07:00:14 ross Exp $
+.\"    $NetBSD: isalpha.3,v 1.9 2002/07/10 14:37:13 yamt Exp $
 .\"
 .\" Copyright (c) 1991 The Regents of the University of California.
 .\" All rights reserved.
@@ -102,3 +102,11 @@
 .Fn isalpha
 function conforms to
 .St -ansiC .
+.Sh CAVEATS
+The argument to
+.Fn isalpha
+must be
+.Dv EOF
+or representable as an
+.Li unsigned char ;
+otherwise, the result is undefined.
diff -r 06a28df323c9 -r 4c2ce49f4504 lib/libc/gen/isascii.3
--- a/lib/libc/gen/isascii.3    Wed Jul 10 14:29:04 2002 +0000
+++ b/lib/libc/gen/isascii.3    Wed Jul 10 14:37:12 2002 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: isascii.3,v 1.9 2002/02/07 07:00:14 ross Exp $
+.\"    $NetBSD: isascii.3,v 1.10 2002/07/10 14:37:13 yamt Exp $
 .\"
 .\" Copyright (c) 1989, 1991 The Regents of the University of California.
 .\" All rights reserved.
@@ -75,3 +75,11 @@
 .Fn isascii
 function conforms to
 .St -xpg4 .
+.Sh CAVEATS
+The argument to
+.Fn isascii
+must be
+.Dv EOF
+or representable as an
+.Li unsigned char ;
+otherwise, the result is undefined.
diff -r 06a28df323c9 -r 4c2ce49f4504 lib/libc/gen/isblank.3
--- a/lib/libc/gen/isblank.3    Wed Jul 10 14:29:04 2002 +0000
+++ b/lib/libc/gen/isblank.3    Wed Jul 10 14:37:12 2002 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: isblank.3,v 1.7 2002/02/07 07:00:14 ross Exp $
+.\"    $NetBSD: isblank.3,v 1.8 2002/07/10 14:37:13 yamt Exp $
 .\"
 .\" Copyright (c) 1991 The Regents of the University of California.
 .\" All rights reserved.
@@ -90,3 +90,11 @@
 .Xr tolower 3 ,
 .Xr toupper 3 ,
 .Xr ascii 7
+.Sh CAVEATS
+The argument to
+.Fn isblank
+must be
+.Dv EOF
+or representable as an
+.Li unsigned char ;
+otherwise, the result is undefined.
diff -r 06a28df323c9 -r 4c2ce49f4504 lib/libc/gen/iscntrl.3
--- a/lib/libc/gen/iscntrl.3    Wed Jul 10 14:29:04 2002 +0000
+++ b/lib/libc/gen/iscntrl.3    Wed Jul 10 14:37:12 2002 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: iscntrl.3,v 1.7 2002/02/07 07:00:14 ross Exp $
+.\"    $NetBSD: iscntrl.3,v 1.8 2002/07/10 14:37:13 yamt Exp $
 .\"
 .\" Copyright (c) 1991 The Regents of the University of California.
 .\" All rights reserved.
@@ -81,3 +81,11 @@
 .Fn iscntrl
 function conforms to
 .St -ansiC .
+.Sh CAVEATS
+The argument to
+.Fn iscntrl
+must be
+.Dv EOF
+or representable as an
+.Li unsigned char ;
+otherwise, the result is undefined.
diff -r 06a28df323c9 -r 4c2ce49f4504 lib/libc/gen/isdigit.3
--- a/lib/libc/gen/isdigit.3    Wed Jul 10 14:29:04 2002 +0000
+++ b/lib/libc/gen/isdigit.3    Wed Jul 10 14:37:12 2002 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: isdigit.3,v 1.7 2002/02/07 07:00:14 ross Exp $
+.\"    $NetBSD: isdigit.3,v 1.8 2002/07/10 14:37:13 yamt Exp $
 .\"
 .\" Copyright (c) 1991 The Regents of the University of California.
 .\" All rights reserved.
@@ -82,3 +82,11 @@
 .Fn isdigit
 function conforms to
 .St -ansiC .
+.Sh CAVEATS
+The argument to
+.Fn isdigit
+must be
+.Dv EOF
+or representable as an
+.Li unsigned char ;
+otherwise, the result is undefined.
diff -r 06a28df323c9 -r 4c2ce49f4504 lib/libc/gen/isgraph.3
--- a/lib/libc/gen/isgraph.3    Wed Jul 10 14:29:04 2002 +0000
+++ b/lib/libc/gen/isgraph.3    Wed Jul 10 14:37:12 2002 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: isgraph.3,v 1.7 2002/02/07 07:00:14 ross Exp $
+.\"    $NetBSD: isgraph.3,v 1.8 2002/07/10 14:37:13 yamt Exp $
 .\"
 .\" Copyright (c) 1991 The Regents of the University of California.
 .\" All rights reserved.
@@ -81,3 +81,11 @@
 .Fn isgraph
 function conforms to
 .St -ansiC .
+.Sh CAVEATS
+The argument to
+.Fn isgraph
+must be
+.Dv EOF
+or representable as an
+.Li unsigned char ;
+otherwise, the result is undefined.
diff -r 06a28df323c9 -r 4c2ce49f4504 lib/libc/gen/islower.3
--- a/lib/libc/gen/islower.3    Wed Jul 10 14:29:04 2002 +0000
+++ b/lib/libc/gen/islower.3    Wed Jul 10 14:37:12 2002 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: islower.3,v 1.8 2002/02/07 07:00:15 ross Exp $
+.\"    $NetBSD: islower.3,v 1.9 2002/07/10 14:37:14 yamt Exp $
 .\"
 .\" Copyright (c) 1991 The Regents of the University of California.
 .\" All rights reserved.
@@ -95,3 +95,11 @@
 .Fn islower
 function conforms to
 .St -ansiC .
+.Sh CAVEATS
+The argument to
+.Fn islower
+must be
+.Dv EOF
+or representable as an
+.Li unsigned char ;
+otherwise, the result is undefined.
diff -r 06a28df323c9 -r 4c2ce49f4504 lib/libc/gen/isprint.3
--- a/lib/libc/gen/isprint.3    Wed Jul 10 14:29:04 2002 +0000
+++ b/lib/libc/gen/isprint.3    Wed Jul 10 14:37:12 2002 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: isprint.3,v 1.7 2002/02/07 07:00:15 ross Exp $
+.\"    $NetBSD: isprint.3,v 1.8 2002/07/10 14:37:14 yamt Exp $
 .\"
 .\" Copyright (c) 1991 The Regents of the University of California.
 .\" All rights reserved.
@@ -81,3 +81,11 @@
 .Fn isprint
 function conforms to
 .St -ansiC .
+.Sh CAVEATS
+The argument to
+.Fn isprint
+must be
+.Dv EOF
+or representable as an
+.Li unsigned char ;
+otherwise, the result is undefined.
diff -r 06a28df323c9 -r 4c2ce49f4504 lib/libc/gen/ispunct.3
--- a/lib/libc/gen/ispunct.3    Wed Jul 10 14:29:04 2002 +0000
+++ b/lib/libc/gen/ispunct.3    Wed Jul 10 14:37:12 2002 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: ispunct.3,v 1.7 2002/02/07 07:00:15 ross Exp $
+.\"    $NetBSD: ispunct.3,v 1.8 2002/07/10 14:37:14 yamt Exp $
 .\"
 .\" Copyright (c) 1991 The Regents of the University of California.
 .\" All rights reserved.
@@ -84,3 +84,11 @@
 .Fn ispunct
 function conforms to
 .St -ansiC .
+.Sh CAVEATS
+The argument to
+.Fn ispunct
+must be
+.Dv EOF
+or representable as an
+.Li unsigned char ;
+otherwise, the result is undefined.
diff -r 06a28df323c9 -r 4c2ce49f4504 lib/libc/gen/isspace.3
--- a/lib/libc/gen/isspace.3    Wed Jul 10 14:29:04 2002 +0000
+++ b/lib/libc/gen/isspace.3    Wed Jul 10 14:37:12 2002 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: isspace.3,v 1.8 2002/02/07 07:00:15 ross Exp $
+.\"    $NetBSD: isspace.3,v 1.9 2002/07/10 14:37:14 yamt Exp $
 .\"
 .\" Copyright (c) 1991 The Regents of the University of California.
 .\" All rights reserved.
@@ -108,3 +108,11 @@
 .Fn isspace
 function conforms to
 .St -ansiC .
+.Sh CAVEATS
+The argument to
+.Fn isspace
+must be
+.Dv EOF
+or representable as an
+.Li unsigned char ;
+otherwise, the result is undefined.
Prev by Date: [src/trunk]: src/sys/arch/hppa/include Define __HAVE_FUNCTION_DESCRIPTORS, wh...
Next by Date: [src/trunk]: src/libexec/ld.elf_so Add support for dynamic linking on HP PA-R...
Previous by Thread: [src/trunk]: src/sys/arch/hppa/include Define __HAVE_FUNCTION_DESCRIPTORS, wh...
Next by Thread: [src/trunk]: src/libexec/ld.elf_so Add support for dynamic linking on HP PA-R...
Indexes:
Home | Main Index | Thread Index | Old Index