This fixes an issue introduced in commit a00fa5330d. As the
destination string produced by html_escape is not explicitly
terminated by the function as introduced in this commit, the
escaped URL in dest continues with characters found in memory
that have not been overwritten, which essentially breaks the
encoded URL. The behaviour prior to commit a00fa5330d was as
follows:
$ src/gophernicus <<<URL:https://example.com | grep Refresh
<META HTTP-EQUIV="Refresh" content="1;URL=https://example.com">
The broken behaviour since commit a00fa5330d is this:
$ src/gophernicus <<<URL:https://example.com | grep Refresh
<META HTTP-EQUIV="Refresh" content="1;URL=https://example.comtps://example.com"">
Explicitly terminating the destination string by adding a zero
byte seems to fix this; yet, since I am not a C programmer myself,
I may well have missed some ramifications of this change. In any
case, the output produced by gophernicus since commit a00fa5330d
is essentially broken, so this is probably still an improvement.
Gophernicus currently thinks that Alpine Linux is called "Welcome/6.7" (seems to be extracting the OS name from /etc/issue and the version it's grabbing the kernel version)
This commit allows gophernicus to read /etc/alpine-release and display the OS name and version correctly (e.g. "Alpine Linux/3.20")
The existing JPEG detection logic is too restrictive because it checks for the file header "FF D8 FF E0", which only matches JFIF-type JPEG images... Meanwhile EXIF JPEG images are more common these days.
For reference:
FF D8 = JPEG SOI (Start of Image) header
FF-D8-FF-E0 = JFIF
FF-D8-FF-E1 = EXIF
FF-D8-FF-E2 = CIFF
FF-D8-FF-E8 = SPIFF
As you can see checking for the SOI and then FF matches all extent types of JPEG images. \o/
inetd(8) sends the contents of stdout AND stderr to the client. This means that
configuring syslog(3) with LOG_PERROR (print messages to stderr) is a bad idea.
* `sendfd' and `recvfd' are not needed: gophernicus doesn't use
sendmsg(2) nor recvmsg(2).
* `inet' its needed only for getpeername(2), but it's only called
from init_state and is *before* pledging.
* `proc' is needed only when st.opt_exec is set.
This fixes all the calls to die so they pass a proper string and not
NULL. die blindly pass its arguments to log_fatal, which in turns
relays on vprintf or such. At least on OpenBSD, giving NULL instead
of a string for %s yields a log entry in syslog:
Jan 21 09:35:22 venera gophernicus: vfprintf %s NULL in "Error: %s %s\^M "
As a side effect, now some errors from pledge and unveil are slightly
more clear.
`getcwd(3)' returns a NULL pointer when it fails, and a pointer to the buffer
when it succeeds. The array of characters (allocated on the stack) is not NULL,
so it cannot be used to check if `getcwd(3)' succeeded. Use the pointer
returned by `getcwd(3)' to check success.
DESTDIR when used in packaging can represent a temporary directory or fake root used for packaging the application, so using this value for modifying the listener config is not ideal, as the binary path will be incorrect.
