OK? Comments?
On Sep 14 16:50:43, h...@stare.cz wrote:
> On Sep 13 17:50:12, danj+o...@chown.me wrote:
> > And can you add # uses pledge() just before WANTLIB please?
>
> OK.
>
> On Sep 13 20:16:57, s...@spacehopper.org wrote:
> > On 2016/09/13 13:03, Stuart Henderson wrote:
> > >
> > > We also often defer pledge until after option parsing, when we have
> > > a better idea of what is actually needed: for toast(/untoast/tcat)
> > > this would allow a more accurate pledge because we'll then know
> > > whether or not it needs filesystem access.
>
> See below for a finer pledge():
>
> * initially, restrict to "stdio rpath wpath cpath fattr"
> * if we are tcat(1), restrict to "stdio rpath"
> * if we are just a filter, restrict to "stdio"
>
> The "fattr" is for preserving mtime.
>
> The following works with these restrictions:
>
> $ toast file
> $ tcat file.gsm > file
> $ untoast file.gsm
> $ toast < file > file.gsm
> $ untoast < file.gsm > file
>
> Jan
>
>
> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/audio/gsm/Makefile,v
> retrieving revision 1.45
> diff -u -p -r1.45 Makefile
> --- Makefile 13 Sep 2016 11:33:28 -0000 1.45
> +++ Makefile 14 Sep 2016 14:48:53 -0000
> @@ -3,6 +3,7 @@
> COMMENT= GSM audio codec library and converter
>
> DISTNAME= gsm-1.0.15
> +REVISION= 0
> WRKDIST= ${WRKDIR}/gsm-1.0-pl15
>
> SHARED_LIBS= gsm 1.0
> @@ -16,6 +17,7 @@ MAINTAINER= Stuart Henderson <sthen@open
> # ISC-like
> PERMIT_PACKAGE_CDROM= Yes
>
> +# uses pledge(2)
> WANTLIB += c
>
> MASTER_SITES= ${HOMEPAGE}
> Index: patches/patch-src_toast_c
> ===================================================================
> RCS file: patches/patch-src_toast_c
> diff -N patches/patch-src_toast_c
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ patches/patch-src_toast_c 14 Sep 2016 14:48:53 -0000
> @@ -0,0 +1,47 @@
> +$OpenBSD$
> +--- src/toast.c.orig Wed Apr 26 21:14:26 2006
> ++++ src/toast.c Wed Sep 14 14:14:29 2016
> +@@ -129,9 +129,22 @@ static void parse_argv0 P1((av0), char * av0 )
> + * and decode as well.
> + */
> +
> +- if (!strncmp(av0, "un", 2)) f_decode = 1;
> ++ if (pledge("stdio rpath wpath cpath fattr", NULL) == -1) {
> ++ perror("pledge");
> ++ exit(1);
> ++ }
> ++
> ++ if (!strncmp(av0, "un", 2)) {
> ++ f_decode = 1;
> ++ }
> + if ( (l = strlen(av0)) >= 3 /* strlen("cat") */
> +- && !strcmp( av0 + l - 3, "cat" )) f_cat = f_decode = 1;
> ++ && !strcmp( av0 + l - 3, "cat" )) {
> ++ if (pledge("stdio rpath", NULL) == -1) {
> ++ perror("pledge");
> ++ exit(1);
> ++ }
> ++ f_cat = f_decode = 1;
> ++ }
> + }
> +
> +
> +@@ -793,8 +806,16 @@ int main P2((ac, av), int ac, char **av)
> +
> + catch_signals(onintr);
> +
> +- if (ac <= 0) process( (char *)0 );
> +- else while (ac--) process( *av++ );
> ++ if (ac <= 0) {
> ++ if (pledge("stdio", NULL) == -1) {
> ++ perror("pledge");
> ++ exit(1);
> ++ }
> ++ process( (char *)0 );
> ++ } else {
> ++ while (ac--)
> ++ process( *av++ );
> ++ }
> +
> + exit(0);
> + }
