commit 1fa0d17d767f8e443af3b4493f3f2af0e759dda9 from: Omar Polo date: Mon Feb 13 14:48:36 2023 UTC got/tog/gotadmin: pledge earlier In the case of tog move setlocale(3) before pledge(2), as suggested by stsp. ok stsp@ commit - ff08dcd6c83d27f29c7eb78f7b21fee64bebfdd2 commit + 1fa0d17d767f8e443af3b4493f3f2af0e759dda9 blob - 2c1701bd7583e22c83fc62c3bfca5fb2a5492585 blob + 13ec30c7bbebf2a4b0790af81d13d6db8545e79f --- got/got.c +++ got/got.c @@ -758,6 +758,13 @@ cmd_import(int argc, char *argv[]) int *pack_fds = NULL; TAILQ_INIT(&ignores); + +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " + "unveil", + NULL) == -1) + err(1, "pledge"); +#endif while ((ch = getopt(argc, argv, "b:I:m:r:")) != -1) { switch (ch) { @@ -796,12 +803,6 @@ cmd_import(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " - "unveil", - NULL) == -1) - err(1, "pledge"); -#endif if (argc != 1) usage_import(); @@ -2946,6 +2947,12 @@ cmd_checkout(int argc, char *argv[]) int *pack_fds = NULL; TAILQ_INIT(&paths); + +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " + "unveil", NULL) == -1) + err(1, "pledge"); +#endif while ((ch = getopt(argc, argv, "b:c:Ep:q")) != -1) { switch (ch) { @@ -2975,11 +2982,6 @@ cmd_checkout(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " - "unveil", NULL) == -1) - err(1, "pledge"); -#endif if (argc == 1) { char *base, *dotgit; const char *path; @@ -3430,6 +3432,12 @@ cmd_update(int argc, char *argv[]) int *pack_fds = NULL; TAILQ_INIT(&paths); + +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " + "unveil", NULL) == -1) + err(1, "pledge"); +#endif while ((ch = getopt(argc, argv, "b:c:q")) != -1) { switch (ch) { @@ -3453,11 +3461,6 @@ cmd_update(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " - "unveil", NULL) == -1) - err(1, "pledge"); -#endif worktree_path = getcwd(NULL, 0); if (worktree_path == NULL) { error = got_error_from_errno("getcwd"); @@ -6249,6 +6252,12 @@ cmd_status(int argc, char *argv[]) st.status_codes = NULL; st.suppress = 0; +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil", + NULL) == -1) + err(1, "pledge"); +#endif + while ((ch = getopt(argc, argv, "IS:s:")) != -1) { switch (ch) { case 'I': @@ -6290,11 +6299,6 @@ cmd_status(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil", - NULL) == -1) - err(1, "pledge"); -#endif cwd = getcwd(NULL, 0); if (cwd == NULL) { error = got_error_from_errno("getcwd"); @@ -6475,6 +6479,12 @@ cmd_ref(int argc, char *argv[]) char *refname = NULL; int *pack_fds = NULL; +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath fattr flock proc exec " + "sendfd unveil", NULL) == -1) + err(1, "pledge"); +#endif + while ((ch = getopt(argc, argv, "c:dlr:s:t")) != -1) { switch (ch) { case 'c': @@ -6546,11 +6556,6 @@ cmd_ref(int argc, char *argv[]) if (refname) got_path_strip_trailing_slashes(refname); -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath fattr flock proc exec " - "sendfd unveil", NULL) == -1) - err(1, "pledge"); -#endif cwd = getcwd(NULL, 0); if (cwd == NULL) { error = got_error_from_errno("getcwd"); @@ -6875,6 +6880,12 @@ cmd_branch(int argc, char *argv[]) TAILQ_INIT(&paths); +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath fattr flock proc exec " + "sendfd unveil", NULL) == -1) + err(1, "pledge"); +#endif + while ((ch = getopt(argc, argv, "c:d:lnr:t")) != -1) { switch (ch) { case 'c': @@ -6925,11 +6936,6 @@ cmd_branch(int argc, char *argv[]) } else if (!do_show && argc != 1) usage_branch(); -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath fattr flock proc exec " - "sendfd unveil", NULL) == -1) - err(1, "pledge"); -#endif cwd = getcwd(NULL, 0); if (cwd == NULL) { error = got_error_from_errno("getcwd"); @@ -7506,6 +7512,12 @@ cmd_tag(int argc, char *argv[]) const char *tag_name = NULL, *commit_id_arg = NULL, *tagmsg = NULL; int ch, do_list = 0, verify_tags = 0, verbosity = 0; int *pack_fds = NULL; + +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath fattr flock proc exec " + "sendfd unveil", NULL) == -1) + err(1, "pledge"); +#endif while ((ch = getopt(argc, argv, "c:lm:r:s:Vv")) != -1) { switch (ch) { @@ -7572,11 +7584,6 @@ cmd_tag(int argc, char *argv[]) if (argc == 1) tag_name = argv[0]; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath fattr flock proc exec " - "sendfd unveil", NULL) == -1) - err(1, "pledge"); -#endif cwd = getcwd(NULL, 0); if (cwd == NULL) { error = got_error_from_errno("getcwd"); @@ -7751,6 +7758,12 @@ cmd_add(int argc, char *argv[]) TAILQ_INIT(&paths); +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil", + NULL) == -1) + err(1, "pledge"); +#endif + while ((ch = getopt(argc, argv, "IR")) != -1) { switch (ch) { case 'I': @@ -7768,11 +7781,6 @@ cmd_add(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil", - NULL) == -1) - err(1, "pledge"); -#endif if (argc < 1) usage_add(); @@ -7895,6 +7903,12 @@ cmd_remove(int argc, char *argv[]) TAILQ_INIT(&paths); +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil", + NULL) == -1) + err(1, "pledge"); +#endif + while ((ch = getopt(argc, argv, "fkRs:")) != -1) { switch (ch) { case 'f': @@ -7932,11 +7946,6 @@ cmd_remove(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil", - NULL) == -1) - err(1, "pledge"); -#endif if (argc < 1) usage_remove(); @@ -8588,6 +8597,12 @@ cmd_revert(int argc, char *argv[]) TAILQ_INIT(&paths); +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " + "unveil", NULL) == -1) + err(1, "pledge"); +#endif + while ((ch = getopt(argc, argv, "F:pR")) != -1) { switch (ch) { case 'F': @@ -8608,11 +8623,6 @@ cmd_revert(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " - "unveil", NULL) == -1) - err(1, "pledge"); -#endif if (argc < 1) usage_revert(); if (patch_script_path && !pflag) @@ -9039,6 +9049,12 @@ cmd_commit(int argc, char *argv[]) TAILQ_INIT(&paths); cl_arg.logmsg_path = NULL; +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " + "unveil", NULL) == -1) + err(1, "pledge"); +#endif + while ((ch = getopt(argc, argv, "A:F:m:NnS")) != -1) { switch (ch) { case 'A': @@ -9078,11 +9094,6 @@ cmd_commit(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " - "unveil", NULL) == -1) - err(1, "pledge"); -#endif cwd = getcwd(NULL, 0); if (cwd == NULL) { error = got_error_from_errno("getcwd"); @@ -10048,6 +10059,12 @@ cmd_cherrypick(int argc, char *argv[]) int ch, list_refs = 0, remove_refs = 0; struct got_update_progress_arg upa; int *pack_fds = NULL; + +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " + "unveil", NULL) == -1) + err(1, "pledge"); +#endif while ((ch = getopt(argc, argv, "lX")) != -1) { switch (ch) { @@ -10066,11 +10083,6 @@ cmd_cherrypick(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " - "unveil", NULL) == -1) - err(1, "pledge"); -#endif if (list_refs || remove_refs) { if (argc != 0 && argc != 1) usage_cherrypick(); @@ -10189,6 +10201,12 @@ cmd_backout(int argc, char *argv[]) int ch, list_refs = 0, remove_refs = 0; struct got_update_progress_arg upa; int *pack_fds = NULL; + +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " + "unveil", NULL) == -1) + err(1, "pledge"); +#endif while ((ch = getopt(argc, argv, "lX")) != -1) { switch (ch) { @@ -10207,11 +10225,6 @@ cmd_backout(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " - "unveil", NULL) == -1) - err(1, "pledge"); -#endif if (list_refs || remove_refs) { if (argc != 0 && argc != 1) usage_backout(); @@ -10958,6 +10971,12 @@ cmd_rebase(int argc, char *argv[]) STAILQ_INIT(&commits); TAILQ_INIT(&merged_paths); memset(&upa, 0, sizeof(upa)); + +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " + "unveil", NULL) == -1) + err(1, "pledge"); +#endif while ((ch = getopt(argc, argv, "aclX")) != -1) { switch (ch) { @@ -10982,11 +11001,6 @@ cmd_rebase(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " - "unveil", NULL) == -1) - err(1, "pledge"); -#endif if (list_backups) { if (abort_rebase) option_conflict('l', 'a'); @@ -12233,6 +12247,12 @@ cmd_histedit(int argc, char *argv[]) TAILQ_INIT(&merged_paths); memset(&upa, 0, sizeof(upa)); +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " + "unveil", NULL) == -1) + err(1, "pledge"); +#endif + while ((ch = getopt(argc, argv, "acdeF:flmX")) != -1) { switch (ch) { case 'a': @@ -12271,11 +12291,6 @@ cmd_histedit(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " - "unveil", NULL) == -1) - err(1, "pledge"); -#endif if (abort_edit && continue_edit) option_conflict('a', 'c'); if (edit_script_path && edit_logmsg_only) @@ -12829,6 +12844,12 @@ cmd_integrate(int argc, char *argv[]) int ch; struct got_update_progress_arg upa; int *pack_fds = NULL; + +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " + "unveil", NULL) == -1) + err(1, "pledge"); +#endif while ((ch = getopt(argc, argv, "")) != -1) { switch (ch) { @@ -12844,11 +12865,7 @@ cmd_integrate(int argc, char *argv[]) if (argc != 1) usage_integrate(); branch_arg = argv[0]; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " - "unveil", NULL) == -1) - err(1, "pledge"); -#endif + cwd = getcwd(NULL, 0); if (cwd == NULL) { error = got_error_from_errno("getcwd"); @@ -12998,6 +13015,12 @@ cmd_merge(int argc, char *argv[]) int *pack_fds = NULL; memset(&upa, 0, sizeof(upa)); + +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " + "unveil", NULL) == -1) + err(1, "pledge"); +#endif while ((ch = getopt(argc, argv, "acn")) != -1) { switch (ch) { @@ -13019,12 +13042,6 @@ cmd_merge(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " - "unveil", NULL) == -1) - err(1, "pledge"); -#endif - if (abort_merge && continue_merge) option_conflict('a', 'c'); if (abort_merge || continue_merge) { @@ -13305,6 +13322,12 @@ cmd_stage(int argc, char *argv[]) TAILQ_INIT(&paths); +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " + "unveil", NULL) == -1) + err(1, "pledge"); +#endif + while ((ch = getopt(argc, argv, "F:lpS")) != -1) { switch (ch) { case 'F': @@ -13328,11 +13351,6 @@ cmd_stage(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " - "unveil", NULL) == -1) - err(1, "pledge"); -#endif if (list_stage && (pflag || patch_script_path)) errx(1, "-l option cannot be used with other options"); if (patch_script_path && !pflag) @@ -13440,6 +13458,12 @@ cmd_unstage(int argc, char *argv[]) TAILQ_INIT(&paths); +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " + "unveil", NULL) == -1) + err(1, "pledge"); +#endif + while ((ch = getopt(argc, argv, "F:p")) != -1) { switch (ch) { case 'F': @@ -13457,11 +13481,6 @@ cmd_unstage(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd " - "unveil", NULL) == -1) - err(1, "pledge"); -#endif if (patch_script_path && !pflag) errx(1, "-F option can only be used together with -p option"); @@ -13975,6 +13994,12 @@ cmd_info(int argc, char *argv[]) TAILQ_INIT(&paths); +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil", + NULL) == -1) + err(1, "pledge"); +#endif + while ((ch = getopt(argc, argv, "")) != -1) { switch (ch) { default: @@ -13986,11 +14011,6 @@ cmd_info(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil", - NULL) == -1) - err(1, "pledge"); -#endif cwd = getcwd(NULL, 0); if (cwd == NULL) { error = got_error_from_errno("getcwd"); blob - e67fbcf1e5c4b6bc2399bde36796bf77749c9bed blob + 158bbdc93cdc3b2264d3efa8d639edde028f21d8 --- gotadmin/gotadmin.c +++ gotadmin/gotadmin.c @@ -283,6 +283,11 @@ cmd_init(int argc, char *argv[]) const char *head_name = NULL; char *repo_path = NULL; int ch; + +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath unveil", NULL) == -1) + err(1, "pledge"); +#endif while ((ch = getopt(argc, argv, "b:")) != -1) { switch (ch) { @@ -298,10 +303,6 @@ cmd_init(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath unveil", NULL) == -1) - err(1, "pledge"); -#endif if (argc != 1) usage_init(); @@ -337,6 +338,12 @@ cmd_info(int argc, char *argv[]) off_t packsize, loose_size; char scaled[FMT_SCALED_STRSIZE]; int *pack_fds = NULL; + +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil", + NULL) == -1) + err(1, "pledge"); +#endif while ((ch = getopt(argc, argv, "r:")) != -1) { switch (ch) { @@ -356,11 +363,6 @@ cmd_info(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil", - NULL) == -1) - err(1, "pledge"); -#endif if (repo_path == NULL) { error = get_repo_path(&repo_path); if (error) @@ -706,6 +708,12 @@ cmd_pack(int argc, char *argv[]) TAILQ_INIT(&exclude_refs); TAILQ_INIT(&include_refs); +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd unveil", + NULL) == -1) + err(1, "pledge"); +#endif + while ((ch = getopt(argc, argv, "aqr:x:")) != -1) { switch (ch) { case 'a': @@ -737,11 +745,6 @@ cmd_pack(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath fattr flock proc exec sendfd unveil", - NULL) == -1) - err(1, "pledge"); -#endif if (repo_path == NULL) { error = get_repo_path(&repo_path); if (error) @@ -1035,6 +1038,12 @@ cmd_listpack(int argc, char *argv[]) int show_stats = 0, human_readable = 0; int *pack_fds = NULL; +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil", + NULL) == -1) + err(1, "pledge"); +#endif + while ((ch = getopt(argc, argv, "hs")) != -1) { switch (ch) { case 'h': @@ -1058,11 +1067,6 @@ cmd_listpack(int argc, char *argv[]) if (packfile_path == NULL) return got_error_from_errno2("realpath", argv[0]); -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil", - NULL) == -1) - err(1, "pledge"); -#endif error = got_repo_pack_fds_open(&pack_fds); if (error != NULL) goto done; @@ -1219,6 +1223,12 @@ cmd_cleanup(int argc, char *argv[]) char scaled_after[FMT_SCALED_STRSIZE]; char scaled_diff[FMT_SCALED_STRSIZE]; int *pack_fds = NULL; + +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil", + NULL) == -1) + err(1, "pledge"); +#endif while ((ch = getopt(argc, argv, "anpqr:")) != -1) { switch (ch) { @@ -1250,11 +1260,6 @@ cmd_cleanup(int argc, char *argv[]) argc -= optind; argv += optind; -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil", - NULL) == -1) - err(1, "pledge"); -#endif if (repo_path == NULL) { error = get_repo_path(&repo_path); if (error) blob - 59f6749677b14d49ad79028572ac387a766ff9db blob + 0d706f1c0a5161fd7a132b213b89c64e4cd17da0 --- tog/tog.c +++ tog/tog.c @@ -9450,12 +9450,18 @@ main(int argc, char *argv[]) { NULL, 0, NULL, 0} }; char *diff_algo_str = NULL; + + setlocale(LC_CTYPE, ""); + +#ifndef PROFILE + if (pledge("stdio rpath wpath cpath flock proc tty exec sendfd unveil", + NULL) == -1) + err(1, "pledge"); +#endif if (!isatty(STDIN_FILENO)) errx(1, "standard input is not a tty"); - setlocale(LC_CTYPE, ""); - while ((ch = getopt_long(argc, argv, "+hV", longopts, NULL)) != -1) { switch (ch) { case 'h': @@ -9480,12 +9486,6 @@ main(int argc, char *argv[]) return 0; } -#ifndef PROFILE - if (pledge("stdio rpath wpath cpath flock proc tty exec sendfd unveil", - NULL) == -1) - err(1, "pledge"); -#endif - if (argc == 0) { if (hflag) usage(hflag, 0);