Commit Graph

1584 Commits

Author SHA1 Message Date
FRIGN
274e86e1aa Audit cp(1)
1) Refactor the manpage, which has been a bloody mess, documenting
   fantasy-flags (-d for example) and add a STANDARDS section
2) fix usage()
3) sort ARG-block
4) Check return-value of stat() separately, so a lack of permissions
   doesn't tell the user "the directory doesn't exist", which could
   be a bit confusing.
5) Add empty line before return.
2015-03-02 19:15:19 +01:00
FRIGN
eb137b9e42 Audit chroot(1)
1) Fix usage()
2) Rename *p to *cmd
3) _exit trick with 126 + (savederrno == ENOENT)
4) return-style-fix
2015-03-02 17:46:45 +01:00
FRIGN
520d87e58e Audit mkfifo(1)
1) Fix usage()
2) Group local variables
3) Idiomatic argv-loop
4) BUGFIX: When the m-flag is specified, POSIX clearly says:
   "Set the file permission bits of the newly-created FIFO to the specified mode
   value."
   This means, that if mkfifo() fails for some reason, it should not try to
   chmod() the given path (which has been fixed with the "else if")
   A simple testcase is:

   $ touch testfile; mkfifo -m 000 testfile;

   GNU mkfifo(1): ls -l testfile
   -rw-r--r-- 1 testfile

   sbase mkfifo(1): ls -l testfile
   ---------- 1 testfile
5) Add blank line before return
2015-03-02 17:25:29 +01:00
FRIGN
cae9e3e7d2 Update rmdir.1 as well 2015-03-02 17:14:29 +01:00
FRIGN
c01641c897 Audit nice(1)
1) val is sufficient as "int" (read the standard)
2) BUGFIX: If getpriority fails, it returns -1 and sets errno.
   Previously, it would correctly catch the errno but not take
   care of the fact that by then val has been decremented by 1.
   Only change val if the getpriority-call has been successful.
3) Add LIMIT()-macro from st to increase readability.
4) setpriority returns < 0 on failure
5) Remove bikeshedding-comment. Read the standard if you wonder.
6) return-value trick from env(1)
2015-03-02 16:53:13 +01:00
FRIGN
46f743705b Add argv0 to usage() in rmdir.c 2015-03-02 16:24:08 +01:00
FRIGN
6c3ba4c4c7 Audit rmdir(1)
1) style fix (don't arrange local variables)
2) BUGFIX: Previously, if ret was turned 1 for some folder, it
   would disable the p-flag for every following folders, which
   is not desired.
   Instead, the "else if" makes sure that the p-flag-section is
   only entered when the initial rmdir succeeds.
3) BUGFIX: Previously, the program would cancel with eprintf if
   it failed to remove one folder in the parent-pathname.
   This is not desired, as we have other folders pending.
   Instead, print a warning for the current failing parent-folder,
   set ret to 1 and break off the loop at this point.
   This allows to finish the other pending folders without issues.
2015-03-02 15:39:39 +01:00
FRIGN
e50ee15a9c Audit date(1)
1) Update usage as already done in the manpage
2) group and sort local variable declarations
3) Be pedantic about the number of options. Don't just ignore it
   if argc > 1.
2015-03-02 15:12:19 +01:00
FRIGN
27656a0cbc Audit env(1)
1) Shorten synopsis and reflect this in the manual
2) Use argv0 in usage()
3) Decrement argc in argv-loop for consistency
4) Make it clearer which error-code results from which errno in enprintf
5) Use idiomatic for-loop also for environ. Don't increment these pointers
   in the loop itself!
2015-03-02 14:53:24 +01:00
FRIGN
933ed8c00b Rename unused flag in rm()
Before somebody gets the wrong idea again like I did.
2015-03-02 14:36:26 +01:00
FRIGN
286df29e7d Make already audited tools argv-centric instead of argc-centric
This has already been suggested by Evan Gates <evan.gates@gmail.com>
and he's totally right about it.
So, what's the problem?
I wrote a testing program asshole.c with

int
main(void)
{
        execl("/path/to/sbase/echo", "echo", "test");
        return 0;
}

and checked the results with glibc and musl. Note that the
sentinel NULL is missing from the end of the argument list.
glibc calculates an argc of 5, musl 4 (instead of 2) and thus
mess up things anyway.
The powerful arg.h also focuses on argv instead of argc as well,
but ignoring argc completely is also the wrong way to go.
Instead, a more idiomatic approach is to check *argv only and
decrement argc on the go.
While at it, I rewrote yes(1) in an argv-centric way as well.

All audited tools have been "fixed" and each following audited
tool will receive the same treatment.
2015-03-02 14:19:26 +01:00
FRIGN
5d6e609455 Do not mask previous return-values in libutil/rm.c
Thanks Michael Forney <mforney@mforney.org> for this observation!
2015-03-02 10:53:55 +01:00
FRIGN
d806f75cb6 Audit cat(1)
1) Fix usage ... spacing
2) use *argv instead of argv[0] in the idiomatic for-loop
3) Stop the naïve usage of "/dev/fd/0" and use plain stdin
   instead (This also makes error-messages more consistent).
4) Add newline before return
5) Remove comma in manpage
2015-03-02 00:39:26 +01:00
FRIGN
7afc84396a Audit setsid(1)
Nothing special, just a small style-fix.
2015-03-02 00:20:35 +01:00
FRIGN
48696d8c95 Fix exit status with -f for nonexistent paths
Thanks Michael Forney <mforney@mforney.org> for reporting this!
2015-03-01 23:48:50 +01:00
FRIGN
80d89c400f Audit sponge(1)
Just a little usage()-fix. Mark it as audited in README.
2015-03-01 23:42:16 +01:00
FRIGN
0c9b52ef9b Update *sum(1)-manpages and mark them as finished and audited
Now that -c behaves correctly, the tools are pretty much done.
Only the manpages were not clear enough what happens when you
specify the c-flag.
This is fixed now.
2015-03-01 22:59:20 +01:00
FRIGN
9b06720f62 Refactor cryptcheck() to allow multiple list-files and stdin
Previously, it was not possible to use

sha1sum test.c | sha1sum -c

because the program would not differenciate between an empty
argument and a non-specified argument.
Moreover, why not allow this?

sha1sum -c hashlist1 hashlist2

Digging deeper I found that using function pointers and a
modification in the crypt-backend might simplify the program
a lot by passing the argument-list to both cryptmain and
cryptcheck.
Allowing more than one list-file to be specified is also
consistent with what the other implementations support,
so we not only have simpler code, we also do not silently
break if there's a script around passing multiple files to
check.
2015-03-01 22:51:52 +01:00
FRIGN
0226c05105 Audit printenv(1)
1) argc style
2) safeguard argv-loop as already seen in echo(1) with argc-decrement.
2015-02-28 21:47:17 +01:00
FRIGN
6f715d8c6d Audit rm(1)
1) One small argc-style-matter
2) manpage cleanup
3) NOTE: The utility-functions will be evaluated separately.
2015-02-28 21:31:23 +01:00
FRIGN
80a394139a Audit hostname(1)
1) Be strict about argc
2) Fix a small error in the manpage
2015-02-28 21:22:55 +01:00
FRIGN
f20075b0bc Mark yes(1) as audited in README 2015-02-28 21:12:27 +01:00
FRIGN
ad9a9dd3e1 Audit yes(1)
Oh well, time to simplify the loop.
Also, change the comment on unreachable code to something more clear.
2015-02-28 21:11:10 +01:00
FRIGN
bf3210b6de Audit echo(1)
Just a small change in the manpage.
2015-02-28 20:16:10 +01:00
FRIGN
e00fe1f9bf Audit sleep(1)
1) Be strict about argc
2) Use "unsigned" instead of "unsigned int"
2015-02-28 20:10:25 +01:00
FRIGN
39b9aab25a Audit unlink(1)
One small thing, use argv0 in usage.
Also, add a blank line in link.c which I forgot earlier.
2015-02-28 20:05:22 +01:00
FRIGN
b9b28d4039 Audit tty(1)
1) Be strict about number of arguments passed
2) Use a simpler logic while returning
2015-02-28 19:59:34 +01:00
FRIGN
e45297a320 Audit dirname(1)
Be stricter about the number of arguments passed to it.
2015-02-28 19:51:07 +01:00
FRIGN
cb610b2c7b Audit link(1) 2015-02-28 19:42:56 +01:00
sin
804b62f7a2 Fix broken sbase-box due to multiple definitions of usage 2015-02-28 18:33:33 +00:00
Hiltjo Posthuma
3068ea2318 README: document sbase-box-install rule 2015-02-28 15:40:16 +01:00
sin
7ee3569327 Update README for time(1) 2015-02-28 14:42:11 +00:00
sin
d083a94731 time: errno is not guaranteed to be set for sysconf()
0 should be considered an invalid CLK_TCK.
2015-02-28 14:36:50 +00:00
FRIGN
65ae4afa7c Mark false(1) and true(1) as audited
Nothing to be done there.
2015-02-28 15:12:19 +01:00
FRIGN
5be621dcf2 Refactor basename.1 2015-02-28 15:09:47 +01:00
FRIGN
e7c33c4af3 Audit basename(1)
1) be stricter which number of arguments is accepted (1 or 2)
2) basename already returns a pointer to "." is argv[0] is ""
3) No need to check for *p != '/', because basename() only returns
   a string beginning with '/' which has length 1, so if strlen(p)
   == 1, the only way for suffix to be "evaluated" is for off to
   be > 0, being equal to suffix being "", but "" != "/".
4) don't calculate strlen twice for each string. Store it in a
   ssize_t and check if it's > 0.
2015-02-28 14:48:44 +01:00
FRIGN
44bd931834 Add audit-section to README
Okay, so why another section?
The finished-section applies to general feature-completeness and
manual status. It somehow is not an indicator for general code-
clarity, so the audited-column reflects a thorough audit of the
underlying code and optimization.
Take a look at the upcoming basename(1)-patch for an example on
how this goes.
2015-02-28 14:42:26 +01:00
Hiltjo Posthuma
bcd649da55 add find.1, sed.1, time.1 stubs
all tools should have man pages. add stubs so make install and
make sbase-box-install doesn't fail.
2015-02-28 13:46:20 +01:00
Hiltjo Posthuma
318ed94f63 chown.1, strings.1: fix date 2015-02-28 13:43:29 +01:00
Hiltjo Posthuma
4a4d0825b1 make rule: sbase-box-install
rule to make sbase-box and setup symlinks for $BIN and /bin/[

some (maybe) interesting info:

$ make LDFLAGS="-s -static" CFLAGS="-Os" PREFIX=/ DESTDIR=`pwd`/static-normal install
$ make LDFLAGS="-s -static" CFLAGS="-Os" PREFIX=/ DESTDIR=`pwd`/static-box sbase-box-install

$ du -sk static-normal/ static-box
2728    static-normal/
572     static-box
2015-02-28 13:30:06 +01:00
sin
84e7fbda24 time(1) cleanup 2015-02-27 21:43:11 +00:00
Evan Gates
5c8d5c1dca add time. do not mark complete/POSIX compliant as exit status is wrong. 2015-02-27 21:39:50 +00:00
FRIGN
7cc4ef0734 Don't break the coding-style 2015-02-26 19:07:02 +01:00
Evan Gates
bf4c5d1fcd expr comments, cleanup, UTF-8 support 2015-02-26 17:26:47 +00:00
FRIGN
1cdb424ac6 Remove tabs(1) from TODO
It needs to be in ubase due to terminfo.
Thanks Roberto!
2015-02-26 10:36:55 +01:00
sin
71f49d7c04 tput should be in ubase 2015-02-25 22:03:56 +00:00
Evan Gates
fb89ed012b re-typedef Test, use NOTREACHED comment instead of comma operator, both as per style guide 2015-02-25 21:08:35 +00:00
Evan Gates
3eed1fced6 a bunch of cleanup 2015-02-25 10:11:55 +00:00
Evan Gates
e427364a28 use struct literal instead of filling each field manually 2015-02-25 10:11:47 +00:00
Evan Gates
4671b4c974 no need for array of function pointers for comparisons, just use the necessary function pointer itself 2015-02-25 10:11:35 +00:00