3rd (variadic) mode_t parameter is irrelevant. Many developers in the past
have passed mode_t (0, 044, 0644, or such), which might lead future people
to copy this broken idiom, and perhaps even believe this parameter has some
meaning or implication or application. Delete them all.
This comes out of a conversation where tb@ noticed that a strange (but
intentional) pledge behaviour is to always knock-out high-bits from
mode_t on a number of system calls as a safety factor, and his bewilderment
that this appeared to be happening against valid modes (at least visually),
but no sorry, they are all irrelevant junk. They could all be 0xdeafbeef.
ok millert
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.
* removing unneeded casts of void* return values
* replacing varied and creative error messages with the allocation
function's name
* replacing errx() with err() so that the errno string is reported
ok beck@, jung@, millert@
unmaintainable). these days, people use source. these id's do not provide
any benefit, and do hurt the small install media
(the 33,000 line diff is essentially mechanical)
ok with the idea millert, ok dms
o Style nits
o Use const to silent stupid -Wall warnings
o strnc{py,at} -> strlc{py,at}
o Use strpbrk() instead of homegrown anyof()
o Use NULL instead of #defines with 0 cast to a pointer
This still could use a proper audit
Instead, routines responsible to gathering user input (or in some
cases outputting data) catch the signals and set flags as needed.
Because of this some handlers are install without the SA_RESTART
flag so syscalls are not restarted and we can check the flag. All
signal handlers are now safe.
This should make the flow of control a bit more grokable but the
code is still ugly.
o escape From line with a leading '>' when needed
o only print To: address and Subject lines if actually present
o new variable 'allnet' to treat user@foo and user@bar as the same "user"
o folders command now takes an optional argument like ls.
o new "pipe" (|) command to pipe the message through an arbitrary command
o make header display format the same as SunOS 4.1.3 /usr/ucb/mail
o tilde commands work regardless of interactive mode.
o fix "read: Interrupted system call" error by retrying if EINTR
o expanded help file
Changes by me:
o read the help file via the PAGER as it is now more than 24 lines long
constant). These are not security holes but it is worth fixing
them anyway both for robustness and so folks looking for examples
in the tree are not misled into doing something potentially dangerous.
Furthermore, it is a bad idea to assume that pathnames will not
include '%' in them and that error routines don't return strings
with '%' in them (especially in light of the possibility of locales).
replace panic() with calls to err()/errx()
use S_IS* instead of doing by hand with S_IF*.
Use TIMESPEC_TO_TIMEVAL() and gettimeofday instead of time(2)
Use _POSIX_VDISABLE, not 0
Kill register
- handle long lines safely (from NetBSD)
- use puts/fputs and putchar/putc when it makes sense
- use err/errx and warn/warnx when it makes sense
- make return() and sizeof() style consisten
- some more buffer safety
