Here are - updates of a few of the patches in 295-alpha-patches.tar.gz, mostly according to our recent mails, - the group/permission patch I mailed, - two new patches (help-case.dif and strncpy.dif). Poke at one bug, and another springs up... Each patch can be applied independently of the others, except 2 patches marked as dependents at the top. *.dif file Summary 66-uchar-inkey Bugfix: Rewrite of previous 8-bit keyboard input patch. group Bugfix: Buggy --with-setgid permissions. sizeof-strncat Bugfix: Buffer overrun if some filenames are too long. strncpy Bugfix: strncpy() does not always \0-terminate the string. sizeof-path Bugfix/Cleanup: Remove magic numbers in pathnames. 28-mk-typo Cleanup: Minor typo in Makefile.std. Incompletely applied. sizeof-tempfile Cleanup: Remove magic numbers in my_fopen_temp() pathnames. help-avail Feature: Slight update of 295alpha help-avail patch. help-help Feature: Don't let SPACE key show blank help.hlp screen. userdir-delay Feature: Rewrite of the delay-mkdir(~/.angband/) patch. help-case Feature: Let show_file() indicate case sensitivity toggle. ====== 28-mk-typo.dif ====== Cleanup: Minor typo in Makefile.std. The 28-mk-typo.dif patch was applied to Makefile.gtk but not Makefile.std. - Spelling error in comment in Makefile.std. ====== 66-uchar-inkey.dif ====== Bug: 8-bit keyboard input mishandled. Rewrite of previous patch. This is a rewrite of 295-alpha-patches.tar.gz:66-uchar-inkey.dif to use more casts to (byte) instead of replacing char declarations with byte. A bit bigger, but maybe easier to read. If you have already applied the old patch, ignore this one. ====== group.dif ====== Bugfix: Buggy --with-setgid permissions This file is a copy of a bugreport from a recent mail, with one change: I replaced `chown -R $USER.foo' with `chgrp -R foo', since I noticed that you are already using chgrp anyway. Installation --with-setgid can install the wrong file and directory permissions. I append a suggested fix, but I'm not sure it is the correct one. Try this setup: # User `games' has primary group `games' and is member of group `angband'. # Directory /local/games/lib does not (yet) exist. su games ./configure \ --with-setgid=angband \ --bindir=/local/games \ --with-libpath=/local/games/lib/angband/295a umask 077 make -s all # install as `games', not as `root' make install First, installation fails for 2 reasons: * `chown -R root.angband ...' is not allowed for non-root users. I changed it to do `chgrp -R angband ...'. * `chmod -R 070' fails for non-root users if it does not traverse the directory depth-first. E.g. on Linux. After it took away permissions from the current user on the top dir, it can't traverse it:-( Anyway, I don't see why you need it anymore, with setgid instead of setuid. Allow scores unless the owner is playing? :-) So I changed the chmod to ug+rw,o-rwx. Second, the umask during installation controls the permissions of many files and directories. So with a high umask, only the owner can play. I fixed it with a chmod in mkinstalldirs and after creating files. Please inspect these; I'm not quite sure which umask you expected. I think the mkinstalldirs chmod is correct though, since it creates directories that are not owned by Angband. Taking away chmod 7xx also prevents files like scores.raw from getting execute permission. (If you need it, +rwX is better anyway.) Third, I added o-r to the chmod for the angband executable, so it's world executable but not world readable/debuggable. I think that's correct security-wise, but perhaps not what you want. Finally, I wonder: Why is there a chgrp @GAMEGROUP@ and chmod g+w on data/? Since only the owner can change files in edit/ anyway, and part of the installation routine is to run angband as the owner, it doesn't seem necessary. I didn't change it, though. ====== help-avail.dif ====== Feature: Slight update of 295alpha help-avail patch. See that patch for explanation. If you have already applied it, ignore this one. Replaces Help_Hlp and Help_Step with Help_Deep; I realized that nothing more is needed. Help_Step was a holdover from an attempt to do without old_help_level. Also renamed Help_Tag and improved the comments a bit. ====== help-case.dif ====== Feature: Let show_file() indicate case sensitivity toggle Previously it showed no indication that anything had happened. ====== help-help.dif ====== Feature: Don't let SPACE key show blank help.hlp screen Followup to 295-alpha-patches.tar.gz:help-help.dif. The two blank lines you inserted around the **** menu items make a difference. Unless both are absent, when you press SPACE you get a blank help screen, i.e. a screen showing just these two lines. (Another SPACE takes you back to 1st page of the help.) ====== sizeof-path.dif ====== Bugfix/Cleanup: Remove magic numbers in pathnames. ** THIS PATCH DEPENDS ON sizeof-strncat.dif ** ** THIS PATCH IS NEEDED BY userdir-delay.dif ** This patch replaces most of 295-alpha-patches.tar.gz:sizeof-path.dif. Mostly, replace 1024 by FILENAME_MAX, or in some cases MAX(FILENAME_MAX, ) where a variable has dual use, or in case of main-acn.c:translate_name() - where there is no telling which relevant "max path size" constant is largest. For savefile[] I use sizeof(savefile) -- a change in savefile's size explodes all over some of the main-* code. And maybe over variants' private code, for all I know. The same goes for a path variable in main-mac.c: the path is given to a function with its own opinions about filename sizes. Sizeof is also used for some paths in structure members. path[] in files.c:show_file() has size sizeof(filename) because filename[] is copied into path[]. The rest of the changes should be self-explanatory. Bugfixes: - Changes 256 and 1024 for the same buffer size main-dos.c:play_song() to FILENAME_MAX. - Increases pathname size in main-acn.c:translate_name() to match pathnames used elsewhere in Angband. ====== sizeof-strncat.dif ====== Bug: Buffer overrun if some filenames are too long. ** THIS PATCH IS NEEDED BY sizeof-path.dif ** Use (*buf = '\0'; strncat(buf,...) instead of strcpy(buf,...) to prevent buffer overruns if some filenames are too long. ====== sizeof-tempfile.dif ====== Cleanup: Remove magic numbers in my_fopen_temp() pathnames. This patch replaces some of 295-alpha-patches.tar.gz:sizeof-path.dif. The size of my_fopen_temp() buffers couldn't be replaced with FILENAME_MAX, since FILENAME_MAX might in theory be smaller than MAX(L_tmpnam, 14). FILENAME_MAX is a _recommended_ size, not a guaranteed max size. ====== strncpy.dif ====== Bugfix: strncpy() does not always \0-terminate the string. Use string[0] = '\0'; strncat instead. (The alternative is the slower strncpy; string[maxlen-1] = '\0'; which \0-fills the array.) ====== userdir-delay.dif ====== Feature: Rewrite of the delay-mkdir(~/.angband/) patch. ** THIS PATCH DEPENDS ON sizeof-path.dif ** If you did not apply sizeof-path.dif, replace FILENAME_MAX in this patch file with 1024. If you are _going_ to apply that patch, I suggest you do so first, so it won't conflict with changes from this one. I always find it irritating when programs create useless junk in $HOME. This patch delays mkdir(~/.angband/) until that directory is needed. Rewritten as described in my mail about that patch; ignore this patch if you have already applied the changes described there: - As before, change create_user_dir() to create_user_dir_when_needed(file), which temporarily drops privileges (if any) and creates ANGBAND_USER_DIR if starts with that directory. Call it from my_fopen() & co. - Add a global bool have_permissions = TRUE; to files.c, reset/set it in safe_setuid_(), and test it before ~/.angband/ is created. If we have permissions, the file we are about to write should not be in ANGBAND_USER_DIR. - As before, also keep track of whether or not ANGBAND_USER_DIR has been created from PRIVATE_USER_PATH at all.