Not exploitable (not under an attacker's control), but still a potential
non-security problem. Copied, fixed, and used the grow_size() macro from
pidof.c.
memset()ing task and subtask inside their loops prevents free_acquired()
(in readproc() and readtask()) from free()ing their contents (especially
cmdline and environ).
Our solution is not perfect, because we still memleak the very last
cmdline/environ, but select_procs() is called only once, so this is not
as bad as it sounds.
It would be better to leave subtask in its block and call
free_acquired() after the loop, but this function is static (not
exported).
The only other solution is to use freeproc(), but this means replacing
the stack task/subtask with xcalloc()s, thus changing a lot of code in
pgrep.c (to pointer accesses).
Hence this imperfect solution for now.
If pgrep is run with a non-program name match and there are
no matches, it segfaults.
The testsuite thinks zero bytes sent, and zero bytes sent
because the program crashed is the same :/
References:
commit 1aacf4af7fhttps://bugs.debian.org/894917
Signed-off-by: Craig Small <csmall@enc.com.au>
By default pgrep/pkill should not kill processes in a namespace it is not
part of. If this is allowed, it allows callers to break namespaces they did
not expect to affect, requiring rewrite of all callers to fix.
So by default, we should work in the current namespace. If --ns 0 is
specified, they we look at all namespaces, and if any other pid is specified
we continue to look in only that namespace.
Signed-off-by: Debabrata Banerjee <dbanerje@akamai.com>
Original report:
When trying kill a process with insufficient privileges (see blow),
pkill displays the error message “... failed: Operation not permitted”,
but returns 0. Surely it should return 3?
$ pkill syslogd ; echo $?
pkill: killing pid 373 failed: Operation not permitted
0
Return value 0 means one of more things matched. For a pgrep (which
shares code with pkill) this makes sense, there was a match. It seems
wrong for pkill to return 0 when it in fact could not do what you told
it to. However return value 3 means a fatal error and it's not fatal.
Looking at other programs when trying to kill things it cannot kill.
shell kill returns 1, procps kill returns 1, killall returns 1, skill
returns 0 (and says it was successful!, ah well poor old skill)
The consensus seems to be that you return 1 if you cannot kill it, even
if you found it. In other words the return value for both not found and
not able to kill it is the same.
pkill only returns 0 if something was killed. This means we found a
match AND the kill() system call worked too.
References:
https://bugs.debian.org/852758
Signed-off-by: Craig Small <csmall@enc.com.au>
There is now a warning if your command is longer than 15 characters
and therefore can never match. Except it was checking for more than
16 characters.
Adjusted this and added a test case.
References:
!25
commit 8e8835b2ee
This commit prevents pkill from accepting something like `-1garbage` as
a SIGHUP. The previous code was using atoi() which does not check for
trailing garbage and would parse the above as 1.
Handling numeric signals in signal_option() is not really necessary,
since signal_name_to_number() will recognize numeric signals and parse
them properly using strtol() and checking for trailing garbage. It also
checks that the numeric signals are in the proper range. So all we need
to do is remove the buggy numeric signal handling here.
Tested with `pkill -1garbage sleep`, after this patch it will complain
that "1" is not a valid option, which is the expected.
Signed-off-by: Filipe Brandenburger <filbranden@google.com>
It doesn't make any sense to have the binary version strings
embedded into the library. The version strings are defined
already either in the Makefile or in include/c.h
Recent commit 9742c74e7c ("pgrep: Enable case-insensitive process matching")
caused the "opts" string to overflow the show 32-character space allocated for
it.
Bump it up to 64 bytes, which should be enough even if more options are added.
Tested: Running ./pgrep stopped crashing and `make check` passed.
Signed-off-by: Filipe Brandenburger <filbranden@google.com>
FreeBSD has case-insensitive matching of processes in pgrep and
pkill, which can be super-useful. This patch uncomments and
documents the code needed to make this work.
Signed-off-by: Craig Small <csmall@enc.com.au>
The loop that parses options has a of by one bug where the realloc
adds one byte, instead of one list element. This is exposed when
you try things like:
pgrep -t,,,,
Signed-off-by: Craig Small <csmall@enc.com.au>
The pgrep usage() rework commit from 26-Sep-2011 introduced
a regression in exitcodes and the pgrep tool now returns
EXIT_FAILURE (1) or even EXIT_SUCCESS (0) instead
of the documented EXIT_USAGE (2). This commit fixes
the usage() so that the exitcodes match the manual.
Benno Schulenberg suggested some changes to the help messages
to provide some consistency and clarity for both the users and
translators of procps.
The test needed to be updated as the pmap output changed too.
Signed-off-by: Craig Small <csmall@enc.com.au>
pgrep does not show the full command line when the -a and -u flags are
combined. The -a flag is ignored when the -u flag is used as well.
In addition, the supplied patch by Elliot did not fix the problem
when invert flag ( -v ) was used; a very small tweak to the patch
fixed this problem as well. This problem existed before.
Signed-off-by: Craig Small <csmall@enc.com.au>
To assist the translators, each option is a separate string.
This means if we add/change/delete an option the remaining ones
will just keep working and only the impacted option needs some
translation work on it.
Additional errors resulting from merge request #13 are
being addressed in this commit. They involve two cases
of trailing whitespace and one xwarnx printf type arg.
Reference(s):
http://gitorious.org/procps/procps/merge_requests/13
. earlier build-sys fix
commit e2242cb943
. original merge
commit dd6f24dbed
Signed-off-by: Jim Warner <james.warner@comcast.net>
A PID should be specified with --ns:
$ pgrep --ns 12345
which will only match the processes which belong to to the same 6
namespaces. It is also possible to specify which namespaces to test:
$ pgrep --ns 12345 --nslist mnt,net,ipc
which will match processes that belong to the same mount, network and
IPC namespaces as PID 12345.
Signed-off-by: Aristeu Rozanski <arozansk@redhat.com>
An earlier commit attempted to cleanse our environment
of all useless trailing whitespace. But the effort did
not catch 'empty' lines with a single space before ^J.
This commit hopefully finishes off the earlier effort.
In the meantime, let's pray that contributors' editors
are configured so that such wasted crap is disallowed!
Reference(s):
commit fe75e26ab6
Signed-off-by: Jim Warner <james.warner@comcast.net>
For portabiliy, check for program_invocation_name during configure and
define HAVE_PROGRAM_INVOCATION_NAME accordingly. Use of this symbol is
now enclosed with the appropriate #ifdef block.
The symbol program_invocation_name is only used for error message
handling using error(), so it's safe to omit this if it is not
available.
The entire tree's polluted with inappropriate trailing
whitespace. This commit rids our environment of all of
those useless keystrokes. Unfortunately, it sure ain't
a permanent solution and requires every contributor to
instruct their editor(s) to prevent or eliminate them.
Plus it's strongly recommended we all insert something
like what's shown below to our '.gitconfig' file so as
to provide at least some warnings when we try to apply
any patches (git am) that do contain the #@!%& things!
References(s):
~/.gitconfig excerpt ---------------------------------
[core]
whitespace = trailing-space, space-before-tab, blank-at-eof
[apply]
whitespace = warn
--------------------------------- ~/.gitconfig excerpt
Signed-off-by: Jim Warner <james.warner@comcast.net>
Possibly by a side-effect but pkill -c option used to work which would
print the number of killed processes. This small change restores this
functionality.
Bug-Debian: http://bugs.debian.org/693783
Signed-off-by: Craig Small <csmall@enc.com.au>
pgrep.c:195:12: warning: 'fcntl_lock' defined but not used [-Wunused-function]
pgrep.c:575:5: warning: no previous declaration for 'signal_option' [-Wmissing-declarations]
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
pgrep used delimiter and delimeter, the correct spelling is delimiter.
Thanks to Alexander Kobel for the heads-up.
Signed-off-by: Craig Small <csmall@enc.com.au>
Commig a5d9c40262 caused signal spec,
again, to be required as first option; for example
pkill -3 <program> # worked
pkill <program> -3 # did not
This commit fixes the regression, without breaking option -u <numeric>
argument, assuming no-one is using negative numeric UID specifications
with space after -u && the argument. IMHO such use case is rare enough
to be broken.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Commit a5d9c40262 had one small problem.
In that function its *argc not argc. This stops pgrep with no commands
from segfaulting, thankyou dejagnu!!
Signed-Off-By: Craig Small <csmall@enc.com.au>
pkill would not parse -u <uid> options correctly and needed no space
between the flag and uid.
Bug-Debian: http://bugs.debian.org/676239
Signed-Of-By: Craig Small <csmall@enc.com.au>
If stream status is not checked at the end of execution below problem
would not report error, or non-zero exit code. The uptime is just an
example same was true with all commands of the project.
$ uptime >&- ; echo $?
uptime: write error: Bad file descriptor
1
$ uptime >/dev/full ; echo $?
uptime: write error: No space left on device
1
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
pgrep.c:539:10: warning: unused variable 'buff' [-Wunused-variable]
pgrep.c:648:1: warning: "/*" within comment [-Wcomment]
pgrep.c:803:4: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Conflicts:
pgrep.c
The option -v does not make much sense in pkill context.
Reported-By: "Jason A. Spiro" <jasonspiro4@gmail.com>
Bug-Debian: http://bugs.debian.org/558044
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
I as user often try to pkill something, notice that program did not
die and pkill again with signal -9. Before this commit previous one
could not add signal at the end of command line, as the signal
definition had to be first argument, which was annoying.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
The c++ comments e.g. // should not be used in c code. Additionally
white spaces are converted to tabs as a small clean up.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
pgrep.c: In function 'main':
pgrep.c:793:4: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long int' [-Wformat]
vmstat.c: In function 'diskpartition_format':
vmstat.c:382:9: warning: format '%u' expects argument of type 'unsigned int', but argument 5 has type 'long long unsigned int' [-Wformat]
vmstat.c:408:10: warning: format '%u' expects argument of type 'unsigned int', but argument 5 has type 'long long unsigned int' [-Wformat]
w.c: In function 'main':
w.c:394:4: warning: format '%d' expects argument of type 'int', but argument 4 has type 'long unsigned int' [-Wformat]
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Add new command line options -e, --echo to display what is
killed. Cost of this change is greater run time memory footprint,
because an union had to be changed to struct to allow name and
pid printing which what I as an user would expect to see in
verbose kill output.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
pgrep.c:786:4: warning: format '%ld' expects argument of type 'long int', but argument 3 has type 'int' [-Wformat]
Signed-off-by: Sami Kerola <kerolasa@iki.fi>