On Sun, 5 Jun 2016 10:01:04 +0200 Sebastien Marie <sema...@openbsd.org> wrote:
> On Sun, Jun 05, 2016 at 03:18:52PM +0800, Ray Lai wrote: > > I pledged your diff. > > some comments inlined. Fixed. I used 2 pledges, one before initialization. Is that okay, or is it better to just have one pledge? Thanks for your feedback! Ray Index: Makefile =================================================================== RCS file: /home/cvs/ports/net/ii/Makefile,v retrieving revision 1.13 diff -u -p -r1.13 Makefile --- Makefile 21 May 2016 05:31:38 -0000 1.13 +++ Makefile 5 Jun 2016 10:53:27 -0000 @@ -3,7 +3,7 @@ COMMENT= minimalist IRC client DISTNAME= ii-1.7 -REVISION= 2 +REVISION= 3 CATEGORIES= net HOMEPAGE= http://tools.suckless.org/ii @@ -15,6 +15,7 @@ MAINTAINER= Gleydson Soares <gsoares@op # MIT/X PERMIT_PACKAGE_CDROM= Yes +# uses pledge() WANTLIB= c NO_TEST= Yes Index: patches/patch-ii_c =================================================================== RCS file: patches/patch-ii_c diff -N patches/patch-ii_c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-ii_c 5 Jun 2016 10:46:04 -0000 @@ -0,0 +1,51 @@ +$OpenBSD$ + +# http://git.suckless.org/ii/commit/?id=f79e2f09534d92a6fe4e062b06449a925fef1c41 + +# uses pledge() + +--- ii.c.orig Sun Jun 5 15:10:49 2016 ++++ ii.c Sun Jun 5 18:41:21 2016 +@@ -438,7 +438,7 @@ static void handle_server_output() { + } + + static void run() { +- Channel *c; ++ Channel *c, *n; + int r, maxfd; + fd_set rd; + struct timeval tv; +@@ -475,9 +475,11 @@ static void run() { + handle_server_output(); + last_response = time(NULL); + } +- for(c = channels; c; c = c->next) ++ for(c = channels; c; c = n) { ++ n = c->next; + if(FD_ISSET(c->fd, &rd)) + handle_channels_input(c); ++ } + } + } + +@@ -488,6 +490,9 @@ int main(int argc, char *argv[]) { + char *key = NULL, *fullname = NULL; + char prefix[_POSIX_PATH_MAX]; + ++ if (pledge("stdio rpath wpath cpath dpath inet dns", NULL) == -1) ++ err(1, "pledge"); ++ + if(!spw) { + fputs("ii: getpwuid() failed\n", stderr); + exit(EXIT_FAILURE); +@@ -511,6 +516,10 @@ int main(int argc, char *argv[]) { + if(use_ssl) + port = port == SERVER_PORT ? SSL_SERVER_PORT : port; + irc = tcpopen(port); ++ ++ if (pledge("stdio rpath wpath cpath dpath", NULL) == -1) ++ err(1, "pledge"); ++ + if(!snprintf(path, sizeof(path), "%s/%s", prefix, host)) { + fputs("ii: path to irc directory too long\n", stderr); + exit(EXIT_FAILURE);
