proc/readproc.c: Harden stat2proc().
1/ Use a "size_t num" instead of an "unsigned num" (also, do not store the return value of sscanf() into num, it was unused anyway). 2/ Check the return value of strchr() and strrchr(). 3/ Never jump over the terminating null byte with "S = tmp + 2".
This commit is contained in:
parent
20269a4129
commit
344f6d3c0e
@ -582,7 +582,7 @@ static void sd2proc(proc_t *restrict p) {
|
|||||||
// Reads /proc/*/stat files, being careful not to trip over processes with
|
// Reads /proc/*/stat files, being careful not to trip over processes with
|
||||||
// names like ":-) 1 2 3 4 5 6".
|
// names like ":-) 1 2 3 4 5 6".
|
||||||
static void stat2proc(const char* S, proc_t *restrict P) {
|
static void stat2proc(const char* S, proc_t *restrict P) {
|
||||||
unsigned num;
|
size_t num;
|
||||||
char* tmp;
|
char* tmp;
|
||||||
|
|
||||||
ENTER(0x160);
|
ENTER(0x160);
|
||||||
@ -593,15 +593,19 @@ ENTER(0x160);
|
|||||||
P->sched = -1;
|
P->sched = -1;
|
||||||
P->nlwp = 0;
|
P->nlwp = 0;
|
||||||
|
|
||||||
S = strchr(S, '(') + 1;
|
S = strchr(S, '(');
|
||||||
|
if(unlikely(!S)) return;
|
||||||
|
S++;
|
||||||
tmp = strrchr(S, ')');
|
tmp = strrchr(S, ')');
|
||||||
|
if(unlikely(!tmp)) return;
|
||||||
|
if(unlikely(!tmp[1])) return;
|
||||||
num = tmp - S;
|
num = tmp - S;
|
||||||
if(unlikely(num >= sizeof P->cmd)) num = sizeof P->cmd - 1;
|
if(unlikely(num >= sizeof P->cmd)) num = sizeof P->cmd - 1;
|
||||||
memcpy(P->cmd, S, num);
|
memcpy(P->cmd, S, num);
|
||||||
P->cmd[num] = '\0';
|
P->cmd[num] = '\0';
|
||||||
S = tmp + 2; // skip ") "
|
S = tmp + 2; // skip ") "
|
||||||
|
|
||||||
num = sscanf(S,
|
sscanf(S,
|
||||||
"%c "
|
"%c "
|
||||||
"%d %d %d %d %d "
|
"%d %d %d %d %d "
|
||||||
"%lu %lu %lu %lu %lu "
|
"%lu %lu %lu %lu %lu "
|
||||||
|
Loading…
Reference in New Issue
Block a user