Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

On Sun, 2023-03-12 at 21:53:14 +0100, Alejandro Colomar wrote: > On 3/12/23 20:22, Bálint Réczey wrote: > > Alejandro Colomar ezt írta (időpont: 2023. márc. 12., V, 16:52): > >> On 3/12/23 16:38, Bálint Réczey wrote: > 142 lines of a function definition are not something I'd consider easy to

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Paul, On 3/12/23 23:24, Alejandro Colomar wrote: > Hi Paul, > > On 3/12/23 22:50, Paul Eggert wrote: >> On 2023-03-12 08:28, Alejandro Colomar wrote: >> >>> I've pushed a signed tag paul1, so you can safely check that the >>> repo is mine (since I don't have HTTPS). >> >> Thanks, I'm not sure

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Paul, On 3/12/23 22:50, Paul Eggert wrote: > On 2023-03-12 08:28, Alejandro Colomar wrote: > >> I've pushed a signed tag paul1, so you can safely check that the >> repo is mine (since I don't have HTTPS). > > Thanks, I'm not sure what exactly this means as I don't contribute to >

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

On 2023-03-12 08:28, Alejandro Colomar wrote: I've pushed a signed tag paul1, so you can safely check that the repo is mine (since I don't have HTTPS). Thanks, I'm not sure what exactly this means as I don't contribute to shadow-devel. As far as the remaining patches go, please use your best

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Bálint, On 3/12/23 20:22, Bálint Réczey wrote: > Hi Alejandro, > > Alejandro Colomar ezt írta (időpont: 2023. > márc. 12., V, 16:52): >> >> Hi Bálint, >> >> On 3/12/23 16:38, Bálint Réczey wrote: 142 lines of a function definition are not something I'd consider easy to maintain.

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Alejandro, Alejandro Colomar ezt írta (időpont: 2023. márc. 12., V, 16:52): > > Hi Bálint, > > On 3/12/23 16:38, Bálint Réczey wrote: > >> 142 lines of a function definition are not something I'd consider easy to > >> maintain. Is it a big deal to add another dependency? I'd say it's a > >>

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

On 3/12/23 16:52, Alejandro Colomar wrote: > libsubid4 is ~ 300 kB > uidmap is~ 300 kB > login is ~ 2.6 MB > passwd is~ 2.8 kB I meant 2.8 MB :) > > -- GPG key fingerprint: A9348594CE31283A826FBDD8D57633D441E25BB5 OpenPGP_signature

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Bálint, On 3/12/23 16:38, Bálint Réczey wrote: >> 142 lines of a function definition are not something I'd consider easy to >> maintain. Is it a big deal to add another dependency? I'd say it's a >> bigger deal to copy verbatim so many lines of code, and sync them from >> time to time from

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Alejandro, Alejandro Colomar ezt írta (időpont: 2023. márc. 11., Szo, 1:08): > > Hi Bálint, > > On 3/10/23 21:34, Bálint Réczey wrote: > [...] > > >> I didn't have the time to look into that, but we should really > >> check if we need to add some error checking. With strlcpy(3), > >> at

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

On 3/12/23 13:54, Alejandro Colomar wrote: > Hi Paul, > > On 3/12/23 02:44, Paul Eggert wrote: >> On 2023-03-11 14:02, Alejandro Colomar wrote: >>> we should use "%s" (if we go the way of snprintf(3)). >> >> Yes, thanks for catching that. However, I came up with a better way that >> avoids

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Paul, On 3/12/23 02:44, Paul Eggert wrote: > From 9ebf228fb33f66d248b230d23b633800267e5a16 Mon Sep 17 00:00:00 2001 > From: Paul Eggert > Date: Sat, 11 Mar 2023 10:34:21 -0800 > Subject: [PATCH 8/8] Fix su silent truncation > > * src/su.c (check_perms): Do not silently truncate user name. >

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Paul, On 3/12/23 02:44, Paul Eggert wrote: > From fab3bcdcb3f38c7f6f5c326f4ceafb3ea54bba73 Mon Sep 17 00:00:00 2001 > From: Paul Eggert > Date: Sat, 11 Mar 2023 10:07:32 -0800 > Subject: [PATCH 7/8] Fix is_my_tty overruns and truncations Is there any chance those can be fixed individually?

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Paul, On 3/12/23 02:44, Paul Eggert wrote: > From f3514f26297e884a00d4fb29191bd9978eb03e7b Mon Sep 17 00:00:00 2001 > From: Paul Eggert > Date: Sat, 11 Mar 2023 00:42:29 -0800 > Subject: [PATCH 6/8] Fix crash with large timestamps > > * libmisc/date_to_str.c (date_to_str): Do not crash if

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Paul, On 3/12/23 02:44, Paul Eggert wrote: > From 54fac7560f87a134c4d3045ce7048f4819c4e492 Mon Sep 17 00:00:00 2001 > From: Paul Eggert > Date: Sat, 11 Mar 2023 00:38:24 -0800 > Subject: [PATCH 5/8] Avoid silent truncation of console file data > > * libmisc/console.c (is_listed): Rework so

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Paul, On 3/12/23 02:44, Paul Eggert wrote: > On 2023-03-11 14:02, Alejandro Colomar wrote: >> we should use "%s" (if we go the way of snprintf(3)). > > Yes, thanks for catching that. However, I came up with a better way that > avoids snprintf (and strlcpy) entirely both here and the other

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

On 2023-03-11 14:02, Alejandro Colomar wrote: we should use "%s" (if we go the way of snprintf(3)). Yes, thanks for catching that. However, I came up with a better way that avoids snprintf (and strlcpy) entirely both here and the other place I used snprintf. Attached is a revised set of

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

On 2023-03-11 14:39, Alejandro Colomar wrote: I wonder if the patch is really "simplifying". It depends on how one measures simplicity. The reader will need to know strftime's API regardless; requiring the reader to also know strlcpy's API makes the reader's job harder. Also, it's less

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

On 2023-03-11 13:49, Alejandro Colomar wrote: +: mempcpy (full_tty, "/dev/", sizeof"/dev/" - 1)), This is a great use case for stpcpy(3). I came up with a slightly better approach, that needs neither mempcpy nor stpcpy. I plan to send it along soon.

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

On 3/11/23 23:38, Paul Eggert wrote: > On 2023-03-11 13:59, Alejandro Colomar wrote: >> If the function is allowed >> to dereference, then NULL is not allowed, but if the values are >> uninitialized, then reading any of them should also trigger UB, no? > > Sure, but the standard says that

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

On 3/11/23 23:34, Paul Eggert wrote: > On 2023-03-11 14:18, Alejandro Colomar wrote: > >> What I'm not sure is that strftime(3) requires nonnull. > > glibc's strftime implementation segfaults if you pass a null pointer, so > we can't pass NULL regardless of whether the strftime API in time.h

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

On 2023-03-11 13:59, Alejandro Colomar wrote: If the function is allowed to dereference, then NULL is not allowed, but if the values are uninitialized, then reading any of them should also trigger UB, no? Sure, but the standard says that strftime reads only the struct tm members needed to

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

On 2023-03-11 14:18, Alejandro Colomar wrote: What I'm not sure is that strftime(3) requires nonnull. glibc's strftime implementation segfaults if you pass a null pointer, so we can't pass NULL regardless of whether the strftime API in time.h uses __attribute__ ((nonnull))'.

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Paul, On 3/11/23 23:08, Paul Eggert wrote: > On 2023-03-11 13:59, Alejandro Colomar wrote: >> Unless the standard specifically allows us to do so, but I can't find >> anything clear. > > It's pretty clear if you're a time nerd like me. :-) :-) > The standard for > strftime says "The

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

On 2023-03-11 13:59, Alejandro Colomar wrote: Unless the standard specifically allows us to do so, but I can't find anything clear. It's pretty clear if you're a time nerd like me. :-) The standard for strftime says "The appropriate characters are determined using the LC_TIME category of the

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Paul, On 3/11/23 20:29, Paul Eggert wrote: > From 522b2db5619bd26631bd444d208768f740c2fdba Mon Sep 17 00:00:00 2001 > From: Paul Eggert > Date: Sat, 11 Mar 2023 10:34:21 -0800 > Subject: [PATCH 6/6] Fix su silent truncation > > * src/su.c (check_perms): Do not silently truncate user name. >

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

On 3/11/23 22:52, Paul Eggert wrote: > On 2023-03-11 13:31, Alejandro Colomar wrote: >> What's this exactly for? > > It avoids undefined behavior. A call like strftime (buf, sizeof buf, > "XXX", NULL) has undefined behavior, as near as I can make out. Ahh, sure, it makes sense. Didn't

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

On 2023-03-11 13:31, Alejandro Colomar wrote: What's this exactly for? It avoids undefined behavior. A call like strftime (buf, sizeof buf, "XXX", NULL) has undefined behavior, as near as I can make out. It's OK that the dummy is uninitialized.

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Paul, On 3/11/23 20:29, Paul Eggert wrote: > From 70985857d6d24262fc57a10bd62e6dbc642dda70 Mon Sep 17 00:00:00 2001 > From: Paul Eggert > Date: Sat, 11 Mar 2023 10:07:32 -0800 > Subject: [PATCH 5/6] Fix is_my_tty overruns and truncations > > * libmisc/utmp.c: Include mempcpy.h. >

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Paul, On 3/11/23 20:29, Paul Eggert wrote: > From 1c8388d1d1831e976cdaa6e6f27bb08bf31aedc5 Mon Sep 17 00:00:00 2001 > From: Paul Eggert > Date: Sat, 11 Mar 2023 00:42:29 -0800 > Subject: [PATCH 4/6] Fix crash with large timestamps > > * libmisc/date_to_str.c (date_to_str): Do not crash if

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Paul, On 3/11/23 20:29, Paul Eggert wrote: > From 7e88c5914c1fab6c4d88e1ca39d6b6319e7ee768 Mon Sep 17 00:00:00 2001 > From: Paul Eggert > Date: Sat, 11 Mar 2023 00:02:45 -0800 > Subject: [PATCH 2/6] Prefer memcpy to strlcpy when either works > > memcpy is standardized and should be faster

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Paul, On 3/11/23 20:29, Paul Eggert wrote: > From d40e2f92f3e50d13d87393bd30b2b4b20b89a2d6 Mon Sep 17 00:00:00 2001 > From: Paul Eggert > Date: Sat, 11 Mar 2023 00:01:02 -0800 > Subject: [PATCH 1/6] Fix undefined behavior in change_field > > * lib/fields.c (change_field): Do not ever compute

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

I looked into this, and five of the shadow package's six uses of strlcpy are wrong, i.e., they are associated with silent truncation or buffer overrun/underrun or dereferencing NULL in nearby code. This isn't surprising, as strlcpy is commonly used in code that has been slapdashedly hacked to

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Bálint, On 3/10/23 21:34, Bálint Réczey wrote: [...] >> I didn't have the time to look into that, but we should really >> check if we need to add some error checking. With strlcpy(3), >> at least we can do it, contrary to strncpy(3), which doesn't >> really help detecting truncation (except

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Alejandro, Alejandro Colomar ezt írta (időpont: 2023. márc. 8., Sze, 13:55): > > Hi Bálint, > > [I reordered some quotes for my reply] > [CC Paul, since he's been mentioned, and I'm curious to know > if he has any comments] > > On 3/8/23 11:59, Bálint Réczey wrote: > > Hi Alejandro, > > > >

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Bálint, [I reordered some quotes for my reply] [CC Paul, since he's been mentioned, and I'm curious to know if he has any comments] On 3/8/23 11:59, Bálint Réczey wrote: > Hi Alejandro, > > Alejandro Colomar ezt írta (időpont: 2023. > márc. 5., V, 20:44): >> >> Package: passwd >> Source:

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config

Hi Alejandro, Alejandro Colomar ezt írta (időpont: 2023. márc. 5., V, 20:44): > > Package: passwd > Source: shadow > Tags: patch > X-Debbugs-CC: Bálint Réczey > X-Debbugs-CC: Iker Pedrosa > X-Debbugs-CC: Serge Hallyn > > These dependencies were added upstream recently. > > Signed-off-by: