Commit Graph

1900 Commits

Author SHA1 Message Date
FRIGN
0c470f5563 Remove fflush-check from fshut()
Basically, it's a conflict between POSIX and ISO C what do to when
input streams are passed to fflush().
POSIX mandates that the seeking-position should be synced, but ISO C
says it's undefined behaviour.
We love POSIX, but the standard-documents specify that in all conflict
cases, ISO C wins, so this breaks with EBADF on BSD's.

musl and glibc follow POSIX behaviour, which makes sense, but involves
numerous portability concerns.

To get around this, we just don't check fflush() and rely on the fact
that no implementation sets ferror on the file-stream in fflush if it
is an input stream, so every issue caught in fflush() is caught later
with ferror() and fclose().

Add a comment to fshut() because this stuff is so complicated, it
took us a day to figure out.
2015-04-05 09:13:56 +01:00
FRIGN
28c5d560fb Fix small issue in nl(1)
If fp == NULL we don't want to close it.
2015-04-05 09:13:56 +01:00
FRIGN
11e2d472bf Add *fshut() functions to properly flush file streams
This has been a known issue for a long time. Example:

printf "word" > /dev/full

wouldn't report there's not enough space on the device.
This is due to the fact that every libc has internal buffers
for stdout which store fragments of written data until they reach
a certain size or on some callback to flush them all at once to the
kernel.
You can force the libc to flush them with fflush(). In case flushing
fails, you can check the return value of fflush() and report an error.

However, previously, sbase didn't have such checks and without fflush(),
the libc silently flushes the buffers on exit without checking the errors.
No offense, but there's no way for the libc to report errors in the exit-
condition.

GNU coreutils solve this by having onexit-callbacks to handle the flushing
and report issues, but they have obvious deficiencies.
After long discussions on IRC, we came to the conclusion that checking the
return value of every io-function would be a bit too much, and having a
general-purpose fclose-wrapper would be the best way to go.

It turned out that fclose() alone is not enough to detect errors. The right
way to do it is to fflush() + check ferror on the fp and then to a fclose().
This is what fshut does and that's how it's done before each return.
The return value is obviously affected, reporting an error in case a flush
or close failed, but also when reading failed for some reason, the error-
state is caught.

the !!( ... + ...) construction is used to call all functions inside the
brackets and not "terminating" on the first.
We want errors to be reported, but there's no reason to stop flushing buffers
when one other file buffer has issues.
Obviously, functionales come before the flush and ret-logic comes after to
prevent early exits as well without reporting warnings if there are any.

One more advantage of fshut() is that it is even able to report errors
on obscure NFS-setups which the other coreutils are unable to detect,
because they only check the return-value of fflush() and fclose(),
not ferror() as well.
2015-04-05 09:13:56 +01:00
Ypnose
11d59a78c8 Makefile: missing sbase-box-install in PHONY 2015-04-03 23:08:04 +01:00
sin
ef08e52e9b Revert "Add command(1) to TODO"
It must be a shell builtin.  Thanks emg.
2015-04-03 19:37:07 +01:00
sin
2ef65fe317 Add command(1) to TODO
Potentially useful in certain situations, not for the 0.1 release
though.
2015-04-03 16:54:46 +01:00
sin
ccf0fbcd7b Fix usage for printf(1) 2015-04-03 10:41:38 +01:00
sin
9611e92303 Do not interpret -- in echo(1)
Retain -n as it is marginally useful and common.
2015-04-03 10:29:11 +01:00
Dionysis Grigoropoulos
bbd2b4d243 wc: Show line/char/word count even if it's zero
Fix a bug where if a line, character or word count is zero, it's not
printed
2015-04-01 11:06:47 +01:00
Hiltjo Posthuma
bf90e85f18 col: dont allow col -l 0 2015-03-30 21:49:33 +02:00
Hiltjo Posthuma
b1fcce32e2 col: exit status 1 on usage 2015-03-30 21:49:04 +02:00
Hiltjo Posthuma
24c6df3d73 col: buffer 128 lines by default 2015-03-30 21:48:26 +02:00
Hiltjo Posthuma
398598dbbe paste: fix crash with empty delimiter
reproduce:
	paste -d '' /dev/null
or
	paste -d '\0' /dev/null

show usage() in these cases.
2015-03-30 21:25:23 +02:00
Hiltjo Posthuma
d6aff89bbb tail: allow tail -n 0 or tail -0
fix a crash, but allow this option.
2015-03-30 21:24:46 +02:00
Hiltjo Posthuma
d583d12300 du: fix possible division by zero if $BLOCKSIZE is 0
these kind of $BLOCKSIZE dont make sense, but dont crash atleast.
2015-03-30 19:58:06 +02:00
Hiltjo Posthuma
27f258dd34 libutil/getlines: style fix 2015-03-29 21:55:34 +02:00
Hiltjo Posthuma
9f97430143 libutil/getlines: fix crash with no lines
because b->lines and b->nlines would be 0 with no lines read.

reproduce: printf '' | sort or cols

bug was introduced by commit: 66a5ea722d
2015-03-29 21:48:49 +02:00
Hiltjo Posthuma
1e0c3a0ba6 whitespace fixes 2015-03-27 22:48:05 +01:00
Hiltjo Posthuma
8e486d5282 xargs: minor optimizations 2015-03-27 22:48:05 +01:00
Hiltjo Posthuma
67ca2428d5 xargs: fix sysconf(_SC_ARG_MAX)
the minimum space required by environment variables isn't clearly defined by
POSIX afaik.
2015-03-27 22:48:05 +01:00
Hiltjo Posthuma
7ebf02d749 find: fgetc() returns int 2015-03-27 22:48:05 +01:00
Hiltjo Posthuma
a9bedca038 fix some signed/unsigned warnings and style fixes 2015-03-27 22:48:05 +01:00
FRIGN
57dc7b94b0 POSIX 2013 audit
Mostly manpage-shuffling according to the changes in the corrigendum,
wording changes and more idiomatic expressions.
All this is finished up by marking the POSIX 2013 conformant tools
with
.St -p1003.1-2013
which is not available in older mandoc builds or nroff, but which
reflects what we actually did, so who cares?

This is a huge step and it's not far until we can release sbase 0.1.
2015-03-27 17:25:22 +01:00
Hiltjo Posthuma
06b663234f sed: declare functions and global vars static (some still missing) 2015-03-27 16:20:50 +01:00
Hiltjo Posthuma
244539e473 sed: style improvements
- declare variables at the top of a function.
- free(NULL) is valid.
- avoid VLA.
2015-03-27 16:01:55 +01:00
Hiltjo Posthuma
0547e72441 sed: show specific error strings (strerror) and minor style fixes 2015-03-27 15:59:09 +01:00
Hiltjo Posthuma
fea0a34e13 grep: use len returned from getline and check fmemopen() 2015-03-27 15:54:41 +01:00
Hiltjo Posthuma
44298e54e6 comm: minor optimization 2015-03-27 15:53:46 +01:00
FRIGN
9144d51594 Check getline()-return-values properly
It's not useful when 0 is returned anyway, so be sure that we have a
string with length > 0, this also solves some indexing-gotchas like
"len - 1" and so on.
Also, add checked getline()'s whenever it has been forgotten and
clean up the error-messages.
2015-03-27 14:49:48 +01:00
Hiltjo Posthuma
a516338581 nl.1: fix mandoc warning 2015-03-27 12:21:28 +01:00
Hiltjo Posthuma
c5a51123b1 printf: no need to nul-terminate after strndup 2015-03-27 12:21:13 +01:00
FRIGN
096da1297b Properly handle width and precision in printf(1) 2015-03-26 23:01:26 +01:00
Evan Gates
b7886f3e67 change estrlcat back to strlcat
strlcat is used to here to purposely truncate the string
2015-03-24 22:50:26 +00:00
FRIGN
8db1632409 Drop maxdigits in expr(1)
This just begs for off-by-ones. Just drop it and use BUFSIZ.
We'll survive it.
2015-03-23 22:56:26 +01:00
FRIGN
f668afa1ff Style fix in expr(1)
(*valp). --> valp->
2015-03-23 22:44:07 +01:00
FRIGN
50ecbd43ad Can't use sizeof on malloc'ed array in expr(1)
Thanks emg for reporting this!
2015-03-23 22:31:36 +01:00
FRIGN
df8529f0a1 Fix syntax error in sort(1)
Somehow went unnoticed...
2015-03-23 20:30:07 +01:00
FRIGN
4750b233ce Prepare POSIX 2013 audit
I can't believe we've come this far! The idea is to look at the
2013 POSIX corrigendum for each tool and deep-test features before
making the first 0.1 release.
To keep the noise low, I'll do this in batches, not on a per-tool-
basis (as many of these are trivial to test).
In the meantime, I'll also think of a fitting STANDARDS section
for the non-POSIX tools. Now that the audits are pretty much done,
I can also have a more relaxed view on standards compliance instead
of having to dig through some uncleaned mess.

To mark this "new beginning", the README has gotten a liftover.
The POSIX 2008-column was more or less useless and as I expect the
checks to go along pretty quickly, I "reset" the compliance state
of all but the non-POSIX tools and will then go along and check every
single one of them in the next few days.

Apart from the few missing flags and audits, sbase should then be
ready to hit the world with the first release after 4 years of work.
2015-03-23 16:22:00 +01:00
FRIGN
49e27c1b0c Add -m and -o flags to sort(1)
Sort comes pretty much automatically, as no script relies on the
undefined behaviour of the input _not_ being sorted, we might as well
sort the sorted input already.
The only downside is memory usage, which can be an issue for large
files.
The o-flag was trivial to implement.
2015-03-22 23:39:48 +01:00
FRIGN
71adaed519 Add s-, t-, x-flags to and audit xargs(1)
The flexible design already allowed to add these flags trivially.
Drop the -I and -L-flags, which are XSI-extensions.
The audit generally consisted of style-changes, dropping kitchen-
sink functions, updating the usage and using estrtonum instead of
strtol.
2015-03-22 22:57:58 +01:00
FRIGN
521f324319 Audit col(1), add UTF-8-support
Nothing special here, only renaming of variables and adding the
Rune-utility-functions.
Also, I refactored the manpage.
2015-03-22 21:45:32 +01:00
sin
a0e5b565a7 nl: Fix leading white-space 2015-03-22 19:23:57 +00:00
FRIGN
b96c9d06c5 Don't indent non-numbered lines in nl(1)
This is yet another GNU-specific behaviour we fell for.
POSIX explicitly states that for non-numbered lines, all indentation-
crap should be dropped immediately. Well, we didn't listen, so this
commit will set things straight again.
Honestly speaking, this also looks much cleaner than before.
Fuck GNU!
2015-03-22 18:30:45 +01:00
FRIGN
3ccfa1877d Don't print section-control-lines as empty lines in nl(1)
GNU coreutils may behave this way, but one can think of these lines
as consumed control lines.
Fuck GNU!
2015-03-22 17:38:22 +01:00
FRIGN
377b5499e9 Fix small typo in nl.1 2015-03-22 17:25:11 +01:00
FRIGN
587575dcb4 Audit nl(1)
1) Refactor the manpage to use the num-syntax and concise wording.
2) Build format instead of having a list of static strings.
3) BUGFIX: if (!buf[0] || buf[0] == '\n') Process last-read-line
           properly.
4) BUGFIX: In case we hit a formatting line, print a newline instead
           of just dropping it.
5) Use a switch instead of having spaghetti-cases.
6) Don't use printf-magic but explicitly do a putchar(' ')-loop.
7) Update usage(), indent properly.
8) BUGFIX: strchr is not NULL when type[0] is \0. Check for \0
           separately beforehand.
9) Reorder arg.h-cases for better readability.
2015-03-22 16:46:01 +01:00
FRIGN
d49f6f2044 Audit expr(1)
No bugs found, but I changed intmax_t to long long to make it more
predictable and removed some of the kitchen-sinking.
Don't return structs themselves, as this is not very elegant.
Do it like functions like stat(), which take a pointer to a
struct to fill.
2015-03-22 14:35:15 +01:00
FRIGN
1f0f1dd320 Show usage() when filtermode is given for tar-creation
We only allow decompression for extraction. Thus, it may be confusing
for the user and break scripts silently when the j- or z-flag are given
even though this is not supported.
2015-03-21 14:04:49 +01:00
FRIGN
b6b977f63d Audit tar(1), add DIRFIRST-flag to recurse()
I've been wanting to do this for a while now, as tar(1) used to
be one of messiest and cruftiest tools.
First off, before walking through the audit, I'll talk about
what the DIRFIRST-flag for recurse() does.
It basically calls fn() on the first-level-dir before calling
it's subentries. It's necessary here, because else the order
of the tar-files would've been wrong (it would try to create
dir/file before creating dir/).

Now, to the audit:
1)  Update manpage, fix mistake that compression is also available
    for compressing. It's only available for extracting.
2)  Define the major, minor and makedev macros from glibc by ourselves.
    No need to rely on them, as they are common sense.

decomp()
3)  Simple refactorization.

putoctal()
4)  Add a truncation check for snprintf().

archive()
5)  BUGFIX: Add checks to any checkable function, don't blindly call
    them, this is harmful and there are 100 ways to exploit that.
6)  Use estrlcpy() instead of snprintf() wherever possible, fix
    alignment.
7)  BUGFIX: Terminate the result-buffer of readlink(), check if
    it even succeeded.
8)  Fix sizeof()-formatting.

unarchive()
9)  BUGFIX: Add checks to any checkable function, don't blindly call
    them, this is harmful and there are 100 ways to exploit that.
10) BUGFIX: strtoul can happily return negative numbers. Add checks
    for that and also if the full string has been processed.
11) Remove calls to perror(). We have eprintf, use it.
12) BUGFIX: "minor = strtoul(h->mode, 0, 8);". We need h->minor of
    course.
13) Fix typo "usupported", remove fprintf-call.

print()
14) Check fread().

xt()
15) Get rid of snprintf-magic. Use estrlcat().
16) BUGFIX: check for ferror() on the tarfile.

usage()
17) Update it. The old usage() was like 1000 years old.

main()
18) Add DIRFIRST-flag to the recursor.
19) Don't print usage() when a mode is re-set. We allow this in
    general.
20) Add function checks and fix error messages.
21) Add tarfilename-global for proper error-messages.
2015-03-21 01:30:47 +01:00
FRIGN
a531865fe5 Audit readlink(1)
1) Properly document e, f and m-flags in the manpage.
2) Clear up the code for the m-flag-handling. Add idiomatic
   '/'-path-traversal as already seen in mkdir(1).
3) Unwrap the SWAP_BUF()-macro.
4) BUGFIX: Actually handle the f-flag properly. Only resolve
   the dirname and append the basename later.
5) Use fputs() instead of printf("%s", ...).
2015-03-20 22:14:31 +01:00