emo/procps
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

top: sanitized some potentially corrupt 'Inspect' data

Browse Source 
This guards against rcfile 'Inspect' entries which may
include non-printable characters. While this shouldn't
occur, we have no real control over those crazy users.

[ and, while such data can't be used maliciously, it ]
[ does adversely impact such a user's screen display ]

Signed-off-by: Jim Warner <james.warner@comcast.net>
This commit is contained in:
Jim Warner 2018-06-03 00:00:00 -05:00 committed by Craig Small
parent 34feb6183a
commit fa96f3e5dc
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
top/top.c
View File

@ -3343,6 +3343,7 @@ static const char *config_file (FILE *fp, const char *name, float *delay) {
for (i = 0, Inspect.raw = alloc_s("\n");;) {
#define iT(element) Inspect.tab[i].element
size_t lraw = strlen(Inspect.raw) +1;
int n, x;
char *s;
if (i < 0 || (size_t)i >= INT_MAX / sizeof(struct I_ent)) break;
@ -3356,6 +3357,14 @@ static const char *config_file (FILE *fp, const char *name, float *delay) {
if (fbuf[0] == '#' || fbuf[0] == '\n') continue;
Inspect.tab = alloc_r(Inspect.tab, sizeof(struct I_ent) * (i + 1));
// part of this is used in a show_special() call, so let's sanitize it
for (n = 0, x = strlen(fbuf); n < x; n++) {
if ((fbuf[n] != '\t' && fbuf[n] != '\n')
&& (fbuf[n] < ' ')) {
fbuf[n] = '.';
Rc_questions = 1;
}
}
if (!(s = strtok(fbuf, "\t\n"))) { Rc_questions = 1; continue; }
iT(type) = alloc_s(s);
if (!(s = strtok(NULL, "\t\n"))) { Rc_questions = 1; continue; }