Module Name: src
Committed By: dholland
Date: Sat Sep 6 18:54:46 UTC 2014
Modified Files:
src/usr.bin/uuencode: uuencode.1
Log Message:
Clarify and generally improve. The expansion of files is not a bug,
it's a consequence of what uuencode does. Also note for a more hostile
internet environment that blindly uudecoding files without inspecting
the header is dangerous.
Pursuant to PR 49177.
To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.24 src/usr.bin/uuencode/uuencode.1
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.bin/uuencode/uuencode.1
diff -u src/usr.bin/uuencode/uuencode.1:1.23 src/usr.bin/uuencode/uuencode.1:1.24
--- src/usr.bin/uuencode/uuencode.1:1.23 Sat Sep 6 18:37:01 2014
+++ src/usr.bin/uuencode/uuencode.1 Sat Sep 6 18:54:46 2014
@@ -1,4 +1,4 @@
-.\" $NetBSD: uuencode.1,v 1.23 2014/09/06 18:37:01 dholland Exp $
+.\" $NetBSD: uuencode.1,v 1.24 2014/09/06 18:54:46 dholland Exp $
.\"
.\" Copyright (c) 1980, 1990, 1993
.\" The Regents of the University of California. All rights reserved.
@@ -29,7 +29,7 @@
.\"
.\" @(#)uuencode.1 8.1 (Berkeley) 6/6/93
.\"
-.Dd January 28, 2012
+.Dd September 6, 2014
.Dt UUENCODE 1
.Os
.Sh NAME
@@ -58,39 +58,42 @@ The following options are available:
.Bl -tag -width ".Fl m"
.It Fl m
Use base64 encoding.
-The default is that
-.Nm
-uses the historical uuencode algorithm,
-and
-.Nm uudecode
-automatically detects the encoding.
+For
+.Nm ,
+the historical uuencode algorithm is the default.
+For
+.Nm uudecode ,
+by default the encoding is automatically detected.
.It Fl o Ar outputfile
.Po Nm uudecode No only . Pc
-Use the specified
-.Ar outputfile
-as the name of the output file.
-The default is that
+Send the decoded output data to
+.Ar outputfile .
+By default,
.Nm uudecode
-obtains the name of the output file from the data stream, where
-.Nm
-would have recorded it.
+uses the
+.Ar outputname
+recorded in the encoded data stream.
.It Fl p
.Po Nm uudecode No only . Pc
-Write the decoded file to stdout instead of to a named file.
+Write the decoded file to standard output instead of to a file.
.El
.Pp
.Nm
reads
.Ar inputfile
(or by default the standard input) and writes an encoded version
-to the standard output.
+to (always) the standard output.
The encoding uses only printing
.Tn ASCII
-characters and includes the
-mode of the file and the operand
+characters suitable for text-only transport media.
+The string
.Ar outputname
-for use by
-.Nm uudecode .
+is inserted into the output header as the
+.Ar outputfile
+to use at
+.Nm uudecode
+time.
+The header also includes the mode (permissions) of the file.
.Pp
.Nm uudecode
transforms
@@ -112,6 +115,20 @@ then the data will be written to the sta
instead of to a named file.
.Nm uudecode
ignores any leading and trailing lines.
+.Pp
+The encoded form of the file is expanded by 35%.
+Every 3 bytes become 4 plus control information.
+.Sh SECURITY CONSIDERATIONS
+When using
+.Nm uudecode
+with files coming from dubious sources,
+always either explicitly pass the
+.Fl o
+option or check the header (the first line) of the encoded file for
+safety.
+Blindly using an
+.Ar outputname
+from a hostile source can overwrite important files.
.Sh EXIT STATUS
The
.Nm uudecode
@@ -156,6 +173,4 @@ and
.Nm
utilities appeared in
.Bx 4.0 .
-.Sh BUGS
-The encoded form of the file is expanded by 35% (3 bytes become 4 plus
-control information).
+
