Kevin Day [Fri, 1 Apr 2022 04:42:01 +0000 (23:42 -0500)]
Update: Ensure all programs are handling signals, adding signal_received to fll_program_data_t.
Make sure fll_program_data_t supports storing the signal.
Move the commonly written functions that are pretty much identical across programs into fll_program:
- fll_program_standard_signal_received()
- fll_program_standard_signal_state()
Increase standard signal check from 10000 to 20000.
I really dislike the signal_check logic that exists purely as a work-around to the signal handling.
Most likely the only way to do this nicely that is available without rewritting the kernel and the libc will be to implement threads.
This will not be done for the 0.6.x versions and will likely happen for the 0.8.x versions.
Kevin Day [Thu, 31 Mar 2022 01:31:52 +0000 (20:31 -0500)]
Update: Add umask integer to fll_program_data_t.
This should be a standard practice that ideally must go away if the POSIX standard ever fixes that idiotic umask() design.
Never under any circumstances should a read-only operation result require a write operation!
I am forced to work around this, so I might as well provide a standard practice work-around.
Kevin Day [Thu, 31 Mar 2022 00:48:03 +0000 (19:48 -0500)]
Update: Add child integer to fll_program_data_t.
A few of the programs practice returning the child return status or the child process id.
Make this behavio standard by adding child to the fll_program_data_t.
Kevin Day [Thu, 31 Mar 2022 00:06:18 +0000 (19:06 -0500)]
Security: Invalid write in FSS processing functions due to improper allocation size.
The start and stop ranges are inclusive.
This means that the size is (stop - start) + 1.
The problems happens where the code is adding additional digits to represent end of line or other special characters.
When this is added, I seem to have forgotten to add the additional numbers to the + 1 and instead replaced the + 1.
This results in the size being potentially short by a single character and thus an invalid write is possible.
Kevin Day [Wed, 30 Mar 2022 23:47:13 +0000 (18:47 -0500)]
Update: Move the program data into the main for fss_embedded_list_read.
Replace fss_embedded_list_read_main_t with fll_program_data_t and fss_embedded_list_read_data_t.
Move parameter initialization and deallocation for FLL program data into main.c.
Kevin Day [Wed, 30 Mar 2022 03:37:07 +0000 (22:37 -0500)]
Bugfix: The out of range is printing and then continues processing.
When out of range happens an error should be printed and should stop processing for that parameter.
This is not happening because the status is incorrectly being returned when status is not assigned an error bit.
The out of range check happens independent of the status variable.
Kevin Day [Wed, 30 Mar 2022 01:17:09 +0000 (20:17 -0500)]
Update: Use signal_check more consistently in programs.
There are programs that do not use the fll_program_data_t structure.
These now define the signal_check in their main.
Such cases will go away as soon as they are converted into using fll_program_data_t.
Kevin Day [Tue, 29 Mar 2022 03:38:43 +0000 (22:38 -0500)]
Update: Finish writing tests, fix endianness, simplify some code.
Now that f_char_t exists and is in use, rename f_utf_character_t to f_utf_char_t to be consistent (and simpler).
The endianness detection is incorrect.
The BIG_ENDIAN is not represented as expected.
Change the detection to use GCC's __BYTE_ORDER__ macros.
Fallback to little endian if those macros are not available.
It took a while to figure out this was the problem and I got rather confused going back and forth between byte orders.
I think the changes I made are correct, but I need additional better testing on the byte orders.
Kevin Day [Mon, 28 Mar 2022 04:30:30 +0000 (23:30 -0500)]
Update: Bring f_utf project in sync with f_string.
I have been explicitly avoiding making change to f_utf until I finished updating and successfully vetted the f_string project.
Now that the f_string has tests that pass, mass update the f_utf project.
This changes the functions and structure to be inline with how f_string works.
Many of the fixes are brought over.
I have observed that several of the bugs that were recently in f_string is also present in f_utf.
These bugs in f_utf should now be fixed as well.
This tests are brought over.
Only the tests for functions that are shared between f_string and f_utf are implemented.
And then those tests currently cannot be compiled.
The reason is that normal quoted strings cannot be used with the special UTF dynamic strings.
I simply did not have the time to get to this to finish writing these tests for f_utf.
There are some parts of f_string that make no sense in f_utf, such as f_string_range_t and f_string_quantity_t (both of which can be used on f_string and f_utf strings).
These have been omitted when copying the relevant f_string into f_utf code.
Kevin Day [Mon, 28 Mar 2022 00:56:35 +0000 (19:56 -0500)]
Update: Restructure parts of f_utf project, and use f_utf_t, and add 'u' to hexdigits in common.h.
Move the relevant functions into utf/convert.h, utf/is.h, and utf/is_character.h.
Implement f_utf_t as a type of uint32_t.
This should allow more customizability on that type if need be.
It also provides a more explicit context.
Add 'u' to designate the hexdigits are unsigned (This likely more specifically means it is an unsigned int).
This might be removed if it becomes a problem with architectures where "u" represents 16-bits or less.
Due to the size of the work, I am avoiding making this change in all of the Unicode comparison functions.
There are quite a lot of hexdigits in use.
Kevin Day [Sun, 27 Mar 2022 22:22:18 +0000 (17:22 -0500)]
Bugfix: Partial string functions are incorrect.
The tests exposed these problems.
The *_assure() functions are operating as if they are *_assure_nulless().
Remove the NULL checks that should not be there and fix the documentation comments.
The *_assure() functions are not considering the following:
1) The case where range.stop is >= source.used.
2) The fact that range.stop is inclusive and should not be directly used in the same way that *.used is used.
In the case of (1), if the stop range result in it overflowing past the actual length, the previous code results in invalid reads.
In the case of (2), the stop.range needs to instead be stop.range + 1.
Kevin Day [Sun, 27 Mar 2022 16:00:28 +0000 (11:00 -0500)]
Update: Add additional tests for f_string project.
This adds tests for the f_string functions for functions defined in string.h.
This adds tests for the f_string functions for functions defined in dynamic.h that functionally mirror functions defined in string.h.
There are still more functions in dynamic.h that need to have tests written for them.
Kevin Day [Sun, 27 Mar 2022 15:19:04 +0000 (10:19 -0500)]
Bugfix: Incorrectly performing nulless string appends and prepends.
These problems are exposed by the tests that I am writing.
The destination->used < length check cannot be performed because of the presence of NULL characters.
The nulless versions of the strings may be identical even if their sizes do not match.
The only case where this check should still happen is when destination.used is 0.
The comparison operator is using the wrong variable in some cases ('j' should be used with 'destination').
Kevin Day [Sun, 27 Mar 2022 01:41:37 +0000 (20:41 -0500)]
Bugfix: Print functions are not always printing the entire string.
I observed this when working with printing binary data in '%Q'.
The fwrite_unlocked() might prematurely return but not on an error.
If it does, first check to see if it is an error and then keep trying until everything is printed.
This is more of a band-aid fix.
This requires an additional variable and an additional loop.
I would rather avoid all of this and so a re-design is likely necessary for greater efficiency.
As this is not my focus at the time I am going to tolerate this less than desirable design.
Kevin Day [Sat, 26 Mar 2022 16:22:39 +0000 (11:22 -0500)]
Bugfix: Increasing strings by too much.
The *_increase_by() methods already include the ".used" length.
The previous code is also adding the ".used" length resulting in an increase of ".used" * 2.
Kevin Day [Sat, 26 Mar 2022 02:38:08 +0000 (21:38 -0500)]
Bugfix: When using --at with --total for --content, the returned number is always 1 and should not be.
The code need to count all newlines rather than always returning 1.
This is likely a bug from copying the code from fss_basic_read where the non-zero count would indeed always be 1.
Kevin Day [Sat, 26 Mar 2022 02:34:34 +0000 (21:34 -0500)]
Bugfix: Invalid content count in FSS Basic List.
When F_none_eos or F_none_stop is returned, the content ends up having an additional size than the actual size.
This is happening because found->used++ is incremented immediately before returning.
When either F_none_eos or F_none_stop is returned, the content is not to be incremented.
Only the caller should know when to assume this is a proper ending representing the content end.
The macro private_macro_fl_fss_content_return_on_overflow_delimited() is only used in one place so remove it.
Make sure to initialize the content for all content read functions to ensure the content count is consistent.
Kevin Day [Mon, 14 Mar 2022 03:10:17 +0000 (22:10 -0500)]
Update: Consistency improvements with *_append() and *_append_all(), add tests, and other clean ups.
The array functions for managing structures needs to be consistent with the *_append() functions.
This introduces the *_append() all across the board.
The previous *_append() behavior is essentially refactored into *_append_all().
The *_append() now accepts a single type for a given structure rather than a set.
(The single type can still be representative of a set itself.)
Add a lot of tests.
Add missing f_iki tests.
The f_string tests are not fully implemented, the f_dynamic_* functions are only partially tested.
All of the other f_string structures should be fully tested now.
Make the macro_f_string_range_t_initialize() macro consistency with all other macros.
That is, the macro initialize that does not have a digit initializes using all of the structures members.
This effectively refactors macro_f_string_range_t_initialize() into macro_f_string_range_t_initialize2() and macro_f_string_range_t_initialize2() into macro_f_string_range_t_initialize().
Change the behavior of the *_resize() and *_adjust() functions to return F_none rather than a direct f_memory status code.
Update some of the string functions to return F_data_not_eos.
Restructure some of the code to be a bit more organized.
Specifically, the f_iki_data_t is moved into its own source and header files.
Reduce the clutter in some of the private source and header files by moving some of their content into separate individual files as appropriate.
Kevin Day [Thu, 10 Mar 2022 04:51:29 +0000 (22:51 -0600)]
Progress: Controller and Control sockets.
This also adds a new FSS: FSS-000F (Simple Packet).
I decided that this needs its own specific specification to represent it.
This further helps make it clear that a Packet is not the same as a Payload.
There can still be some confusion because the FSS-000F (Simple Packet) has a Payload Block.
That Payload Block contains the FSS-000E (Payload).
That FSS-000E (Payload) has a Payload section within itself.
This means that there are three different, but very similar (and also related), contexts used for a "payload".
To try and avoid this, I refer to the payload in FSS-000F (Simple Packet) as the Payload Block.
I refer to the payload in the specifications as the FSS Payload or the FSS-000E (Payload).
I refer to the payload within the FSS-000F (Simple Packet) as the Payload Object, the Payload Content, or the payload section.
Kevin Day [Wed, 9 Mar 2022 05:10:08 +0000 (23:10 -0600)]
Update: Revert back to 'char' rather than 'unsigned char'.
There are a lot more changes that I realized.
changing 'char' to 'unsigned char' will be for the next development release after the upcoming stable release.
Introduce the f_char_t type to allow for easier switching from 'char' to 'unsigned char'.
In all places that us 'unsigned char', just switch to 'char'.
Move the directory '..' and '.' into static strings.
Kevin Day [Tue, 8 Mar 2022 03:46:17 +0000 (21:46 -0600)]
Update: Switch to explicitly using sizeof() for char memset() and memcpy().
Different architectures might not actually have a 1-byte size.
Rather than assuming the common behavior, always call sizeof(unsigned char) to determine size of memset() and mempcy() functions.
Kevin Day [Tue, 8 Mar 2022 03:12:18 +0000 (21:12 -0600)]
Update: Avoid the generic 'char' and switch to the explicit 'unsigned char'.
Operations against unsigned are generally safer than the signed equivalents.
Using the generic 'char' may be different between compilers and expecations cannot be guaranteed.
This could result in obscure security issues.
Changing this to 'unsigned char' guarantees consistent behavior.
There are problems with some standard libc functions that expect char.
Explicitly cast to 'char' in these cases.
Kevin Day [Sun, 6 Mar 2022 22:56:52 +0000 (16:56 -0600)]
Progress: Implement controller to/from control networking.
Continue implementing the contoller to control communication.
I thought I described the packet structures in addition to the payload structure.
It seems I have not.
This begins adding the packet structure documentation.
Kevin Day [Sat, 5 Mar 2022 19:00:13 +0000 (13:00 -0600)]
Update: Provide open-standard-license-1.0.
The Open Standard License is a more formal definition of my original intents and license behind my Standards and Specifications provided in this project.
This standard is still considered an Informal Draft because I have yet to perform legal review and as such it is considered incomplete.
This standard will be formalized pending legal advice and even the name is subject to change.
I thought that there might be confusion between the LGPL license in this project (which focuses on Source Code) and the Standards and Specifications provided within this project.
To make this difference explicitly clear, I am in the process of formalizing the license.
One big important part of this is this license focuses on Implementations of the Standard or Specification.
This is a substantially different concept to what is used in the LGPL and similar licenses.
Kevin Day [Wed, 2 Mar 2022 05:51:29 +0000 (23:51 -0600)]
Update: Add test mode and provide -fstack-protector flag.
The recently added Github action for running tests is failing due to a stack overflow bug.
Compile with ssp explicitly enabled during testing to help better identify these cases.
The problem has not yet been identified and does not reproduce locally.
More investigation on that is be required.
This overflow happens while executing the cmocka based test.
There is the possibility that the overflow is in cmocka or as a result of how I am using cmocka.
Kevin Day [Tue, 1 Mar 2022 04:24:16 +0000 (22:24 -0600)]
Cleanup: Scripts syntax and styles.
The primary focus is on fixing the uppercase letters for the error and warning statements to follow proper sentence structure.
Other clean ups are incidental.