On Wed, Dec 06, 2017 at 09:44:35AM +0000, Baptiste Daroussin wrote:
> New Revision: 326617
> URL: https://svnweb.freebsd.org/changeset/base/326617
>
> Log:
> Allow newsyslog to execute compression commands which
> have a semantic different than the traditional gzip(1)
>
> This is done to allow to use zstd(1) as a compression tool without
> having to patch it to change its default behavior.
>
> Modified:
> head/usr.sbin/newsyslog/newsyslog.c
>
> Modified: head/usr.sbin/newsyslog/newsyslog.c
> ==============================================================================
> --- head/usr.sbin/newsyslog/newsyslog.c Wed Dec 6 06:49:53 2017
> (r326616)
> +++ head/usr.sbin/newsyslog/newsyslog.c Wed Dec 6 09:44:35 2017
> (r326617)
> @@ -151,14 +151,23 @@ struct compress_types {
> const char *flag; /* Flag in configuration file */
> const char *suffix; /* Compression suffix */
> const char *path; /* Path to compression program */
> + char **args; /* Comrpession arguments */
Comrpession?
> + strlcpy(command, pgm_path, sizeof(command));
> + for (c = 1; args[c] != NULL; c++) {
> + strlcat(command, " ", sizeof(command));
> + strlcat(command, args[c], sizeof(command));
> + }
I'm wondering if we should check strlcpy/strlcat() return values here and
abort early if someone is trying to overrun command buffer?
./danfe
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
