emo/procps
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

0026-skill: Fix double-increment of pid_count.

Browse Source 
No need to "pid_count++;" because "ENLIST(pid," does it already. Right
now this can trigger a heap-based buffer overflow.

Also, remove the unneeded "pid_count = 0;" (it is static, and
skillsnice_parse() is called only once; and the other *_count variables
are not initialized explicitly either).
This commit is contained in:
Qualys Security Advisory 1970-01-01 00:00:00 +00:00 committed by Craig Small
parent 18efff2a1f
commit 3f75d105b9
1 changed files with 0 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
skill.c
View File

@ -429,8 +429,6 @@ static void parse_options(int argc,
sig_or_pri = signo;
}
pid_count = 0;
while ((ch =
getopt_long(argc, argv, "c:dfilnp:Lt:u:vwhV", longopts,
NULL)) != -1)
@ -457,7 +455,6 @@ static void parse_options(int argc,
ENLIST(pid,
strtol_or_err(optarg,
_("failed to parse argument")));
pid_count++;
break;
case 'L':
pretty_print_signals();
@ -526,7 +523,6 @@ static void parse_options(int argc,
num = strtol(argv[0], &end, 10);
if (errno == 0 && argv[0] != end && end != NULL && *end == '\0') {
ENLIST(pid, num);
pid_count++;
} else {
ENLIST(cmd, argv[0]);
}