summaryrefslogtreecommitdiffstats
path: root/usr.bin/file/file.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* After fork(2) the pledge(2) in the parent proc can be reduced tomestre2019-11-301-1/+4
| | | | | | | | "stdio rpath sendfd" so that it can call {l,}stat/open and sendfd for imsg_* in order to send fds to the child proc which is already pledged by recvfd to receive them OK brynet@ deraadt@
* dev_t is signed to permit passing -1 as an invalid condition, but thederaadt2019-02-051-3/+3
| | | | | | decomposition into major and minor is unsigned, so we should print them with %u instead of %d. ok guenther
* the parent process doesn't do much but open files, but just the sametedu2019-01-061-1/+4
| | | | | there's no reason it can't use pledge to enforce that. ok brynet deraadt
* Revert my changes in r1.60 back to nicm@'s latest for now.brynet2018-01-151-109/+239
| | | | | | Fixes "file *|grep" breakage reported by espie@ ok nicm, deraadt
* Default unknowns to application/octet-stream instead of x-not-regular-file.bentley2017-11-301-2/+2
| | | | | | This makes more sense and matches what the latest "other" file(1) now does. ok nicm@
* close open fd after testing files, ensuring that fd isn't stdin.brynet2017-07-011-1/+3
| | | | ok nicm@
* Fix stdin file read support, accidentally broken in my last commit.brynet2017-06-281-2/+6
|
* remove excess #includederaadt2017-06-281-6/+1
|
* perform an initial pledge very early on, and drop tzset to later.deraadt2017-06-281-4/+6
| | | | ok nicm brynet
* Simplify file(1) by removing the no longer necessary parent/child separationbrynet2017-06-281-234/+100
| | | | | | | | | | and just drop privileges in the main process. Also allows for a tighter "stdio" pledge. passing regress tests still pass ok nicm@ with helpful feedback
* Style nits; no binary change.nicm2017-04-181-9/+6
|
* Tidy up some #include lines.nicm2016-05-011-5/+9
|
* Add --brief and --dereference, used by xdg-open/xdg-mime.jca2015-12-241-4/+6
| | | | From Ralf Horstmann, ok tb@ deraadt@ nicm@ sthen@
* EAGAIN handling for imsg_read. OK henning@ benno@claudio2015-12-051-2/+4
|
* Break the message preparation bit of the main loop into its own functionnicm2015-11-131-39/+47
| | | | for less excessive level of indentation.
* Call stat not lstat with -L, makes links actually be followed. Reportednicm2015-11-131-27/+29
| | | | by and ok semarie@.
* The file(1) magic-parsing process was using pledge "stdio getpw proc recvfd"deraadt2015-10-171-2/+2
| | | | | | | | | | | | | | early on, then a set of getpwnam/setresuid/... before quickly dropping to "stdio recvfd". It receives fd's and runs the magic code on them in a chroot'd "stdio" jail. We can do better than that. Before the recent change, "proc" contained both the concepts of "forking" and "setuid". "id" is now split out as a seperate request, and it is exactly what this process needs momentarily. So this loses another window of opportunity, in case we have a major bug in .... hmm, it'd have to be in getpwnam.... ok tedu doug semarie gilles
* Change all tame callers to namechange to pledge(2).deraadt2015-10-091-6/+6
|
* Move from tame "cmsg" to tame "sendfd" or "recvfd", depending on whichderaadt2015-10-061-3/+3
| | | | way the process moves fd's.
* use the normal -1 check for tame failurederaadt2015-10-051-3/+3
|
* Add tame(2) to file(1) and drop the old systrace(4) sandbox. tame(2) isnicm2015-10-041-8/+42
| | | | | | | | only applied to the child process, which requires the parent to not pass directory file descriptors (tame("cmsg") does not allow it). Because file(1) is already privsep, the permissions in the child can be quickly restricted: first to "stdio cmsg getpw proc" then after the privdrop to "stdio cmsg".
* use limits.h instead of sys/param.h to get PATH_MAXderaadt2015-10-021-1/+2
|
* Keep one byte for terminating '\0'.tobias2015-07-121-2/+2
| | | | ok nicm@
* Properly handle files >= 4 GB on 32 bit architectures.tobias2015-07-081-4/+5
| | | | with input by and ok nicm@
* Support - to read from stdin, from Sebastien Marie.nicm2015-05-301-4/+16
|
* millert points out I can just call tzset() early to avoid having tonicm2015-05-291-1/+4
| | | | permit access() in the child.
* Only mmap() on regular files; mmap() on /dev/stdin will happily map asnicm2015-05-291-18/+20
| | | | | | much as we ask for but only the first page will be usable. (We could get the actual size with ioctl(FIONREAD) and mmap() that but it would need to be done in the parent - I think just using read() is simpler.)
* Make things a little less confusing by making fill_buffer self-containednicm2015-05-291-6/+9
| | | | | and return both the buffer and amount filled rather than having it modify the input struct and return a value.
* If reading into buffer, correct the stored file size at EOF, we don'tnicm2015-05-291-2/+2
| | | | | want to look at any garbage that might already be in the buffer after that. From Sebastien Marie.
* Silently fall back to /etc/magic if ~/.magic can't be opened, ok deraadt stspnicm2015-05-291-3/+1
|
* probably makes more sense to show "file" as being mandatory;jmc2015-05-281-2/+2
| | | | from sebastien marie
* No longer need tricks with setvbuf(). Instead, we just give permissionderaadt2015-05-181-2/+1
| | | | | to call fstat() and fcntl(). ok nicm
* Add a missing free in the error path.lteo2015-04-281-1/+2
| | | | ok nicm@
* Use a systrace(4) sandbox with a short whitelist of allowed syscalls fornicm2015-04-271-18/+4
| | | | | the file(1) child process. Based on similar code in ssh sandbox-systrace.c. Idea and help from deraadt@.
* Add simple privilege separation to file(1). Two processes, filenicm2015-04-271-116/+244
| | | | | descriptors and a few other bits are opened in parent and passed to child using imsg. Child currently drops to "nobody" but this will change.
* Don't support -s on FIFOs, it doesn't work well and the workarounds arenicm2015-04-261-15/+7
| | | | a bit horrible.
* stat() the original link path not the resolved one which may be relative.nicm2015-04-261-2/+2
|
* Do not attempt to use ~/.magic if running as root (or issetugid()).nicm2015-04-241-17/+19
|
* We need to loop over the files once to work out the width of the labelsnicm2015-04-241-8/+17
| | | | before testing them.
* Trying to drop privileges means we can't handle ARG_MAX arguments, sonicm2015-04-241-26/+14
| | | | remove it for now.
* Use symbolic constants for st_mode flags, no binary change.nicm2015-04-241-3/+3
|
* If ~/.magic exists but can't be used, fail rather than silently fallingnicm2015-04-241-1/+5
| | | | back to /etc/magic.
* New implementation of the file(1) utility. This is a simplified,nicm2015-04-241-392/+430
| | | | | | | | modernised version with a nearly complete magic(5) parser but omits some of the complex builtin tests (notably ELF) and has a reduced set of options. ok deraadt
* Add missing <limits.h> to file.c and remove definition of PATH_MAXmillert2015-01-161-5/+2
| | | | which masked the missing include. OK deraadt@
* Replace <sys/param.h> with <limits.h>doug2015-01-161-5/+4
| | | | | | | | | | | | This patch is from Theo. I helped verify that removing <sys/param.h> doesn't change anything. This produces the same binaries before and after with clang 3.5 and gcc 4.9.4 on amd64. There is a slight difference in the way it is generated by our old gcc 4.2.1 despite the fact that the preprocessed input is almost identical. ok deraadt@
* If MAXPATHLEN is undefined, do not set it to 512. Dangerous.deraadt2015-01-161-2/+2
|
* Make the file_mbswidth() function cope if wcwidth() returns -1.stsp2011-04-151-3/+7
| | | | ok mikeb millert
* rcsid[] and sccsid[] and copyright[] are essentially unmaintained (andderaadt2009-10-271-5/+1
| | | | | | | unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
* Fix usage; requested by jmc@ajacoutot2009-10-261-4/+4
| | | | ok jmc@ ian@
* Appease gcc2 (I wish people would write in C, rather than "latest crapderaadt2009-08-271-5/+6
| | | | | gcc added") ok millert miod
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.