top: Do not default to the cwd in configs_r... Tweaked
While it's only documented (so far) in commit text and an occasional email I've tried to maintain some coding standards primarily for reference/navigation purposes. They also served, I felt, as useful mental challenges. Someday I will get around to formerly documenting them but in the meantime here are the ones for this commit: . functions are grouped into logical (i hope) sections . functions & sections are ordered to avoid prototypes . function names are alphabetical within every section . all functions & sections must be referenced in top.h This patch just attempts to honor the above standards, while also covering this new behavior in the man page. [ please note that the net result of these 2 patches ] [ is simply to avoid pathname truncations should our ] [ limit of 1024 be exceeded. they do not have a role ] [ in solving the 'local privilege escalation' issue. ] [ and we can never prevent a user from setting their ] [ HOME var to a directory writable by some attacker! ] [ the only real protection for that CVE-2018-1122 is ] [ those soon to be enhanced rcfile integrity checks, ] [ achieved through several of the following patches. ] Reference(s): . original qualys patch 0097-top-Do-not-default-to-the-cwd-in-configs_read.patch commit b45c4803dd176f4e3f9d3d47421ddec9bbbe66cd Signed-off-by: Jim Warner <james.warner@comcast.net>
This commit is contained in:
parent
c32ab58b94
commit
e531c78140
@ -67,7 +67,7 @@
|
||||
.
|
||||
.\" Document /////////////////////////////////////////////////////////////
|
||||
.\" ----------------------------------------------------------------------
|
||||
.TH TOP 1 "January 2018" "procps-ng" "User Commands"
|
||||
.TH TOP 1 "May 2018" "procps-ng" "User Commands"
|
||||
.\" ----------------------------------------------------------------------
|
||||
|
||||
.\" ----------------------------------------------------------------------
|
||||
@ -2182,8 +2182,8 @@ While not intended to be edited manually, here is the general layout:
|
||||
" # discussed below
|
||||
.fi
|
||||
|
||||
If the $HOME and $XDG_CONFIG_HOME variables are not present, \*(We will try
|
||||
to write the personal \*(CF in the current directory, subject to permissions.
|
||||
If a valid absolute path to the rcfile cannot be established, customizations
|
||||
made to a running \*We will be impossible to preserve.
|
||||
|
||||
.\" ......................................................................
|
||||
.SS 6b. ADDING INSPECT Entries
|
||||
|
31
top/top.c
31
top/top.c
@ -3713,7 +3713,7 @@ static int config_cvt (WIN_t *q) {
|
||||
|
||||
|
||||
/*
|
||||
* A configs_read *Helper* function responsible for processing
|
||||
* A configs_reads *Helper* function responsible for processing
|
||||
* a configuration file (personal or system-wide default) */
|
||||
static const char *config_file (FILE *fp, const char *name, float *delay) {
|
||||
char fbuf[LRGBUFSIZ];
|
||||
@ -3861,19 +3861,24 @@ error Hey, fix the above fscanf 'PFLAGSSIZ' dependency !
|
||||
} // end: config_file
|
||||
|
||||
|
||||
static int snprintf_Rc_name (const char *const format, ...) __attribute__((format(printf,1,2)));
|
||||
static int snprintf_Rc_name (const char *const format, ...) {
|
||||
/*
|
||||
* A configs_reads *Helper* function responsible for ensuring the
|
||||
* complete path was established, otherwise force the 'W' to fail */
|
||||
static int configs_path (const char *const fmts, ...) __attribute__((format(printf,1,2)));
|
||||
static int configs_path (const char *const fmts, ...) {
|
||||
int len;
|
||||
va_list ap;
|
||||
va_start(ap, format);
|
||||
len = vsnprintf(Rc_name, sizeof(Rc_name), format, ap);
|
||||
|
||||
va_start(ap, fmts);
|
||||
len = vsnprintf(Rc_name, sizeof(Rc_name), fmts, ap);
|
||||
va_end(ap);
|
||||
if (len <= 0 || (size_t)len >= sizeof(Rc_name)) {
|
||||
Rc_name[0] = '\0';
|
||||
return 0;
|
||||
len = 0;
|
||||
}
|
||||
return len;
|
||||
}
|
||||
} // end: configs_path
|
||||
|
||||
|
||||
/*
|
||||
* Try reading up to 3 rcfiles
|
||||
@ -3891,7 +3896,7 @@ static int snprintf_Rc_name (const char *const format, ...) {
|
||||
* Any remaining lines are devoted to the 'Inspect Other' feature
|
||||
* 3. 'SYS_RCDEFAULTS' system-wide defaults if 'Rc_name' absent
|
||||
* format is identical to #2 above */
|
||||
static void configs_read (void) {
|
||||
static void configs_reads (void) {
|
||||
float tmp_delay = DEF_DELAY;
|
||||
const char *p, *p_home;
|
||||
FILE *fp;
|
||||
@ -3918,7 +3923,7 @@ static void configs_read (void) {
|
||||
}
|
||||
}
|
||||
if (p_home) {
|
||||
snprintf_Rc_name("%s/.%src", p_home, Myname);
|
||||
configs_path("%s/.%src", p_home, Myname);
|
||||
}
|
||||
|
||||
if (!(fp = fopen(Rc_name, "r"))) {
|
||||
@ -3929,9 +3934,9 @@ static void configs_read (void) {
|
||||
p = fmtmk("%s/.config", p_home);
|
||||
(void)mkdir(p, 0700);
|
||||
}
|
||||
if (!snprintf_Rc_name("%s/procps", p)) goto system_default;
|
||||
if (!configs_path("%s/procps", p)) goto system_default;
|
||||
(void)mkdir(Rc_name, 0700);
|
||||
if (!snprintf_Rc_name("%s/procps/%src", p, Myname)) goto system_default;
|
||||
if (!configs_path("%s/procps/%src", p, Myname)) goto system_default;
|
||||
fp = fopen(Rc_name, "r");
|
||||
}
|
||||
|
||||
@ -3965,7 +3970,7 @@ default_or_error:
|
||||
#else
|
||||
error_exit(p);
|
||||
#endif
|
||||
} // end: configs_read
|
||||
} // end: configs_reads
|
||||
|
||||
|
||||
/*
|
||||
@ -6111,7 +6116,7 @@ int main (int dont_care_argc, char **argv) {
|
||||
before(*argv);
|
||||
// +-------------+
|
||||
wins_stage_1(); // top (sic) slice
|
||||
configs_read(); // > spread etc, <
|
||||
configs_reads(); // > spread etc, <
|
||||
parse_args(&argv[1]); // > lean stuff, <
|
||||
whack_terminal(); // > onions etc. <
|
||||
wins_stage_2(); // as bottom slice
|
||||
|
@ -763,7 +763,8 @@ typedef struct WIN_t {
|
||||
//atic void before (char *me);
|
||||
//atic int config_cvt (WIN_t *q);
|
||||
//atic const char *config_file (FILE *fp, const char *name, float *delay);
|
||||
//atic void configs_read (void);
|
||||
//atic int configs_path (const char *const fmts, ...);
|
||||
//atic void configs_reads (void);
|
||||
//atic void parse_args (char **args);
|
||||
//atic void whack_terminal (void);
|
||||
/*------ Windows/Field Groups support ----------------------------------*/
|
||||
|
Loading…
x
Reference in New Issue
Block a user