| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
* configure: Add detection for getexecname.
* sysif.c (getcwd_wrap): Change static function to external.
* sysif.h (getcwd_wrap): Declared.
* txr.c (get_self_path): New implementation for Solaris
using getexecname, which requires us to prepend the current
directory name if the result is a relative path.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* LICENSE, LICENSE-CYG, METALICENSE, Makefile, args.c, args.h,
arith.c, arith.h, buf.c, buf.h, cadr.c, cadr.h, combi.c,
combi.h, configure, debug.c, debug.h, eval.c, eval.h, ffi.c,
ffi.h, filter.c, filter.h, ftw.c, ftw.h, gc.c, gc.h, glob.c,
glob.h, hash.c, hash.h, itypes.c, itypes.h, jmp.S, lib.c,
lib.h, lisplib.c, lisplib.h, match.c, match.h, parser.c,
parser.h, parser.l, parser.y, protsym.c, rand.c, rand.h,
regex.c, regex.h, share/txr/stdlib/awk.tl,
share/txr/stdlib/build.tl, share/txr/stdlib/cadr.tl,
share/txr/stdlib/conv.tl, share/txr/stdlib/doloop.tl,
share/txr/stdlib/error.tl, share/txr/stdlib/except.tl,
share/txr/stdlib/ffi.tl, share/txr/stdlib/getopts.tl,
share/txr/stdlib/getput.tl, share/txr/stdlib/hash.tl,
share/txr/stdlib/ifa.tl, share/txr/stdlib/keyparams.tl,
share/txr/stdlib/op.tl, share/txr/stdlib/package.tl,
share/txr/stdlib/path-test.tl, share/txr/stdlib/place.tl,
share/txr/stdlib/pmac.tl, share/txr/stdlib/socket.tl,
share/txr/stdlib/stream-wrap.tl, share/txr/stdlib/struct.tl,
share/txr/stdlib/tagbody.tl, share/txr/stdlib/termios.tl,
share/txr/stdlib/txr-case.tl, share/txr/stdlib/type.tl,
share/txr/stdlib/with-resources.tl,
share/txr/stdlib/with-stream.tl, share/txr/stdlib/yield.tl,
signal.c, signal.h, socket.c, socket.h, stream.c, stream.h,
struct.c, struct.h, strudel.c, strudel.h, sysif.c, sysif.h,
syslog.c, syslog.h, termios.c, termios.h, txr.1, txr.c, txr.h,
unwind.c, unwind.h, utf8.c, utf8.h, win/cleansvg.txr:
Extended Copyright line to 2018.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MPI has a mp_size type for sizing of the digit arrays and some
other uses. It is not consistently used. Moreover, it is
typedef'd as a signed type. The type int is used for
iterating over digits, instead of the matching mpi_size type.
The int type is used as a size argument in some functions,
and in functions that return the number of bits.
This patch makes mp_size unsigned and replaces most uses of
int with a more appropriate type.
Because mp_size is now used for indexing, and is unsigned,
some downward loop termination tests have to be changed;
the always true condition ix >= 0 cannot be used.
* arith.c (width): Use mp_size for local variable which
iterates over digits inside mpi_int object, and for bit
count. Use unum to convert bit count to Lisp integer:
mp_size could be out of range of cnum.
* mpi/mpi-types.h (mp_size): Typedef to unsigned.
(MP_SIZE_MAX): New macro.
(MP_DIGIT_BIT, MP_WORD_BIT): Cast the value to mp_size rather
than to int.
* mpi/mpi.c (s_mp_defprec): Declare variable as mp_size.
(s_mp_setz, s_mp_copy, mp_size, s_highest_bit_mp,
s_mp_set_bit, s_mp_ispow2, s_mp_outlen, mp_set_int,
mp_set_uintptr, mp_set_double_intptr, mp_expt, mp_sqrt,
mp_exptmod, mp_hash, mp_gcd, mp_shift, mp_bit, mp_to_double,
mp_print, mp_read_signed_bin, mp_signed_bin_size,
mp_read_unsigned_bin, mp_unsigned_bin_size,
mp_to_unsigned_bin, mp_to_unsigned_buf, mp_count_bits,
mp_is_pow_two, mp_read_radix, mp_radix_size,
mp_value_radix_size, mp_toradix_case, s_mp_setz, s_mp_copy,
mp_size, s_highest_bit_mp, s_mp_set_bit, s_mp_mul_2,
s_mp_mod_2d, s_mp_div_2d, s_mp_div_d, s_mp_sqr, s_mp_sqr,
s_mp_div, s_mp_cmp, s_mp_cmp_d, s_mp_ispow2, s_mp_outlen): In
all these functions, use size_t for external size, mp_size for
number of digits and bits, in return values, arguments and
local variables. Tests in descending loops are adjusted for
unsigned logic.
* mpi/mpi.h (mp_get_prec, mp_set_prec, mp_read_signed_bin,
mp_signed_bin_size, mp_read_unsigned_bin,
mp_unsigned_bin_size, mp_to_unsigned_buf, mp_count_bits,
mp_is_pow_two, mp_radix_size, mp_value_radix_size):
Declarations updated.
* mpi/mplogic.c (mpl_not, mpl_and, mpl_or, mpl_xor, mpl_rsh,
mpl_lsh, mpl_num_set, mpl_num_clear, mpl_parity): Just like
in mpi.c
* rand.c (make_random_state): Use mp_size and ucnum for local
variables holding digit and bit counts.
* sysif.c (off_t_num): Use mp_size for digit count.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* sysif.c (excec_wrap): Check that our nargs manipulation
doesn't exceed INT_MAX. Use chk_xalloc to allocate the
argument vector, providing an overflow check. Use self
variable in place function name embedded in literal.
(getgroups_wrap): Use chk_xalloc instead of chk_malloc,
so multiplication overflow is checked. Use self variable
in place function name embedded in literal.
(setgroups_wrap): Revamp existing overflow check. Use
ucnum for the size, check that it can convert to size_t
and back without loss of value, and use chk_xalloc
instead of chk_malloc.
|
| |
|
|
|
|
|
|
|
| |
* configure: New test for realpath.
* sysif.c (realpath_wrap): New static function.
(sysif_init): Registered realpath intrinsic.
* txr.1: Documented.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CPTR shares representation and a lot of implementation with
COBJ. The COBJ class symbol is the CPTR type tag. There is no
hierarchy among CPTR tags. The nil tag is used for a modicum
of type looseness, so that we don't straitjacket ourselves
too much into this tag-based typing scheme.
All existing cptr objects are becoming CPTR, and all
get a nil tag, except for dlopen library handles, and
dlsym symbols, which are tagged as dlhandle and dlsym.
The FFI framework will support tag-declared cptr's. This will
help with safety. For instance, suppose an API has half a
dozen different kinds of opaque handles. If they are all just
cptr on the TXR Lisp side, it's easy to mix them up, passing
the wrong one to the wrong C function.
* lib.h (enum type): New enum member, CPTR.
(cptr_print_op, cptr_typed, cptrp, cptr_type, cptr_handle):
Declared.
(cptr_addr_of): Parameters added.
* lib.c (code2type): Map CPTR type code to cptr_s.
(equal): Handle CPTR objects. They are only equal to other
CPTR objects which have the same operations, and
are equal under the equal function of those operations.
(cptr_print_op): New function.
(cptr_ops): Use cptr_print_op rather than cobj_print_op.
(cptr_typed): New function.
(cptr): Use cptr_typed to make a cptr with tag nil,
rather than using cobj.
(cptrp, cptr_handle, cptr_type): New functions.
(cptr_get): Go through cptr_handle rather than cobj_handle.
(cptr_addr_of, cptr_zap, cptr_free): Use call to cptr_handle
rather than cobj_handle for the type checking side effect.
New parameters for type and parent function name.
(obj_print_impl): Handle CPTR with same case as COBJ.
* gc.c (finalize, mark_obj): Handle CPTR cases using
common code with COBJ.
* hash.c (equal_hash): Handle CPTR just like COBJ.
* eval.c (eval_init): Register cptrp and cptr-type intrinsic
functions.
* ffi.c (ffi_cptr_put, ffi_cptr_get, ffi_cptr_alloc): Use the
potentially type-safe cptr_handle, instead of cptr_get.
However, for an untagged cptr, there is no type safety because
tft->mtypes is nil. The argument can be any kind of cptr.
* sysif.c (dlhandle_s, dlsym_s): New symbol variables.
(cptr_dl_ops): Use cptr_print_op.
(dlopen_wrap, dlclose_wrap): Use typed cptr with
dlhandle as the type.
(dlsym_wrap, dlsym_checked, dlvsym_wrap, dlvsym_checked):
Recognize only a cptr of type dlhandle for the library.
Construct a typed cptr of type dlsym.
(sysif_init): Initialize dlhandle_s and dlsym_s.
Register dlsym function using dlsym_s.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since cptr objects are equal if their handles are equal, they
must have a hashing function over the handle rather than over
their own address.
* lib.c (cobj_handle_hash_op): New function.
(cptr_ops): Use cobj_handle_hash_op instead of
cobj_eq_hash_op.
* lib.h (cobj_handle_hash_op): Declared.
* sysif.c (cptr_dl_ops): Use cobj_handle_hash_op instead of
cobj_eq_hash_op.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Renaming cobj_hash_op to cobj_eq_hash_op. This function is
only appropriate to use with COBJ objects which use
eq as their equal funtion. I've spotted one instance of an
inappropriate use which have to be addressed by a different
commit: the equal function is other than eq, but cobj_hash_op
is used for the equal hash.
* lib.h (cobj_hash_op): Declaration renamed to
cobj_eq_hash_op.
* hash.c (cobj_hash_op): Renamed to cobj_eq_hash_op.
(hash_iter_ops): Refer to renamed cobj_hash_eq_op.
* ffi.c (ffi_type_builtin_ops, ffi_type_struct_ops,
ffi_type_ptr_ops, ffi-closure_ops, ffi_call_desc_ops):
Likewise.
* lib.c (cptr_ops): Likewise.
* parser.c (parser_ops): Likewise.
* rand.c (random_state_ops): Likewise.
* regex.c (char_set_ops, regex_obj_ops): Likewise.
* socket.c (dgram_strm_ops): Likewise.
* stream.c (null_ops, stdio_ops, tail_ops, pipe_ops, dir_ops,
string_in_ops, byte_in_ops, strlist_in_ops, string_out_ops,
strlist_out_ops, cat_stream_ops, record_adapter_ops):
Likewise.
* struct.c (struct_type_ops): Likewise.
* sysif.c (cptr_dl_ops): Likewise.
* syslog.c (syslog_strm_ops): Likewise.
* unwind.c (cont_ops): Likewise.
|
| |
|
|
|
|
|
|
|
|
| |
* sysif.c (dlopen_wrap): Call dlerror() to clear the error
string. Then if the call returns null, call dlerror() again
and use the string in the exception if available.
(dlsym_error): New static function.
(dlsym_checked, dlvsym_checked): Clear error string by
calling dlerror(). Afer the call, if the pointer is null
call dlsym_error to report.
|
| |
|
|
|
|
|
|
|
| |
* sysif.c (dlopen_wrap): Allow the name to be null or missing,
in which case a null pointer is passed to dlopen to access
the program image itself. Default the flags argument to
RTLD_LAZY.
(sysif_init): Re-regiser dlopen intrinsic such that both
arguments are optional.
|
| |
|
|
|
|
|
|
|
|
|
| |
* configure (have_sys_types): New variable. Set to "y" in
various tests which prove that the <sys/types.h>
header is available.
(HAVE_SYS_TYPES_H): Add to config.h in the dependent
variale generation section, if have_sys_types is true.
* sysif.c: Use HAVE_SYS_TYPES_H instead of relying on
HAVE_MAKEDEV.
|
| |
|
|
|
|
|
|
| |
* sysif.c (dlopen_wrap): Throw instead of returning null cptr
if the dlopen fails.
(dlsym_checked, dlvsym_checked): New static functions.
(sysif_init): Register dlsym-checked, dlvsym-checked
intrinsics.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure: New test for dlopen.
* lib.c (cptr_equal_op): Function renamed to
cobj_equal_handle_op, to reflect what it's really
doing; it is not specifically to cptr objects.
Also changed from static to extern.
(cptr_ops): Follow rename.
* lib.h (cobj_equal_handle_op): Declared.
* sysif.c (cptr_dl_destroy_op): New static function.
(dlopen_wrap, dlclose_wrap, dlsym_wrap, dlvsym_wrap): New
static functions.
(sysif_init): Register new intrinsic functions dlopen,
dlclose, dlsym, dlvsym. New variables rtld-lazy, rtld-now,
rtld-global, rtld-local, rtld-nodelete, rtld-noload,
rtld-deepbind.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* ftw.c (ftw_callback): Pass path to stat_to_struct function.
* socket.c (path_s): Variable definition removed from here.
(sock_load_init): Do not intern path symbol here.
* sysif.c (path_s): Variable definition moved here.
(stat_to_struct): New parameter, path. Store its argument in
the path slot of the structure.
(stat_impl): New parameter, path. Pass argument to
stat_to_struct.
(statp, statl): Pass path down to stat_impl.
(statf): Pass nil down as path argument of stat_impl.
(sysif_init): Intern path symbol here.
Add path_s to the slot list in the make_struct_type
call which creates the stat structure type.
* sysif.h (path_s): Declared here now.
(stat_to_struct): Declaration updated.
* txr.1: Documented new slot of stat structure and
behavior of stat, lstat and fstat w.r.t. this slot.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lib.h (default_bool_arg): Inline function renamed to
default_null_arg.
* eval.c (if_fun, pad, ginterate, giterate, range_star, range,
constantp, macroexpand_1, macro_form_p, expand_with_free_refs,
do_expand, eval_intrinsic, func_get_name, make_env_intrinsic):
Follow rename.
* arith.c (lognot): Likewise.
* gc.c (gc_finalize): Likewise.
* glob.c (glob_wrap): Likewise.
* hash.c (group_reduce, gethash_n): Likewise.
* lib.c (print, multi_sort, lazy_str, vector, iff, tok_str,
split_str_keep, search_str, remove_if, val): Likewise.
* match.c (match_fun): Likewise.
* parser.c (lisp_parse_impl, regex_parse): Likewise.
* rand.c (make_random_state): Likewise.
* regex.c (read_until_match, search_regex, regex_compile):
Likewise.
* socket.c (sock_accept, sock_connect): Likewise.
* stream.c (open_files_star, open_files, run, open_process,
open_tail, get_string, record_adapter): Likewise.
* struct.c (static_slot_ensure, static_slot_ens_rec,
clear_struct, make_struct_type): Likewise.
* sysif.c (exec_wrap, errno_wrap, cobj_ops_init): Likewise.
* unwind.c (uw_capture_cont, uw_find_frames_impl): Likewise.
|
| |
|
|
|
|
|
|
|
|
| |
* sysif.c (umask_wrap): Return the prior value of the umask
rather than the symbol t. If the argument is missing, then
just return the current value without altering the umask.
Unfortunately, this is implemented by temporarily changing
the umask and then putting it back.
(sysif_init): Change registration of umask to reflect
optional argument.
|
| |
|
|
|
|
| |
* sysif.c (repress_privilege): Bail if temporarily dropping
user or group privilege (in setuid operation, of course)
doesn't work.
|
| |
|
|
|
|
|
| |
* sysif.c (poll_wrap): Fix function not accepting streams
of type stdio-stream or any other derived stream type.
We must check that the object is subtyped from stream,
not that it's exactly of type stream.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* LICENSE, LICENSE-CYG, METALICENSE, Makefile, args.c, args.h,
arith.c, arith.h, cadr.c, cadr.h, combi.c, combi.h, configure,
debug.c, debug.h, eval.c, eval.h, filter.c, filter.h, ftw.c,
ftw.h, gc.c, gc.h, glob.c, glob.h, hash.c, hash.h, jmp.S,
lib.c, lib.h, lisplib.c, lisplib.h, match.c, match.h,
parser.c, parser.h, parser.l, parser.y, rand.c, rand.h,
regex.c, regex.h, signal.c, signal.h, stream.c, stream.h,
struct.c, struct.h, sysif.c, sysif.h, syslog.c, syslog.h,
termios.c, termios.h, txr.1, txr.c, txr.h, unwind.c, unwind.h,
utf8.c, utf8.h, share/txr/stdlib/awk.tl,
share/txr/stdlib/build.tl, share/txr/stdlib/cadr.tl,
share/txr/stdlib/conv.tl, share/txr/stdlib/except.tl,
share/txr/stdlib/getopts.tl, share/txr/stdlib/getput.tl,
share/txr/stdlib/hash.tl, share/txr/stdlib/ifa.tl,
share/txr/stdlib/package.tl, share/txr/stdlib/path-test.tl,
share/txr/stdlib/place.tl, share/txr/stdlib/socket.tl,
share/txr/stdlib/struct.tl, share/txr/stdlib/tagbody.tl,
share/txr/stdlib/termios.tl, share/txr/stdlib/txr-case.tl,
share/txr/stdlib/type.tl, share/txr/stdlib/with-resources.tl,
share/txr/stdlib/with-stream.tl, share/txr/stdlib/yield.tl:
Add 2017 to all copyright headers and strings.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is uncovered by compiling with g++ using
-Wold-style-cast.
* mpi/mpi.c (mp_get_intptr): Use convert macro.
Also in one of the rules producing REGCHAR.
* parser.l (num_esc): Likewise.
* struct.c (static_slot_set, static_slot_ens_rec,
get_equal_method): Use coerce macro for int to pointer
conversion.
* sysif.c (setgroups_wrap): Use convert macro.
* termios.c (termios_unpack, termios_pack): Likewise.
* txr.c (sysroot_init): Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Makefile, args.c, args.h, arith.c, arith.h, cadr.c, cadr.h, combi.c,
combi.h, configure, debug.c, debug.h, eval.c, eval.h, filter.c,
filter.h, ftw.c, ftw.h, gc.c, gc.h, glob.c, glob.h, hash.c, hash.h,
jmp.S, lib.c, lib.h, lisplib.c, lisplib.h, match.c, match.h, parser.c,
parser.h, parser.l, parser.y, rand.c, rand.h, regex.c, regex.h,
share/txr/stdlib/awk.tl, share/txr/stdlib/build.tl,
share/txr/stdlib/cadr.tl, share/txr/stdlib/conv.tl,
share/txr/stdlib/except.tl, share/txr/stdlib/hash.tl,
share/txr/stdlib/ifa.tl, share/txr/stdlib/path-test.tl,
share/txr/stdlib/place.tl, share/txr/stdlib/socket.tl,
share/txr/stdlib/struct.tl, share/txr/stdlib/termios.tl,
share/txr/stdlib/txr-case.tl, share/txr/stdlib/type.tl,
share/txr/stdlib/with-resources.tl, share/txr/stdlib/with-stream.tl,
share/txr/stdlib/yield.tl, signal.c, signal.h, socket.c, socket.h,
stream.c, stream.h, struct.c, struct.h, sysif.c, sysif.h, syslog.c,
syslog.h, termios.c, termios.h, txr.1, txr.c, txr.h, unwind.c,
unwind.h, utf8.c, utf8.h: Revert to verbatim 2-Clause BSD.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* eval.c (weave_while): Pass third arg to remq as nil.
(eval_init): Update registrations of remq, remql and
remqual.
* lib.c (remq, remql, remqual): Implement key function
argument.
* lib.h (remq, remql, remqual): Declarations updated.
* sysif.c (at_exit_call): Pass third arg to remq as nil.
* debug.c (debug): Pass third argument to remqual as nil.
* txr.1: Documentation updated.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* configure: Detect utsname and uname.
* sysif.c (utsname_s, sysname_s, nodename_s, release_s,
version_s, machine_s): New symbol variables.
(uname_wrap): New static function.
(sysif_init): Initialize new symbol variables.
Instantiate utsname struct type. Register uname_wrap
as uname intrinsic function.
* txr.1: Documented.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's use our usleep_wrap function which uses nanosleep.
The old sleep can interact with SIGALRM.
* stream.c (tail_calc): Calculate microseconds instead
of seconds.
(sleep): Wrapper for Windows gone.
(tail_strategy): Rename sec variable to usec. Use
usleep_wrap instead of sleep.
* sysif.c (usleep_wrap): Change to extern.
* sysif.h (usleep_wrap): Declaration updated.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* sysif.c (at_exit_list): New static variable.
(at_exit_call, at_exit_do_not_call): New functions.
(at_exit_handler): New static function.
(sysif_init): GC-protect at_exit_list.
Register at_exit_handler with C atexit function.
Register intrinsic functions at-exit-call and
at-exit-do-not-call.
* sysif.h (at_exit_call, at_exit_do_not_call): Registered.
* txr.1: Documented.
|
| |
|
|
|
|
| |
* sysif.c (drop_privilege): If bailing due to a privilege
management problem, use panic with a descriptive message
instead of a plain abort.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This helps with setuid hash bang scripting on Mac OS,
and other plaforms where the interpreter executed out
of a hash bang script runs with orinary privilege,
even if marked setuid.
* sysif.c (exec_wrap): Static function turns extern.
* sysif.h (exec-wrap): Declared.
* txr.1: Documented --reexec. Added notes about setuid under
Hash Bang Support.
* txr.c (help): List --reexec option.
(txr_main): Implement --reexec option.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
TXR now notices that it's running setgid, and
implements setgid logic for scripts.
* sysif.c (orig_egid, real_gid, is_setgid): New static
variables.
(repress_privilege): Treat real and effective
group ID similarly to user ID. Save them in global
variables, and set the is_setgid flag.
(drop_privilege): Drop setgid privilege similarly
to setuid. Operate selectively: if neither setuid
nor setgid is in effect, do nothing, but if just
one is in effect, don't do anything for the other.
(simulate_setuid): Function renamed to simulate_setuid_setgid.
A small change is made here: if the fstat fails, just drop
privilege, don't abort. Implement setgid operation
independently of setuid. The is_setgid and is_setuid
flags are manipulated here now to get the drop_privileges
function to selectively drop setuid if we are running
a script which is only segid, or drop setgid if we are running
a setuid only script.
* sysif.h (simulate_setuid): Declaration name change to
simulate_setuid_setgid.
* txr.c (txr_main): Follow rename of simulate_setuid.
* txr.1: SETUID OPERATION section changed to SETUID/SETGID
operation, and setgid description worked into the text.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* sysif.c (repress_privilege): Eliminate redundant
getuid call.
(drop_privilege): On some platforms,
setuid(getuid()) will not drop setuid non-root privilege. This
is fixed by using setresuid, if we have it, which we do on
Linux. On platforms where we don't have setresuid,
we try setuid(getuid()). Then after that if we are able
to change our effective user ID to the one we dropped,
we conclude that it didn't work and abort.
(simulate_setuid): Call drop_privilege instead of
repeating the naive privilege-dropping logic.
Check the result of seteuid; if it fails, then
drop privilege! Otherwise a txr that is setuid bob
will continue running as bob, if it fails to enact
setuid on a script owned by alice.
* txr.1: Rewrite SETUID OPERATION section in an attempt
to clarify the wording, fix formatting issues, and
describe the current implemenation of privilege dropping.
|
| |
|
|
|
|
|
|
|
|
|
| |
* configure: Test for these functions.
* sysif.c (getresuid_wrap, getresgid_wrap, setresuid_wrap,
setresgid_wrap): New static function.
(sysif_init): Registered getresuid, setresgid, setresuid and
setresgid intrinsics.
* txr.1: Documented all four functions.
|
| |
|
|
|
|
|
|
|
|
|
| |
* configure: Test for setgroups. New HAVE_SETGROUPS
preprocessor symbol for config/config.h.
* sysif.c (setgroups_wrap): New static function.
(sysif_init): Register intrinsic setgroups function.
* txr.1: Documented setgroups. Rearranged sections
so getgroups and setgroups descriptions are consecutive.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* glob.c (glob_wrap): Perform argument conversions
that might throw before allocating UTF-8 string.
* parser.y (text): In the action for SPACE, the lexeme
is not needed so free($1) right away. If regex_compile
were to throw an exception, that lexeme will leak.
* socket.c (getaddrinfo_wrap): Harden against leakage of
node_u8 and service_u8 strings with an unwind block.
For instance, the hints structure could contain
bad values which cause addrinfo_in to throw.
* stream.c (make_string_byte_input_stream): Perform
possibly throwing argument conversions before allocating
resources.
* sysif.c (mkdir_wrap, mknod_wrap, chmod_wrap, symlink_wrap,
link_wrap, setenv_wrap, crypt_wrap): Likewise.
* syslog.c (openlog_wrap, syslog_wrapv): Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* configure: new test for fnmatch, introducing HAVE_FNMATCH
configure variable into config/config.h.
* sysif.c (fnmatch_wrap): New function.
(sysif_init): Register intrinsic variables fnm-pathname, fnm-noescape,
fnm-period, fnm-leading-dir, fnm-casefold and fnm-extmatch.
Register intrinsic function fnmatch.
* txr.1: Documented.
|
| |
|
|
|
|
| |
* sysif.c (stat_to_struct): Change to external linkage.
* sysif.h (stat_to_struct): Declared.
|
| |
|
|
|
|
|
| |
* sysif.c (setenv_wrap): We must use default_arg_strict,
not default_arg, because default_arg treats a nil value
as missing. We do not want to replace an explicit nil
with the default t.
|
| |
|
|
|
|
|
| |
* sysif.c (setenv_wrap): If value is nil, and overwrite is
missing or t, call unsetenv.
* txr.1: Documented.
|
| |
|
|
|
| |
* sysif.c (repress_called, is_setuid): Change to unsigned int,
so comparison with RC_MAGIC constant doesn't elicit warning
|
| |
|
|
|
|
|
| |
* sysif.c (umask_wrap): New function.
(sysif_init): Register umask intrinsic.
* txr.1: Documented.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* sysif.c (orig_euid, real_uid, repress_called, is_setuid):
New static variables.
(repress_privilege, drop_privilage, simulate_setuid):
New functions.
(RC_MAGIC): New preprocessor symbol.
* sysif.c (repress_privilege, drop_privilage,
simulate_setuid): Declared.
* txr.c (txr_main): Call repress_privilege to check
and remember whether we are in setuid mode, and temporarily
drop the effective uid to the real one.
(txr_main): Permanently drop privileges in all cases except
script execution. In script execution cases, go through
simulate_setuid to either set or preserve the effective
user ID, or else drop privs.
* txr.1: Documented setuid operation in new section.
|
| |
|
|
|
| |
* sysif.c (make_hash): Fix incorrect treatment of env values
which contain equal signs, due to careless use of split_str.
|
| |
|
|
|
|
|
|
|
|
| |
* configure: Check for availability of crypt,
and what library must be used.
* sysif.c (crypt_wrap): New static function.
(sysif_init): Register crypt intrinsic.
* txr.1: Documented crypt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* LICENSE, METALICENSE, Makefile, args.c, args.h, arith.c,
arith.h, cadr.c, cadr.h, combi.c, combi.h, configure,
debug.c, debug.h, eval.c, eval.h, filter.c, filter.h, gc.c,
gc.h, glob.c, glob.h, hash.c, hash.h, jmp.S, lib.c, lib.h,
lisplib.c, lisplib.h, match.c, match.h, parser.c, parser.h,
parser.l, parser.y, rand.c, rand.h, regex.c, regex.h,
share/txr/stdlib/cadr.tl, share/txr/stdlib/except.tl,
share/txr/stdlib/hash.tl, share/txr/stdlib/ifa.tl,
share/txr/stdlib/path-test.tl, share/txr/stdlib/place.tl,
share/txr/stdlib/struct.tl, share/txr/stdlib/txr-case.tl,
share/txr/stdlib/type.tl, share/txr/stdlib/with-resources.tl,
share/txr/stdlib/with-stream.tl, share/txr/stdlib/yield.tl,
signal.c, signal.h, stream.c, stream.h, struct.c, struct.h,
sysif.c, sysif.h, syslog.c, syslog.h, txr.1, txr.c, txr.h,
unwind.c, unwind.h, utf8.c, utf8.h: Add 2016 copyright.
* linenoise/LICENSE, linenoise/linenoise.c,
linenoise/linenoise.h: Bump one principal author's copyright
from 2014 to 2015. The code is based on a snapshot of 2015
upstream work.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* lib.c (name_s): Defined here now.
(obj_init): name_s initialized here.
* lib.h (name_s): Declared.
* match.c (name_s): Definition removed.
(syms_init): Initialization of name_s removed.
* sysif.c (name_s): Definition removed.
(sysif_init): Initialization of name_s removed.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Structs can now have code which executes after an object is
initialized, which is useful for doing work like registering
objects in global lists and whatever, when those actions need
access to the initialized slots of the object.
* share/txr/stdlib/struct.tl (defstruct): Handle :posinit
syntax, by generating lambda as eighth argument of sys:make-struct
call.
* struct.c (struct struct_type): New member, postinitfun.
(struct_init): Adjust registrations of make_struct_type
to account for new parameter. The user visible
make-struct-type is registered as having one optional
argument, for backward compat.
(make_struct_type): New argument, postinitfun. Store this
in the structure. For backward compatibility, the argument
is defaulted.
(struct_type_mark): Mark the new postinitfun member.
(call_postinitfun_chain): New static function.
(make_struct, lazy_struct_init): Call call_postinitfun_chain
after slots are initialized, and after the boa function is
called.
* struct.h (make_struct_type): Declaration updated.
* lib.c (time_init): Pass eighth argument to make_struct type.
* sysif.c (sysif_init): Likewise.
* unwind.c (uw_late_init): Likewise.
* tests/012/struct.tl: Update defstruct expansion test case.
* txr.1: Document new argument of make-struct-type,
and clarify ordering of initfun with regard to
other actions. Likewise, document :postinit, and clarify
ordering of :init actions with regard to other actions.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* stream.h (struct strm_ops): seek operation's second argument
is now just a val.
* stream.c (unimpl_seek, null_seek): Second argument is a val,
not cnum, to conform with function pointer in stream
structure.
(stdio_seek): Accept offset as val, which could be a fixnum
or bignum. Use new stdio_ftell and stdio_fseek functions
so large values work.
(seek_stream): No need to convert offset argument to cnum;
pass the val directly to seek virtual function.
* sysif.c (off_t_num, num_off_t, stdio_ftell,
stdio_fseek): New functions.
* sysif.h (OFF_T_MAX, OFF_T_MIN): New preprocessor symbols.
(off_t_num, num_off_t, stdio_ftell, stdio_fseek): Declared.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* debug.c (show_bindings): Use ~d for level, so as
not to be influenced by *print-base*.
(debug): Use ~d for line numbers.
* lib.c (gensym): Use ~d conversion specifier
for formatting gensym counter into symbol name.
* match.c (LOG_MISMATCH, LOG_MATCH): Use ~d for
line number references.
(h_skip, h_coll, h_fun, h_chr, match_line_completely, v_skip,
v_fuzz, v_gather, v_collect, v_output, v_filter, v_fun,
v_assert, v_load, v_line, h_assert, open_data_source): Use ~d
for line refs, number of iterations, errno values.
* parser.c (repl): Use ~d for prompt line numbers,
numbered variables and the expr-<n> string in error
messages.
* parser.l (yyerrorf, source_loc_str): Use ~d for line
numbers.
* stream.c (print_base_s): New symbol variable.
(formatv): Implement *print-base*.
(stdio_maybe_read_error, stdio_maybe_error, stdio_close,
pipe_close, open_directory, open_file, open_fileno, open_tail,
open_process, run, remove_path): Use ~d for errno values.
(stream_init): Initialize print_base_s and register
*print-base* special variable.
sysif.c (mkdir_wrap, ensure_dir, getcwd_wrap, mknod_wrap,
chmod_wrap, symlink_wrap, link_wrap, readlink_wrap,
excec_wrap, stat_impl, pipe_wrap, poll_wrap, getgroups_wrap,
setuid_wrap, seteuid_wrap, setgid_wrap): Use ~d for
errno values and system function results.
* txr.1: Documented *print-base* and ~d conversion specifier.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
TXR is moving to custom assembly-language routines.
This is mainly motivated by a very dubious thing done in the
GNU C Library setjmp and longjmp in the name of security.
Evidently, glibc's setjmp "mangles" certain pointer values
which are stored into the jmp_buf buffer. It's been that way
since 2005, evidently. This means that, firstly, all along,
the use of setjmp in gc.c to get registers into a buffer so
they can be scanned has not actually worked properly. More
importantly, this pointer mangling in setjmp and longjmp is
very hostile to a stack copying implementation of delimited
continuations. The reason is that continuations contain
jmp_buf buffers, which get relocated in the process of
capturing and reviving a continuation. Any pointers in a
jmp_buf which point into the captured stack segment have to be
fixed up to point into the relocated location. Mangled
pointers make this difficult, requiring hacks which are
specific to glibc and the machine architecture. We might as
well implement a clean, well-behaved setjmp and longjmp.
* Makefile (jmp.o): New object file.
(dbg/%.o, opt/%.o): New rules for .S prerequisites.
* args.c, arith.c, cadr.c, combi.c, cadr.c, combi.c, debug.c,
eval.c, filter.c, glob.c, hash.c, lib.c, match.c, parser.c,
rand.c, regex.c, signal.c, stream.c, struct.c, sysif.c,
syslog.c, txr.c, unwind.c, utf8.c: Removed <setjmp.h>
include.
* gc.c: Switch to struct jmp and jmp_save, instead
of jmp_buf and setjmp.
* jmp.S: New source file.
* signal.h (struct jmp): New struct type.
(jmp_save, jmp_restore): New function declarations
denoting assembly language routines in jmp.S.
(extended_jmp_buf): Uses struct jmp instead of
setjmp.
(extended_setjmp): Use jmp_save instead of setjmp.
(extended_longjmp): Use jmp_restore instead of
longjmp.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* share/txr/stdlib/struct.tl (sys:bad-slot-syntax): New helper function.
(defstruct): Macro revamped with new slot specifier syntax for
writing static slots as well as methods.
* struct.c (STATIC_SLOT_BASE): New preprocessor symbol.
(struct struct_type): New members, nstslots, stinitfun, stslot.
(make_struct_type_compat): New static function.
(struct_init): Register make-struct-type to make_struct_type_compat
if compatibility is 117 or lower.
Register new intrinsics static-slot, static-slot-set, call-super-method,
call-super-fun, slot-p and static-slot-p.
(call_stinitfun_chain): New static function.
(make_struct_type): Two new arguments for specifying static slots and
an initialization function for them. Logic added for setting
up static slots and handling inheritance.
(struct_type_destroy): New static function.
(struct_type_mark): Mark the new stinitfun member of struct type.
Also iterate over the static slots in the new stslot array and
mark them.
(lookup_slot): Altered to return a loc instead of a raw pointer,
and also to accept the instance object as a member.
Now resolves static slots: it can return a loc which references
a static slot in the structure type, or an instance slot in
the structure.
(lookup_static_slot): New static function.
(slot, slotset): Implementation adjusted due to new lookup_slot interface.
(static_slot, static_slot_set, slot_p, static_slot_p): New functions.
(call_super_method, call_super_fun): New static functions.
(struct_inst_print): This function can no longer assume that the slots
list lines up with the array of slots, since it contains a mixture of
static and instance slots. Earnest slot lookup has to be performed.
(struct_type_ops): Point the destroy function to struct_type_destroy
instead of cobj_destroy_free_op. A structure type now has an array
of static slots to free.
* struct.h (make_struct_type): Declaration updated.
(static_slot, static_slot_set, slot_p, static_slot_p): Declared.
* lib.c (time_init): Update call to make_struct_type with new
arguments.
* sysif.c (sysif_init): Likewise.
* tests/012/struct.tl: Update defstruct macro expansion test.
* txr.1: Documented static slots and new functions.
|
| |
|
|
|
| |
* sysif.c (poll_wrap): We must coerce mem_t * return value
of chk_calloc, not convert.
|
| |
|
|
|
|
|
|
| |
* sysif.c (statf): Linkage changed to
external. Also, fixed wrong name being passed
down to stat_impl.
* sysif.h (statf): Declaration updated.
|
