mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-12-28 22:36:24 +01:00
HardenedBSD src tree
3948edc24c
- Fix buffer overflow problem once and for all: do away with the buffer copies to 'user' prior to calling _scancaches() and just pass a pointer to the buffer returned by yp_match()/yp_first()/yp_next()/whatever. (We turn the first ':' to a NUL first so strcmp() works, then change it back later. Submitted by Bill Fenner <fenner@parc.xerox.com> and tweaked slightly by me. - Give _pw_breakout_yp() the 'more elegant solution' I promised way back when. Eliminate several copies to static buffers and replace them with just one copy. (The buffer returned by the NIS functions is at most YPMAXRECORD bytes long, so we should only need one static buffer of the same length (plus 2 for paranoia's sake).) - Also in _pw_breakout_yp(): always set pw.pw_passwd to the username obtained via NIS regardless of what pw_fields says: usernames cannot be overridden so we have no choice but to use the name returned by NIS. - _Again_ in _pw_breakout_yp(): before doing anything else, check that the first character of the NIS-returned buffer is not a '+' or '-'. If it is, drop the entry. (#define EXTRA_PARANOIA 1 :) - Probe for the master.passwd.* maps once during __initdb() instead of doing it each time _getyppass() or _nextyppass() is called. - Don't copy the NIS data buffers to static memory in _getyppass() and _nextyppass(): this is done in _pw_breakout_yp() now. - Test against phkmalloc and phkmalloc/2 (TNG!) to make sure we're free()ing the yp buffers sanely. - Put _havemaster(), _getyppass() and nextyppass() prototypes under #ifdef YP. (Somehow they ended up on the wrong side of the #endif.) - Remove unused variable ___yp_only. |
||
|---|---|---|
| bin | ||
| eBones | ||
| etc | ||
| games | ||
| gnu | ||
| include | ||
| lib | ||
| libexec | ||
| lkm | ||
| release | ||
| sbin | ||
| secure | ||
| share | ||
| sys | ||
| tools/regression/usr.bin/sed | ||
| usr.bin | ||
| usr.sbin | ||
| COPYRIGHT | ||
| CVS-INFO | ||
| HW.TROUBLE | ||
| Makefile | ||
| README | ||
| TODO | ||
-----------------------------------------
FreeBSD 2.0 --- ALPHA Release , ,
----------------------------------------- /( )`
\ \___ / |
Welcome to the ALPHA release of FreeBSD 2.0 - the /- _ `-/ '
first public snapshot of our new 4.4BSD Lite based (/\/ \ \ /\
operating system environment. This install proce- / / | ` \
dure is also at the ALPHA stage, and contains only O O ) / |
the minimum functionality required by an `-^--'`< '
*EXPERIENCED* person to install the system. (_.) _ ) /
It is our hope, of course, that the feedback `.___/` /
provided from this snapshot will `-----' /
greatly assist us in making the release <----. __ / __ \
of 2.0 much more user friendly. Your <----|====O)))==) \) /====
comments and criticisms are very <----' `--' `.__,' \
valuable to us, so please don't hesitate | |
in contacting us! Full details on where and \ / /\
how to provide feedback are given below. ______( (_ / \______/
,' ,-----' |
This install procedure is ALPHA code, and `--{__________)
may very possibly *DESTROY* the contents of your
ENTIRE DISK! Please do not proceed with this installation
unless you've adequately backed up your data first!
If any errors occur during this installation, you can see them
by toggling over to the alternate screen - type ALT-F2 to switch
over, ALT-F1 to switch back to the install screen. The debugging
output on the second screen may be very valuable to us in understanding
your bug report, so please be sure to take note of it when reporting
any failures in the installation! Thanks!
Menus and scrolling output windows may be traversed with the arrow
and Page Up/Page Down keys. To suspend the installation at any point,
hit ESC twice. Hitting TAB will move the focus to different controls.
If you've ever dealt with a DOS installation, you'll know how to deal
with this.
For a more complete description of what's new in this release, please
see the release notes.
For more documentation on this system, it is recommended that you purchase
the 4.4BSD Document Set from O'Reilly Associates and the USENIX Association.
ISBN 1-56592-082-1 We have no connection with O'Reilly, we're just
satisfied customers!
Have fun, and please let us know of any problems you encounter with
this release!
Comments should be sent to:
hackers@FreeBSD.org
Bug reports should be sent using the `send-pr' utility, if you
were able to get the system installed, otherwise to:
bugs@FreeBSD.org
And general questions to:
questions@FreeBSD.org
Please have patience if your questions are not answered right away -
this is an especially busy time for us, and our volunteer resources
are often strained to the limit (if not somewhat past!).
Thanks!
The FreeBSD Project