Commit Graph

85 Commits

Author SHA1 Message Date
Craig Small
a2b7106793 snice: Fix matching on PID
@MarsChan correctly pointed out that the read() always returns 128
bytes, so skipping on >= 128 will always mean we skip. Their suggestion
was to remove the equality, but read will never go past 128 bytes so
I just removed that part of the check.

References:
 procps-ng/procps!89
2019-10-22 08:14:35 +11:00
Qualys Security Advisory
7367c4b1fd skill: Do not scan past the null-terminator in check_proc(). 2018-05-19 07:32:21 +10:00
Qualys Security Advisory
a9ee0bf622 skill: Check return value of str*chr() in check_proc(). 2018-05-19 07:32:21 +10:00
Qualys Security Advisory
52673d2fc7 skill: Properly null-terminate buf in check_proc().
Right now, if read() returns less than 127 bytes (the most likely case),
the end of the "string" buf will contain garbage from the stack, because
buf is always null-terminated at a fixed offset 127. This is especially
bad because the next operation is a strrchr().

Also, make sure that the whole /proc/PID/stat file is read, otherwise
its parsing may be unsafe (the strrchr() may point into user-controlled
data, comm). This should never happen with the current file format (comm
is very short), but be safe, just in case.
2018-05-19 07:32:21 +10:00
Qualys Security Advisory
37547e9f5f skill: Check the return value of fstat(). 2018-05-19 07:32:21 +10:00
Qualys Security Advisory
858df7cc89 skill: Prevent multiple overflows in ENLIST().
First problem: saved_argc was used to calculate the size of the array,
but saved_argc was never initialized. This triggers an immediate heap-
based buffer overflow:

$ skill -c0 -c0 -c0 -c0
Segmentation fault (core dumped)

Second problem: saved_argc was not the upper bound anyway, because one
argument can ENLIST() several times (for example, in parse_namespaces())
and overflow the array as well.

Third problem: integer overflow of the size of the array.
2018-05-19 07:32:21 +10:00
Qualys Security Advisory
56e696ca5f skill: Fix double-increment of pid_count.
No need to "pid_count++;" because "ENLIST(pid," does it already. Right
now this can trigger a heap-based buffer overflow.

Also, remove the unneeded "pid_count = 0;" (it is static, and
skillsnice_parse() is called only once; and the other *_count variables
are not initialized explicitly either).
2018-05-19 07:32:21 +10:00
Qualys Security Advisory
b019fdba5c skill: Remove unused NEXTARG macro. 2018-05-19 07:32:21 +10:00
Qualys Security Advisory
0e1964bfbc skill: Always NULL-terminate argv.
The memmove() itself does not move the NULL-terminator, because nargs is
decremented first. Copy how skill_sig_option() does it: decrement nargs
last, and remove the "if (nargs - i)" (we are in "while (i < nargs)").
2018-05-19 07:32:21 +10:00
Qualys Security Advisory
453e1df5d1 skill: Fix getline() usage.
man getline: "If *lineptr is set to NULL and *n is set 0 before the
call, then getline() will allocate a buffer for storing the line. This
buffer should be freed by the user program even if getline() failed."
2018-05-19 07:32:21 +10:00
Qualys Security Advisory
7d6977b6f7 skill: Simplify the kill_main() loop.
Right now the "loop=0; break;" is never reached.
2018-05-19 07:32:21 +10:00
Wayne Porter
53e101452f Consolidated patch of previously merged CYGWIN support
The combined results of merge request #49 without that
overhead plus distortion in this repository's history.

Prototyped-by: Wayne Porter <wporter82@gmail.com>
2017-09-03 20:59:23 +10:00
Craig Small
9ca2f35f04 kill: a better option parser
The previous commit would not work in newlib. Further investigation
found a better way of parsing this extra option using optind

References:
 commit 536cea324b
2017-02-07 22:37:36 +11:00
Craig Small
536cea324b kill: -l space between name parses correctly
kill -lHUP would work correctly, but kill -l HUP would not.

The list option in kill was hit by a quirk of getopt_long where an
option with an optional argument would not attempt to get the argument
beyond the space, even though a mandatory argument would do that.

The fix is a kludge to scan to the next argument and if it looks
like something we can use, use it. Lucky for us, the list option is
one where parsing can stop immediately.

Thanks to Brian Vandenberg for the way forward.

References:
 http://stackoverflow.com/questions/1052746/getopt-does-not-parse-optional-arguments-to-parameters
 https://bugs.debian.org/854407
2017-02-07 22:05:18 +11:00
Craig Small
639c58312b library: rename clashing pwcache functions
On MacOS the system already has user_from_uid and group_from_gid.
These are renamed pwcache_get_user and pwcache_get_group.

For the old library, pwcache_get_user needs to be exported
for skill.

References:
 https://gitlab.com/procps-ng/procps/issues/34

Signed-off-by: Craig Small <csmall@enc.com.au>
2016-07-06 22:26:02 +10:00
Craig Small
672eea2832 kill: Correct pid type
Previous commit used a pid type of int in the printf, this should
be a long.
2016-07-02 15:18:29 +10:00
Craig Small
07642b8ea6 kill: report error if cannot kill process
Shell kill would report a problem if you tried to kill a process
while procps kill was silent. This meant it looked like kill worked
when it actually failed.

References:
 https://bugs.debian.org/733172
2016-07-02 12:25:14 +10:00
Benedikt Böhm
b42997b6c9 fix parsing of negative PIDs
Signed-off-by: Craig Small <csmall@enc.com.au>
2016-04-17 14:59:11 +10:00
Filipe Brandenburger
27b2937d2d kill: print usage if no pid is passed in command line
This makes a command such as `kill -TERM` or `kill -9` fails and prints
usage, instead of silently succeeding.

The behavior is consistent with how `kill` behaves without an explicit
signal, or with the behavior of the `kill` builtin in a shell like bash.

Signed-off-by: Filipe Brandenburger <filbranden@google.com>
2015-07-07 10:39:49 -07:00
Filipe Brandenburger
d1d2ccf732 skill: fix command line with signal, again
Have skill_sig_option sanitize the command line by properly decrementing
*argc after moving the arguments to remove the -signal one.

One bug caused by this issue was when running `kill -1`, then the code
would interpret -1 as both SIGHUP and as process group -1 and send
SIGHUP to all of them. Or `kill -28` which would send SIGWINCH to
process group -2 (in another bug, the -pgid support only accepts a
single digit, fix for that bug will follow.)

This also reverts commit 7610b3128e ("skill: fix command line with
signal") which worked around this bug in `skill` and also removes the
"sigopt" hack which worked around this bug in `kill`.

The skill_sig_option implementation is compatible with signal_option()
from pgrep.c. I plan to factor them out into a single source file in a
follow up commit, to prevent the duplication.

This commit fixes the issues reported above. I also tested the issues
from commit 7610b3128e, `skill -9 -t pts/0` works as expected, also
tried `kill` with -signal and a number of pids and it worked as
expected.

Also tested that `make check` and `make distcheck` keep working.

Signed-off-by: Filipe Brandenburger <filbranden@google.com>
2015-07-07 10:39:49 -07:00
Craig Small
7610b3128e skill: fix command line with signal
If skill was used with a signal number then it would intepret
the command line with last option interpreted twice. This often
confused the program so it just would end up killing nothing.
So this would work:
skill -t pts/0
This would not:
skill -9 -t pts/0

The kill path (in the same file) uses the same logic that has
been introduced here.

References: https://www.freelists.org/post/procps/skill-command-does-not-work-in-debian-7-releases

    Signed-off-by: Craig Small <csmall@enc.com.au>
2015-01-24 17:11:11 +11:00
Yuri Chornoivan
2ec9f5c22e Minor i18n fixes
Minor fixes that the translator (Yuri) has found in some of the
strings. You only know how many typos and thinkos you have when
someone is trying to translate it.

Signed-off-by: Craig Small <csmall@enc.com.au>
2014-03-03 21:58:56 +11:00
Craig Small
8e7ef322e2 Update help files
Benno Schulenberg suggested some changes to the help messages
to provide some consistency and clarity for both the users and
translators of procps.

The test needed to be updated as the pmap output changed too.

Signed-off-by: Craig Small <csmall@enc.com.au>
2014-02-02 18:13:01 +11:00
Craig Small
39210a89de PID -2 to -9 for kill too
Commit 4359cf0698 restored kill's ability
to kill PID -1. This however left PIDs -2 to -9 (or rather process
groups 2 to 9) still having this problem. The check is now generically
looking for a digit and parses it correctly.
2014-01-29 22:28:02 +11:00
Craig Small
4359cf0698 kill for PID -1 restored
Both the man page and the shell builtin kill mention you can
use PID -1, which means nuke everything you can get at.
Alas this "fun" option was missing and the only way to get
around it was with "kill -HUP -- -1".

This small change means kill -HUP -1 is back for all those
destructive types. The error was introduced when the argument
parser was fixed for other problems.

Thanks to Mike for pointing this out.

Signed-off-by: Craig Small <csmall@enc.com.au>
2014-01-28 22:35:26 +11:00
Craig Small
8a38cd5eb4 Split help lines to help translators
To assist translators, the help lines are split so that each translation
chunk has one option. This gives bonus of if we add or change an option,
only that option remains untranslated rather than the entire help block.

Reference:
  http://www.freelists.org/post/procps/procpsng-for-Translation-Project,1

Signed-off-by: Craig Small <csmall@enc.com.au>
2013-12-28 09:25:39 +11:00
Jim Warner
e6bbcdb492 misc: correct additional errors from merge request #13
Additional errors resulting from merge request #13 are
being addressed in this commit. They involve two cases
of trailing whitespace and one xwarnx printf type arg.

Reference(s):
http://gitorious.org/procps/procps/merge_requests/13
. earlier build-sys fix
commit e2242cb943
. original merge
commit dd6f24dbed

Signed-off-by: Jim Warner <james.warner@comcast.net>
2013-09-17 20:27:02 +02:00
Craig Small
dd6f24dbed Merge commit 'refs/merge-requests/13' of git://gitorious.org/procps/procps into merge-requests/13
Conflicts:
	pgrep.c
	ps/output.c
	ps/ps.1
2013-09-11 21:34:05 +10:00
Aristeu Rozanski
91d225f3b8 skill: support namespaces
In the same fashion of pgrep, introduce two new options:
	--ns <pid>
	- nslist <ns,...>
which allows processes to be filtered by namespace.

Signed-off-by: Aristeu Rozanski <arozansk@redhat.com>
2013-04-18 13:59:44 -04:00
Rainer Müller
042776e04c configure: check for program_invocation_name
For portabiliy, check for program_invocation_name during configure and
define HAVE_PROGRAM_INVOCATION_NAME accordingly. Use of this symbol is
now enclosed with the appropriate #ifdef block.

The symbol program_invocation_name is only used for error message
handling using error(), so it's safe to omit this if it is not
available.
2013-03-20 16:32:06 +01:00
Sami Kerola
c8554e6c0f skill: fix compiler warnings
skill.c:340:5: warning: no previous declaration for 'skill_sig_option' [-Wmissing-declarations]
skill.c:460:5: warning: no previous declaration for 'snice_prio_option' [-Wmissing-declarations]

Signed-off-by: Sami Kerola <kerolasa@iki.fi>
2012-11-06 22:28:30 +11:00
Craig Small
19b6f48990 kill -PID fixed
Bug-Debian: http://bugs.debian.org/688731

kill would not permit negative PIDs and thought they were options. kill
now explicitly checks for unknown options and if they are numeric
assumes they are negative PIDs.  The first negative PID stops any
further option processing.

Signed-off-by: Craig Small <csmall@enc.com.au>
2012-10-02 21:56:38 +10:00
Mike Frysinger
c6e3ec4602 skill: check return value of getline
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2012-05-22 20:19:03 +10:00
Sami Kerola
34344de979 build-sys: uClibc does not have rpmatch()
Add simple replacement with hardcoded y/n responses to allow
compilation on systems without rpmatch().

Signed-off-by: Sami Kerola <kerolasa@iki.fi>
2012-04-18 10:03:55 +02:00
Sami Kerola
52269d22f3 all: check stdout and stderr status at exit
If stream status is not checked at the end of execution below problem
would not report error, or non-zero exit code.  The uptime is just an
example same was true with all commands of the project.

$ uptime >&- ; echo $?
uptime: write error: Bad file descriptor
1
$ uptime >/dev/full ; echo $?
uptime: write error: No space left on device
1

Signed-off-by: Sami Kerola <kerolasa@iki.fi>
2012-03-23 15:57:53 +01:00
Sami Kerola
be34477bbd skill: remove dead code
Commit 991b8a94f0 took use
getopt_long(), which means the code that is related to earlier
selfmade argument parsing is unnecessary.

Signed-off-by: Sami Kerola <kerolasa@iki.fi>
2012-03-16 14:34:21 +01:00
Sami Kerola
ce61089059 docs: clarification to license headers in files
Add license header to all files.  The summary of licensing is below,
taken from Craig Small's email which is referred in commit message
tail.

sysctl and pgrep are GPL 2+
The rest is LGPL 2.1+

Reference: http://www.freelists.org/post/procps/Incorrect-FSF-address-in-the-license-files,8
Bug-Redhat: https://bugzilla.redhat.com/show_bug.cgi?id=797962
CC: Craig Small <csmall@enc.com.au>
CC: Jaromir Capik <jcapik@redhat.com>
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
2012-03-03 18:41:11 +11:00
Sami Kerola
ef4a6bef5f skill: fix argument parsing regression
Command skill accepted earlier command name as argument.  This did
not work since commit 991b8a94f0.

Reported-By: "Anne C. Hanna" <orion@ugcs.caltech.edu>
Bug-Debian: http://bugs.debian.org/659038
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
2012-02-11 21:42:35 +01:00
Sami Kerola
8cd53e16b5 skill: ensure optarg is not null [smatch scan]
skill.c:549 skillsnice_parse(87) error: we previously assumed 'optarg' could be null (see line 539)

Signed-off-by: Sami Kerola <kerolasa@iki.fi>
2012-02-05 20:54:58 +01:00
Craig Small
8955ec26fe Merge remote-tracking branch 'sami/vapier' 2012-01-24 22:36:28 +11:00
Mike Frysinger
afaf698896 use helpers from c.h
A few files still use the C library helpers from err.h, so migrate
them to the local c.h helpers.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2012-01-24 08:55:05 +01:00
Sami Kerola
7fc80ffa42 skill: exclude debugging strings from nls
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
2012-01-22 01:23:59 +01:00
Sami Kerola
79ceb30b5c ps: unify cases and remove trailing dots in messages
Strings with lower caps & no trailing dots have greater change to
have multiple occurences, meaning less effort for translators, than
strings with them.

Signed-off-by: Sami Kerola <kerolasa@iki.fi>
2012-01-15 20:52:58 +01:00
Craig Small
fb11e1fe0a Changed the err and warns to macros
err and warn are BSD format but they are not recommended by library
developers.  However their consiseness is useful!

The solution is to use some macros that create xerr etc which then
just map to the error() function.  The next problem is error() uses
program_invocation_name so we set this to program_invovation_short_name

This is a global set but seems to be the convention (or at least errors
are on the short name only) used everywhere else.
2012-01-03 18:48:43 +11:00
Sami Kerola
c3405fab1a translations: group usage texts
Reference: http://www.freelists.org/post/procps/backporting,5
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
2012-01-02 16:29:03 +11:00
Sami Kerola
0022b6ec5d nls: improve translations and provide translator help comments
Reference: http://www.freelists.org/post/procps/backporting,1
Reported-by: Jim Warner <james.warner@comcast.net>
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
2011-12-20 17:30:54 +01:00
Sami Kerola
c862a4caa5 nls: add functions which take translations to be used
Add the following three functions to most of the commands.

setlocale (LC_ALL, "");
bindtextdomain(PACKAGE, LOCALEDIR);
textdomain(PACKAGE);

Reference: http://www.freelists.org/post/procps/backporting,1
Reported-by: Jim Warner <james.warner@comcast.net>
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
2011-12-20 17:30:53 +01:00
Sami Kerola
b40353c91e skill: use rpmatch() to yes/no question
The patch also removes fixed size of input, which can be problematic.
I do not know how long the string `yes' might be in all of the worlds
languages.

Signed-off-by: Sami Kerola <kerolasa@iki.fi>
2011-12-20 17:30:53 +01:00
Sami Kerola
1ac2921f6f skill: fix compiler warnings
Pretty much all of the warnings where caused by some of the previous
patches, and they became visible with gcc when compiling with;

CFLAGS="-O -g -ggdb -Wall -Wextra -pedantic -Wstrict-overflow
	-Wformat -Wswitch-default -Wswitch-enum -Wsync-nand
	-Wredundant-decls -Wuninitialized"

Signed-off-by: Sami Kerola <kerolasa@iki.fi>
2011-12-20 17:30:53 +01:00
Sami Kerola
d8d94a87ef skill: add long options to usage output
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
2011-12-20 17:30:53 +01:00