src/usr.bin, branch upstream/2.1.7

YABCFC (Julian Assange's buffer length fixes).

1997-02-09T21:42:43Z

This is a blind commit, but as the diffs are small and very self-contained, committing them this way is not too much of a hazard.

Removed a potential buffer overflow.

1997-02-09T15:03:33Z

YAMFC: Drop all privs when run with "calendar -a".

1997-02-09T07:50:12Z

Merge 2.1 fetch up to 2.2 level.

1997-02-07T19:32:14Z

Requested-By: wollman

Apply a quick band-aid to this while we're deciding what to do about

1997-02-07T06:39:27Z

fetch(1) in RELENG_2_1_0.

Bring in security fixes from -current.

1997-02-06T13:32:25Z

Fix an exploitable buffer overflow condition. From l0pht:

1997-02-05T22:58:47Z

Modstat is sgid kmem which is really handy to become if you feel like looking through /dev/mem and /dev/kmem (gee, wonder what you might want to do that for ). Like just about everything else under the sun it has a buffer overflow problem. The problem exists in the dostat() routine where an arbitrary sized string is shoved into sbuf.name through a strcpy(). This change was committed to 2.2 as rev. 1.4 of modstat.c by joerg, and is being duplicated verbatim in 2.1-STABLE -JG

Merge from -current

1997-02-05T05:20:20Z

Merge 1.4->1.5 diff from -current. Fixes g flag of :S modifier,

1996-11-23T09:56:54Z

courtesy of Adam David. We need this for the latest bsd.port.mk to have any chance working. Approved by: jkh

Bring in rev 1.8 (don't accumulate unnecessary commas at the end of

1996-11-15T18:57:36Z

the gecos string) and rev 1.9 (don't return pointers to strings on the stack in struct passwd).