From gpalmer@orion.webspan.net  Sun Feb  9 23:57:21 1997
Received: from orion.webspan.net (orion.webspan.net [206.154.70.5])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id XAA16729
          for <freebsd-gnats-submit@freebsd.org>; Sun, 9 Feb 1997 23:57:20 -0800 (PST)
Received: from orion.webspan.net (localhost [127.0.0.1]) 
          by orion.webspan.net (WEBSPN/970116) with ESMTP id CAA15725
          for <freebsd-gnats-submit@freebsd.org>; Mon, 10 Feb 1997 02:57:18 -0500 (EST)
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.18]) 
          by mail.webspan.net (WEBSPAN/970116) with ESMTP id VAA29767
          for <gpalmer@webspan.net>; Sat, 8 Feb 1997 21:02:16 -0500 (EST)
Received: from hydrogen.nike.efn.org (resnet.uoregon.edu [128.223.170.28])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id SAA15372
          for <FreeBSD-gnats@freefall.FreeBSD.org>; Sat, 8 Feb 1997 18:01:52 -0800 (PST)
Received: (from jmg@localhost)
          by hydrogen.nike.efn.org (8.8.4/8.8.4)
	  id SAA13537; Sat, 8 Feb 1997 18:01:48 -0800 (PST)
Message-Id: <199702090201.SAA13537@hydrogen.nike.efn.org>
Date: Sat, 8 Feb 1997 18:01:48 -0800 (PST)
From: John-Mark Gurney <jmg@hydrogen.nike.efn.org>
Reply-To: gurney_j@efn.org
To: FreeBSD-gnats@freefall.FreeBSD.org
Subject: brandelf has buffer over run and doesn't have a manpage
X-Send-Pr-Version: 3.2

>Number:         2702
>Category:       bin
>Synopsis:       brandelf has buffer over run and doesn't have a manpage
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:
>Keywords:
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Feb 10 00:00:03 PST 1997
>Closed-Date:    Mon Feb 10 05:44:03 PST 1997
>Last-Modified:  Mon Feb 10 05:44:55 PST 1997
>Originator:     John-Mark Gurney
>Release:        FreeBSD 2.2-960801-SNAP i386
>Organization:
Cu Networking
>Environment:

and Freebsd system that has brandelf
	

>Description:

first brandelf copies the string provided on the commandline into a 10 char buffer... it doesn't check to make sure that string from the command line is only 9 chars...  of course only the first 8 are actually used do to where the string is stored...

next it doesn't have an error reporting mechanism...  I added it so that if will return a 1 if there were any errors... or a 0 otherwise...

it also didn't compile cleanly with -Wall

and of course lastly it doesn't have a man page...

hope this isn't too much for a pr :)
	

>How-To-Repeat:

umm....  stand on your head??
	

>Fix:
	
here is the patch that fixes all the above...

Common subdirectories: brandelf.orig/CVS and brandelf/CVS
diff -Nc brandelf.orig/Makefile brandelf/Makefile
*** brandelf.orig/Makefile	Wed Oct 16 11:16:22 1996
--- brandelf/Makefile	Thu Feb  6 18:23:39 1997
***************
*** 1,5 ****
  PROG=	brandelf
  
- NOMAN=	brandelf.1
- 
  .include <bsd.prog.mk>
--- 1,3 ----
diff -Nc brandelf.orig/brandelf.1 brandelf/brandelf.1
*** brandelf.orig/brandelf.1	Wed Dec 31 16:00:00 1969
--- brandelf/brandelf.1	Sat Feb  8 18:00:10 1997
***************
*** 0 ****
--- 1,87 ----
+ .\" Copyright (c) 1997
+ .\"	John-Mark Gurney.  All rights reserved.
+ .\"
+ .\" Redistribution and use in source and binary forms, with or without
+ .\" modification, are permitted provided that the following conditions
+ .\" are met:
+ .\" 1. Redistributions of source code must retain the above copyright
+ .\"    notice, this list of conditions and the following disclaimer.
+ .\" 2. Redistributions in binary form must reproduce the above copyright
+ .\"    notice, this list of conditions and the following disclaimer in the
+ .\"    documentation and/or other materials provided with the distribution.
+ .\" 3. Neither the name of the author nor the names of any co-contributors
+ .\"    may be used to endorse or promote products derived from this software
+ .\"    without specific prior written permission.
+ .\"
+ .\" THIS SOFTWARE IS PROVIDED BY John-Mark Gurney AND CONTRIBUTORS ``AS IS''
+ .\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ .\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ .\" SUCH DAMAGE.
+ .\"
+ .\"
+ .Dd February 6, 1997
+ .Dt BRANDELF 1
+ .Os FreeBSD
+ .Sh NAME
+ .Nm brandelf
+ .Nd mark an ELF binary for a specific ABI
+ .Sh SYNOPSIS
+ .Nm brandelf
+ .Op Fl v
+ .Op Fl t Ar string
+ .Ar file ...
+ .Sh DESCRIPTION
+ This command marks an ELF binary to be run under a certain ABI for FreeBSD.
+ .Pp
+ The options are as follows:
+ .Bl -tag -width Fl
+ .It Fl v
+ turns on verbose reporting
+ .It Fl t Ar string
+ Brands listed ELF binaries with
+ .Ar string
+ as the ABI type.  Current supported ABI's are
+ .Dq FreeBSD
+ and
+ .Dq Linux .
+ Only the first eight characters of the
+ .Ar string
+ are used in the branding.
+ .It Ar file
+ If
+ .Fl t Ar string
+ is given it will brand
+ .Ar file
+ with
+ .Ar string ,
+ otherwise it will simply display the branding of 
+ .Ar file .
+ .El
+ .Sh EXAMPLES
+ The following is an example of a typical usage
+ of the
+ .Nm
+ command:
+ .Pp
+ .Dl % brandelf file
+ .Dl % brandelf -t Linux file
+ .Sh SEE ALSO
+ .Sh DIAGNOSTICS
+ Exist status is 0 on success, and 1 if the command
+ fails if a file doesn't exist, is too short, or fails to brand properly.
+ .Sh HISTORY
+ The
+ .Nm
+ manual page example first appeared in
+ .Fx 3.0 .
+ .Sh AUTHOR
+ This
+ manual page was written by John-Mark Gurney
+ .Aq gurney_j@efn.org .
diff -Nc brandelf.orig/brandelf.c brandelf/brandelf.c
*** brandelf.orig/brandelf.c	Mon Jan 13 22:58:33 1997
--- brandelf/brandelf.c	Thu Feb  6 19:06:18 1997
***************
*** 30,46 ****
  
  #include <stdlib.h>
  #include <stdio.h>
  #include <fcntl.h>
  #include <sys/imgact_elf.h>
  
  int usage();
  
  main(int argc, char **argv)
  {
  	extern char *optarg;
  	extern int optind;
  
! 	char type[10] = "FreeBSD";
  	int ch, change = 0, verbose = 0;
  
  	while ((ch = getopt(argc, argv, "t:v")) != EOF)
--- 30,50 ----
  
  #include <stdlib.h>
  #include <stdio.h>
+ #include <string.h>
+ #include <unistd.h>
  #include <fcntl.h>
  #include <sys/imgact_elf.h>
  
  int usage();
  
+ int
  main(int argc, char **argv)
  {
  	extern char *optarg;
  	extern int optind;
  
! 	char *type = "FreeBSD";
! 	int failed = 0;
  	int ch, change = 0, verbose = 0;
  
  	while ((ch = getopt(argc, argv, "t:v")) != EOF)
***************
*** 50,56 ****
  			break;
  		case 't':
  			change = 1;
! 			strcpy(type, optarg);
  			break;
  		default:
  			usage();
--- 54,60 ----
  			break;
  		case 't':
  			change = 1;
! 			type = strdup(optarg);
  			break;
  		default:
  			usage();
***************
*** 68,84 ****
--- 72,91 ----
  
  		if ((fd = open(argv[0], O_RDWR, 0)) < 0) {
  			fprintf(stderr, "No such file %s.\n", argv[0]);
+ 			failed = 1;
  			goto fail;
  			
  		}
  		if (read(fd, buffer, EI_NINDENT) < EI_NINDENT) {
  			fprintf(stderr, "File '%s' too short.\n", argv[0]);
+ 			failed = 1;
  			goto fail;
  		}
  		if (buffer[0] != ELFMAG0 || buffer[1] != ELFMAG1 ||
  		    buffer[2] != ELFMAG2 || buffer[3] != ELFMAG3) {
  			fprintf(stderr, "File '%s' is not ELF format.\n",
  				argv[0]);
+ 			failed = 1;
  			goto fail;
  		}		
  		if (!change) {
***************
*** 97,102 ****
--- 104,110 ----
  			lseek(fd, 0, SEEK_SET);
  			if (write(fd, buffer, EI_NINDENT) != EI_NINDENT) {
  				fprintf(stderr, "Error writing %s\n", argv[0]);
+ 			failed = 1;
  				goto fail;
  			}
  		}
***************
*** 104,113 ****
--- 112,127 ----
  		argc--;
  		argv++;
  	}
+ 
+ 	if(failed)
+ 		exit(1);
+ 	else
+ 		exit(0);
  }
  
  int
  usage()
  {
  	fprintf(stderr, "Usage: brandelf [-t string] file ...\n");
+ 	exit(1);
  }
	

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: mpp 
State-Changed-When: Mon Feb 10 05:44:03 PST 1997 
State-Changed-Why:  
Suggested fixes and new man page were added to the 
system. 

And no, this is not too much for a PR. 
>Unformatted:
John-Mark Gurney
