Kevin Day [Thu, 28 Apr 2022 03:05:15 +0000 (22:05 -0500)]
Cleanup: Controller program return codes should be more generalized.
It turns out that when agetty returns on access denied while trying to login, it returns access denied to the controller program.
The controller program has no way of distinguishing that this is access denied while trying execute the program to this is access denied because the program returned access denied.
Change the error messages to be more generalized so that they are less misleading.
Kevin Day [Wed, 27 Apr 2022 05:08:32 +0000 (00:08 -0500)]
Bugfix: When compiled as "init" the controller program does not use the correct paths.
The isolation between the "init" specific changes and the normal "controller" specific code is insufficient.
Move all of the special paths into the main program, introducing a new header and source file called "main-common.h" and "main-common.c".
The main program is now responsible for providing these strings.
Kevin Day [Sat, 23 Apr 2022 06:11:37 +0000 (01:11 -0500)]
Update: Implement "github" test system in the testing script.
The github actions has a repository that lacks cmocka.
Using the apt-get to download the systems cmocka library is slow and a waste of time.
Utilize the support for a custom "github" test system and manually download, compile, and install the cmocka source.
Given that this is for github, utilize a cmocka mirror repository that I found on github.
This is not ideal because it pulls from master rather than a specific version but it should work well enough.
Make any other appropriate changes or improvements to the testing script.
Kevin Day [Fri, 22 Apr 2022 04:09:50 +0000 (23:09 -0500)]
Update: Add unit tests for f_environment, make changes to f_environment, and add new function f_environment_secure_is().
Add the unit tests for f_environment.
The new function f_environment_secure_is() brings in libcap dependency requirements to f_environment.
This is added to add support for something similar to secure_getenv() rather than wrapping a non-standard method.
I am still not very experience with capabilities and do not guarantee an accurate replacement for secure_getenv().
Replace F_valid_not error returns with F_parameter error returns.
Kevin Day [Thu, 21 Apr 2022 03:54:39 +0000 (22:54 -0500)]
Bugfix: Fixes for f_file exposed by unit tests.
Fix case where private_f_file_stat_at() is being passed F_true rather than the flag.
Add missing path.used checks.
When total is 0 in f_file_stream_read_until(), then immediately return as F_none_stop.
Handle case where freopen() actually allows for the path to be NULL in which case the mode string is applied.
In this case, return F_data_not only if both path and mode are not used.
Always re-assign the file stream after calling freopen().
The return status' from private_f_file_stream_write_until() calls are not being processed.
The code is checking the values but the value is never assigned.
Add the missing return value assignment.
Move file stream locking into private_f_file_stream_write_until() and make sure only unlocked functions are used.
The f_file_type() and f_file_type_at() functions need to accept a dereference boolean for consistency with the rest of the project.
Have these two functions call private_f_file_stat() and private_f_file_stat_at() respectively.
When fwrite_unlocked() is called, be sure to set check if ferror_unlocked() returns an error rather than checking size_write.
The previous behavior is incorrect because it is checking if size is less than 0 and the man pages claim that fwrite()/fwrite_unlocked() returns nothing smaller than 0 on failure.
Have the fwrite_unlocked() unknown errnor codes return F_file_write rather than F_failure.
Kevin Day [Wed, 20 Apr 2022 03:10:20 +0000 (22:10 -0500)]
Bugfix: Fixes for f_file exposed by unit tests.
Restructure private_f_file_close() to be more consistent with the parameter ordering as is done with the rest of the project.
Have f_file_stream_close() not handle flush errors so that close is only to be called once.
The design of fclose() and close() state that even on error the descriptors are freed.
This means that file close doesn't fail, it always succeeds.
But the errors need to be propogated.
Ignore flush and always call close so that the behavior of never calling close twice can be guaranteed.
The private_f_file_close() will still
This also means that the stream and descriptor are to always be reset on close.
Return values need to be updated for several functions.
Rename f_file_stream_descriptor() to f_file_stream_open_descriptor() to make it clear that this is an open command.
Kevin Day [Tue, 19 Apr 2022 03:27:58 +0000 (22:27 -0500)]
Bugfix: Fix problems in f_file exposed by unit tests.
Add _f_file_rename_use_renameat2_ to enable support for renameat2() for systems in which this is available.
Add flags parameter to rename function to automatically support this.
Add missing "!path.used" checks.
Add missing parameter checks.
Move parameter checks that should instead be file closed checks that process normally.
Consistently apply file closed checks.
The function private_f_file_role_change_at() needs to check that result is not an error before processing group.
Failure to do this may result in hiding an error.
Kevin Day [Mon, 18 Apr 2022 03:41:05 +0000 (22:41 -0500)]
Bugfix: Problems in f_file functions exposed by unit tests.
Clean up f_file_name_base() and f_file_name_directory() code.
Use f_string_ascii_period_s rather than f_string_ascii_plus_s to match a period!
Perform this comparison check after allocating the necessary space to ensure a NULL terminated string is returned.
The POSIX standard designates that read() returns 0 on EOF.
Rather than checking for size_read == file.size_read (and similar), check fo size_read to be 0.
When total is 0, return F_data_not for f_file_read_until().
Kevin Day [Sun, 17 Apr 2022 00:26:18 +0000 (19:26 -0500)]
Bugfix: Problems in f_file regarding file mode exposed by unit tests.
The f_file_mode_from_string() function clearly didn't survive multiple refactors.
There are problems clearly the result from mass-refactoring.
Now that the parameter is f_string_static_t rather than an f_string_t, use the ".used" rather than NULL checks to determine end of string.
Failure to do this could result in unexpected behavior.
There are also bugs and mistakes that I do not know how they even got past me.
The comparison checks are missing from some checks!
Add missing '==' comparisons.
Exit as soon as possible when code.used is smaller than it is allowed to be.
Mode strings that start with '+', '-', or '=' of length 1 cannot be valid.
Mode strings that start with '=' should replace across all blocks.
Better detect when the code is incomplete and return an error.
Add missing detection for when mode string is too large for number-based modes.
As per chmod command, replacement digits (not having '+' or '-') result in replacing special bits as well.
Update the documentation to better describe how f_file_mode_t works.
Kevin Day [Sat, 16 Apr 2022 05:04:50 +0000 (00:04 -0500)]
Progress: Continue implementing f_file unit tests.
The unit tests for f_file_mode_determine() are very minimal.
There are quite a lot of permutations that I should test but will not get to.
These additional permutations will have to be done in some distant date, probably after the first stable release of the 0.6.x series.
Kevin Day [Sat, 16 Apr 2022 05:01:06 +0000 (00:01 -0500)]
Update: Improve the logic for the read link f_file functions.
The f_file_link_read() and f_file_link_read_at() functions have their dynamic allocation logic improved.
Use link_stat.st_size rather than target->used to pass to readlink() or readlinkat().
Initialize target->used to 0 and then update target->used on success while ensuring the string is always NULL terminated after the target->used.
The unit tests revealed that these can and should be improved.
Kevin Day [Sat, 16 Apr 2022 03:08:40 +0000 (22:08 -0500)]
Update: Add missing checks to f_file_link_hard_at() and use F_file_descriptor.
The F_data_not tests are missing, add them.
The EBADF is returning F_directory_descriptor.
In this specific case, the descriptor is not for a directory per-say but for a general file.
The F_file_descriptor code should be returned in this case.
This has been revealed by the unit tests that I am writing.
Kevin Day [Fri, 15 Apr 2022 21:56:11 +0000 (16:56 -0500)]
Regression: The trailing Unicode sequences don't always show correctly for sequences ending normally.
The commit 85df83a6d846d575657016682c7014a09ac8af4e didn't handle all of the cases it needed to.
I forgot to check the normal behavior and ended up breaking normal behavior while fixing the exception cases.
The width_utf might be -1 for ASCII and performing the subtracting without handling -1 (and then casting it to unsigned) results in bad behavior.
Only handle incomplete character at the end of the stream when the character is actually incomplete.
Kevin Day [Fri, 15 Apr 2022 21:01:40 +0000 (16:01 -0500)]
Update: Directory tests following recent changes.
The change from a7d607fecf1fdd5eff36d53b6108b6cc316bdf1f didn't include test updates.
The tests need to provide properly dynamically allocated structure for the mocks so that the deallocation internal to the called functions work as expected.
Kevin Day [Fri, 15 Apr 2022 20:36:25 +0000 (15:36 -0500)]
Bugfix: Trailing Unicode sequences that get cut off before the encoding is completed improperly display.
Detect when this kind of underflow happens.
Print remaining characters without trying to print missing characters.
Reset and perform remaining data to print at end.
Kevin Day [Fri, 15 Apr 2022 01:10:17 +0000 (20:10 -0500)]
Bugfix: Unicode characters are not printing correctly.
At some point it seems that I accidentally mass converted all of the macro_f_utf_byte_width() and similar to macro_f_utf_char_t_width().
This broke the printing logic.
The f_print is handling normal characters and not f_utf_char_t.
Kevin Day [Thu, 14 Apr 2022 04:04:24 +0000 (23:04 -0500)]
Update: Implement file statistics flag enumeration, dereferencing/no-dereferencing, and also use F_stream_not.
While writing the unit tests for the f_file project I noticed an oversight in the design.
The dereferencing logic needs to be designated rather than assumed.
This requires changing the parameters to functions.
Now is the time to break the API as the official stable release is not made.
This takes the minimalistic approach to changing the API.
I can imagine better designs where I pass the file stat flag everywhere rather than sometimes passing the file stat flag and other times passing a dereference boolean.
This is a larger change in which I wish to avoid.
Improvements to this can be made for the next development series.
The roles can be merged into the file statistics flags.
The roles of group and owner are separated.
For the purposes of limiting changes, both owner and group are treated the same.
The next development cycle will be expected to improve upon this.
The exclusive boolean is now merged into the file statistics flags.
The fake program must be updated.
A new functionality for designating when to dereference and when not to.
The default behavior is to dereference.
This means that the new option is "no_dereference".
To always favor the dereference by default, the file statistics flag is a "reference" flag used to designate that something must not dereference.
The f_file_descriptor() function should return F_stream_not.
This makes more sense as it only fails when the file descriptor is not a valid file stream.
As mentioned above, I was in the process of updating the tests.
This includes some test updates.
Kevin Day [Mon, 11 Apr 2022 02:16:54 +0000 (21:16 -0500)]
Bugfix: Fix problems exposed by f_file project tests.
The f_file_access() should have the mode parameter.
Add missing f_file_access_at().
The f_file_clone() and f_file_copy() are treating exclusive incorrectly.
Do not test for exclusive when assigning the file mode, that is not what exclusive is for.
Add missing paramter check in f_file_descriptor(), f_file_read(), f_file_read_block(), f_file_read_until(), f_file_stream_read(), and f_file_stream_read_until().
The return error result for when a file is not a directory should return F_directory_not rather than F_directory.
Remove unneeded parameter check from f_file_mode_set(), f_file_stream_write_until(), and f_file_stream_write_range().
Add missing range.start > range.stop checks where appropriate.
Many of the file stream functions have locked function calls when unlocked function calls should be used.
Such as where feof() should instead be feof_unlocked() and ferror() should instead be ferror_unlocked().
The private_f_file_stream_write_until() function needs to use unlocked function calls and then must be wrapped between manual flockfile() and funlockfile() calls.
Update documentation comments.
Clean up much of the errno checks alphabetic ordering as appropriate.
Clean up the macro definitions, adding more structure and organization.
Add file access mode define macros.
Simplify function calls where the function may be called with different number of parameters.
This is not strictly allowed by the C language but somehow the POSIX standard got these in and implemented.
This is likely done through macros or some fancy linker tricks.
Avoid these uses and instead use the most likely implemented one.
Example:
openat(at_id, path.string, file->flag);
vs
openat(at_id, path.string, file->flag, mode);
The latter is the one chosen to be most likely.
Add missing result checks that without those checks could potentially alter owner/group on files after an error occurred.
The f_file project tests are a works in progress and so there may be more such fixes to come.
Kevin Day [Sat, 9 Apr 2022 05:42:10 +0000 (00:42 -0500)]
Bugfix: Memory handling related to or exposed by f_directory unit tests.
Replace a double pointer cast with a single pointer cast.
Just in case, if the struct dirent listing is allocated, free it when scandir() returns -1.
The entire struct dirent pointers do not need to be allocated as I thought.
It seems these are copied inside scandir() where the memory deletes inside that function did not affect the mock pointer from the caller.
This resulted in a minor memory leak in the unit test program.
Replace the outermost struct dirent malloc with just a struct dirent array in these cases.
Kevin Day [Sat, 9 Apr 2022 05:25:03 +0000 (00:25 -0500)]
Update: Fix the f_directory unit tests and finish writing them.
The problem with the unit tests not being run (especially on Github) appears to be the result of compiler optimizations.
Fix this by disabling compiler optimizations in the mock functions and add appropriate commetns explaining this.
Kevin Day [Sat, 9 Apr 2022 05:18:25 +0000 (00:18 -0500)]
Bugfix: Invalid memory deletion.
The memory is being incorrectly deleted for multiple reasons.
1) The type is not f_string_t, it is struct dirent.
2) The index within a listing is already a pointer.
3) The listing itself is already a pointer.
4) Remove extra delete commands.
5) The memory is not being deleted on certain errors.
These problems have been exposed by the unit tests.
Also replace macro_f_memory_structure_increment() with f_string_dynamics_increase().
Kevin Day [Sat, 9 Apr 2022 03:46:24 +0000 (22:46 -0500)]
Update: Settings, mock settings, and test settings.
Add standard comments to the settings-mocks and settings-tests files.
Remove the level and monolithic from the settings-mocks and settings-tests files given that I have now determined to rrun the tests exclusively in individual build mode.
Kevin Day [Fri, 8 Apr 2022 03:35:41 +0000 (22:35 -0500)]
Update: Simplify build settings files.
The build setting files contained numerous Objects set to empty content.
This allows for showing how to configure.
With a long standing bug fixed (defaults being applied incorrectly) a misconfiguration as a result of this has been revealed.
Simplify the build settings to make the settings easier to read and maintain.
This ends up fixing the bug (because the default path_sources gets assigned when path_sources is not defined at all).
Kevin Day [Fri, 8 Apr 2022 01:18:52 +0000 (20:18 -0500)]
Update: The fake program should show the fakefile or setting being used when building.
This helps make what is going more clear when viewing the console.
Multiple executions of different build settings (or fakefiles) should be easily determinable such as when running tests.
Kevin Day [Thu, 7 Apr 2022 05:49:09 +0000 (00:49 -0500)]
Update: Improve read program logic to allow for catching interrupts during file read.
Introduce break points in the read process by establishing an outer block loop.
Add the signal check before each block read.
There may need to be additional, smaller checks to further reduce how often the signal check is performed within these loops.
Make sure to use the file stream read rather than the file read.
Calculate the file size and pre-allocate the buffer.
Determine the exact size needed to avoid additional reallocations by utilizing the modulus operator.
The fss_embedded_read is notably out of day and inconsistent with the rest of the fss read programs.
This is only partially updated enough to work with the changes.
Kevin Day [Thu, 7 Apr 2022 05:31:34 +0000 (00:31 -0500)]
Bugfix: For f_file, use off_t, pre-test for EOF or error, use sizeof(f_char_t), and use size_t rather than ssize_t.
The fread() and similar stream functions actually use size_t rather than ssize_t.
Fix this bug by changing ssize_to to size_to for the affected functions.
Use off_t rather than f_array_length_t to be consistent with the types used in the libc/POSIX API.
Add additional checks for feof() and ferror() and the start of the stream read functions.
There needs to be a few more error codes, add a TODO comment to address this via a separate commit.
Use the size of f_char_t rather than 1 for reading.
Use >= in buffer read check rather than ==, just in case.
Kevin Day [Wed, 6 Apr 2022 03:37:30 +0000 (22:37 -0500)]
Update: The example project build settings and fakefiles.
These fell out of sync.
Add support for building via clang.
The "example-objects" project doesn't include support for clang because it is providing a minimalistic example.
Kevin Day [Wed, 6 Apr 2022 03:32:43 +0000 (22:32 -0500)]
Bugfix: Defaults should not be applied when an empty Object is specified.
When an Object is not specified, such as with "path_sources", then the default should be loaded.
When an Object is specified but ha Content with a length of 0, then the Content should not have a default applied.
The example bzip fakefile exposed this problem where the "path_sources" is empty and should be.
The existing code is incorrectly applying the default when length is 0.
The code to actually check for whether or not an Object is specified is already in place but it is not used.
Update the code to utilize the existing information.
Kevin Day [Tue, 5 Apr 2022 03:35:54 +0000 (22:35 -0500)]
Bugfix: The f_capability should accept f_string_constant_t rather than f_string_static_t.
The name.string is incorrect and should be name->string.
Once I fixed this, I noticed a compiler warning about losing the "const" frrom the return value of cap_mode_name().
Use f_string_constant_t rather than f_string_static_t.
Kevin Day [Sun, 3 Apr 2022 15:59:05 +0000 (10:59 -0500)]
Update: Add f_directory tests then fix problems discovered problems and perform appropriate cleanups.
The "preserve_path_headers" in settings-mocks and settings-tests should be set to "yes".
Add missing dependencies-tests file for any project providing tests.
Remove at_id <= 0 parameter checks because this is already handled by EBADF.
Fix alphabetic ordering of errno returns for f_directory.
I started doing this for f_file as well until I realized how much there is to do.
I won't continue this for f_file because I don't plan on adding tests for f_file for this next release.
The ENOTDIR should return F_directory_not rather than F_directory.
Unable to perform many of the tests because the dynamic linker wrapper is not properlly handling stat() and scandir() as expected.
These tests are commented out, incomplete, and comments are added describing why.
The commit that fixed the reversed endianness problems is 78daa0d760fbcc767dd099d68ae02d23b3df4991.
These changes revealed the test problems due to the tests now failing.
Fix the tests.
Make a new character type for the EOL, EOS, and placeholder in a way that is more consistent with the character macros for the f_char_t.
The F_utf_substitute_open_box_d_length and F_utf_substitute_open_box_shouldered_d_length should have _s_ rather than _d_ in their names.
Change the UTF-8 seek to functions to not need to check for URL fragments.
Change the UTF-8 seek to functions to accept f_utf_char_t rather than f_char_t.
This completely makes more sense.
This allows for searching a f_utf_string_t using a f_utf_char_t.
The tests are expecting this behavior earlier and they only happened to succeed due to the coincidence of the bitwise order of the previously incorrect tests.
This swaps the bitwise order of the strings.
More than likely I need a macro check to handle big endian as well.
This is left to changes in the future.
The 0.6.x stable series does not guarantee big endian support.
The 0.8.x stable series does guarantee big endian support because I will be working on adding networking support.
Leave the bitwise improvements and tests for the next development cycle so that I can focus on pushing out the 0.6.x stable release.
If I have the time, I might still fix this after the release candidate is released as I will most likely be improving the tests and fixing any discovered problems.
Kevin Day [Sat, 2 Apr 2022 22:56:05 +0000 (17:56 -0500)]
Update: Get the controller program in a better state for a stable release.
I started realizing that there were things that I forgot all about that the control and controller programs need to do.
There are too many changes to make immediately before the release.
Remove the incomplete code to avoid having stale code and therefore stale binary data.
Comment out the parts that generate socket related information as the socket cannot be supported yet.
Kevin Day [Sat, 2 Apr 2022 22:48:44 +0000 (17:48 -0500)]
Update: Get the control program in a better state and update the control/controller documentation.
I started realizing that there were things that I forgot all about that the control and controller programs need to do.
This is too many changes to make immediately before the release.
Wrap up the control program into a tolerable state and it will be published as is.
Release notes will be used to document that this program didn't make the cut in time.
Kevin Day [Sat, 2 Apr 2022 14:03:20 +0000 (09:03 -0500)]
Bugfix: Incorrectly checking byte width when already inside a character.
The width has already been determined, so these values are parts of a UTF-8 character.
The code is doing a byte check and attempting to verify or process this as a new UTF-8 character sequence.
This results in an inaccurate data from that point forward for the rest of the file.
Kevin Day [Sat, 2 Apr 2022 13:41:07 +0000 (08:41 -0500)]
Update: Do not use sizeof(char_t) for explicitly handling 1 byte.
The char_t could potentially be of some size other than 1.
This read is per-byte and not per-character.
Normally these or true, but some special architectures this might not be.
Kevin Day [Sat, 2 Apr 2022 13:16:39 +0000 (08:16 -0500)]
Regression: Accidentally reversed the big vs little endian bits.
I had a fear that I might of done this with the commit dda60cc8d9cad69b55e7d79b4c052677b03b4413.
Turns out I was right.
All that back and forth getting confused before I realized that I should not use the BIG_ENDIAN macro did result in me getting confused on what bit goes where.
Kevin Day [Sat, 2 Apr 2022 04:08:41 +0000 (23:08 -0500)]
Update: Centralize common error function, minor cleanups, and improve status code programs.
Printing an error for two different long parameters that cannot be used together is very common.
Move this into a single function inside of fll_program.
Make sure that these calls are wrapped in appropriate verbosity checks.
The status code programs is now able to print the number with the error bit and/or warning bit set.
The status code programs status codes error and warning can be used together when using the -n/--number.
Perform minor cleanup where the "main->parameters.remaining.used > 0" can be simplified.
Kevin Day [Fri, 1 Apr 2022 04:48:29 +0000 (23:48 -0500)]
Update: Remove inefficient and pointless size increase.
This must have been by accident or by habit.
The (range->stop - range->start) for these shouldn't be happening.
These checks are solely for ensuring there is enough room after what is already allocated.
The behavior is actually potentially doubling its size.
Only increase size by the required amount.
There are likely other such problems that need to be fixed across this project.
I will likely not get to these by the 0.6.0 stable release and will have to address them following that as I find them.
Kevin Day [Fri, 1 Apr 2022 04:42:01 +0000 (23:42 -0500)]
Update: Ensure all programs are handling signals, adding signal_received to fll_program_data_t.
Make sure fll_program_data_t supports storing the signal.
Move the commonly written functions that are pretty much identical across programs into fll_program:
- fll_program_standard_signal_received()
- fll_program_standard_signal_state()
Increase standard signal check from 10000 to 20000.
I really dislike the signal_check logic that exists purely as a work-around to the signal handling.
Most likely the only way to do this nicely that is available without rewritting the kernel and the libc will be to implement threads.
This will not be done for the 0.6.x versions and will likely happen for the 0.8.x versions.
Kevin Day [Thu, 31 Mar 2022 01:31:52 +0000 (20:31 -0500)]
Update: Add umask integer to fll_program_data_t.
This should be a standard practice that ideally must go away if the POSIX standard ever fixes that idiotic umask() design.
Never under any circumstances should a read-only operation result require a write operation!
I am forced to work around this, so I might as well provide a standard practice work-around.
Kevin Day [Thu, 31 Mar 2022 00:48:03 +0000 (19:48 -0500)]
Update: Add child integer to fll_program_data_t.
A few of the programs practice returning the child return status or the child process id.
Make this behavio standard by adding child to the fll_program_data_t.
Kevin Day [Thu, 31 Mar 2022 00:06:18 +0000 (19:06 -0500)]
Security: Invalid write in FSS processing functions due to improper allocation size.
The start and stop ranges are inclusive.
This means that the size is (stop - start) + 1.
The problems happens where the code is adding additional digits to represent end of line or other special characters.
When this is added, I seem to have forgotten to add the additional numbers to the + 1 and instead replaced the + 1.
This results in the size being potentially short by a single character and thus an invalid write is possible.
Kevin Day [Wed, 30 Mar 2022 23:47:13 +0000 (18:47 -0500)]
Update: Move the program data into the main for fss_embedded_list_read.
Replace fss_embedded_list_read_main_t with fll_program_data_t and fss_embedded_list_read_data_t.
Move parameter initialization and deallocation for FLL program data into main.c.