Commit Graph

292 Commits

Author SHA1 Message Date
Jim Warner
99fed92200 ps: that restored aix behavior is now even more robust
With the commit referenced below a nasty bug affecting
aix parsing was swatted. Beyond the bug, the logic was
enhanced to disallow commas in the format string since
they would otherwise be shown with their field's data.

However, there remained many characters other than ','
that could survive the edits to then be shown adjacent
to the data. Well, with this patch they won't anymore!

[ along the way we will no longer try to forgive the ]
[ use of a double '%%' prefix since that resulted in ]
[ display of one '%' and field code instead of data. ]

Reference(s):
. March, 2022 - restored aix bahavior
commit f0b7fd31db

Signed-off-by: Jim Warner <james.warner@comcast.net>
2022-04-09 13:00:59 +10:00
Jim Warner
f0b7fd31db ps: restore aix behavior while keeping an original fix
[ since our'master' branch will suffer the same fate ]
[ this was ported from a patch created for 'newlib'. ]

-------------------------- original newlib commit text
-------------------------- (showing our master commit)

The commit shown below broke the aix behavior that Dr.
Fink recently reported. However, in the proposed patch
the old behavior, showing garbage when '%cpu' was used
with an invalid formatting option, would appear again.

So this patch, based on Werner's patch, goes the extra
distance to prevent that. Along the way we'll disallow
commas in the aix format str to prevent their display.

Reference(s):
https://www.freelists.org/post/procps/Procpsng-400-released-with-newlib,2
. Mar, 2022 - where aix bug was introduced
commit 05187e4f17

Prototyped-by: Dr. Werner Fink <werner@suse.de>
Signed-off-by: Jim Warner <james.warner@comcast.net>
2022-04-01 17:21:34 +11:00
Jim Warner
05187e4f17 ps: swat insidious bug with the %cpu' format specifier
[ the original newlib commit message(s) appear below ]

----------------------------------------- newlib patch
ps: swat insidious bug with the %cpu' format specifier

Whoa, my head really hurts but this commit should help
with a speedy recovery hopefully, after it is applied.

If the '%cpu' field is used as a format specifier with
that 'o' option, you will encounter a SIGSEGV if there
is also an invalid argument on that same command line.

For example, try 'ps/pscommand -o %cpu,x' with newlib.
With any format specifier other than the '%cpu', there
is an error message, as would happen with '-o pcpu,x'.

For a 3.3.17 version of ps, there's no abend. Instead,
the program will just display a bunch of gobbledygook.
This boo-boo was found to exist as far back as v3.3.0.

[ ok, i am starting to feel very much better already ]

Signed-off-by: Jim Warner <james.warner@comcast.net>
2022-03-15 22:13:44 +11:00
Tommi Rantala
23da4f40ea ps: ignore SIGURG
Stop registering signal handler for SIGURG, to avoid ps failure if
someone sends such signal. Without the signal handler, SIGURG will
just be ignored.

  Signal 23 (URG) caught by ps (3.3.16).
  ps:ps/display.c:66: please report this bug

https://man7.org/linux/man-pages/man7/signal.7.html
https://www.freebsd.org/cgi/man.cgi?sektion=3&query=signal
2021-10-13 20:47:44 +00:00
Jim Warner
be22291257 ps: extend utf8 multibyte support to additional fields
Form its inception (back in May of 2011), escaped_copy
has always been a flawed function. It does not operate
on 'escaped' strings but instead treats all input as a
regular string incapable of containing utf8 sequences.

As such, it should only be used for strings guaranteed
to NOT contain multibyte characters (like supgid). For
all other strings, which could contain utf8 stuff, the
correct function should have been that escape_str guy.

So this commit changes nearly every escaped_copy call.

[ note: unlike the newlib guy, the master ps program ]
[ cannot properly handle utf8 multibyte sequences in ]
[ in the recently introduced 'exe' field shown below ]

Reference(s):
. Jun 2018, introduced 'exe' field
commit b556bf5ba8
. May 2011, original escaped_copy (cmdline, cgroup)
commit 7b0fc19e9d

Signed-off-by: Jim Warner <james.warner@comcast.net>
2020-12-29 08:42:28 +11:00
Topi Miettinen
173d5214db ps: add lots of sorting functions
Use NULL in format_array to indicate that the print function shall be
used also for sorting. Change sr_nop() to NULL for all fields which
don't use pr_nop() for printing.

Before the commit (note that '--sort label' has no effect: the rows
are not sorted according to label field):
$ ps -A -o command,label --sort label | grep /lib/systemd
/lib/systemd/systemd-journa system_u:system_r:syslogd_t:s0
/lib/systemd/systemd-udevd  system_u:system_r:udev_t:s0-s0:c0.c1023
/lib/systemd/systemd-networ system_u:system_r:systemd_networkd_t:s0
/lib/systemd/systemd-resolv system_u:system_r:systemd_resolved_t:s0
/lib/systemd/systemd-timesy system_u:system_r:ntpd_t:s0
/lib/systemd/systemd-logind system_u:system_r:systemd_logind_t:s0
/lib/systemd/systemd --user user_u:user_r:user_t:s0
/lib/systemd/systemd --user root:sysadm_r:sysadm_t:s0-s0:c0.c1023
grep /lib/systemd           user_u:user_r:user_t:s0

After the commit, '--sort label' works and the output is sorted:
$ ps -A -o command,label --sort label | grep /lib/systemd
/lib/systemd/systemd --user root:sysadm_r:sysadm_t:s0-s0:c0.c1023
/lib/systemd/systemd-timesy system_u:system_r:ntpd_t:s0
/lib/systemd/systemd-journa system_u:system_r:syslogd_t:s0
/lib/systemd/systemd-logind system_u:system_r:systemd_logind_t:s0
/lib/systemd/systemd-networ system_u:system_r:systemd_networkd_t:s0
/lib/systemd/systemd-resolv system_u:system_r:systemd_resolved_t:s0
/lib/systemd/systemd-udevd  system_u:system_r:udev_t:s0-s0:c0.c1023
/lib/systemd/systemd --user user_u:user_r:user_t:s0
grep /lib/systemd           user_u:user_r:user_t:s0

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
2020-12-22 16:18:17 +11:00
Jan Rybar
b556bf5ba8 ps: new format option 'exe' now shows executable path if unavail from cmdline
Red Hat Bugzilla #1399206
2020-12-22 04:24:57 +00:00
Samanta Navarro
b0c8e3408b misc: fix typos in manual pages
Signed-off-by: Samanta Navarro <ferivoz@riseup.net>
2020-12-22 00:37:29 +00:00
Stephen Brennan
31343570e1 Set TZ to avoid repeated stat("/etc/localtime")
With glibc, each time the strftime() function is used (twice per process
in a typical ps -fe run), a stat("/etc/localtime") system call is used
to determine the timezone. Not only does this add extra system call
overhead, but when multiple ps processes are trying to access this
file (or multiple glibc programs using strftime) in parallel, this can
trigger significant lock contention within the OS kernel.

Since ps is not intended to run for long periods of time as a
daemon (during which the system timezone could be altered and PS might
reasonably be expected to adapt its output), there is no benefit to
repeatedly doing this stat(). To stop this behavior, explicitly set the
TZ variable to its default value (:/etc/localtime) whenever it is unset.
glibc will then cache the stat() result.
2020-12-22 11:08:36 +11:00
Craig Small
3e1c00d051 ps: Match on truncated 16 char for -C
The referenced commit the comm length was increased from 16 to 64
characters to handle the larger command names for things like kernel
threads.

However most user processes are limited to 15 characters which means
if you try something like ps -C myprogramisbiggerthansixteen this would
fail to match because /proc/<PID>/comm would only be myprogramisbigg

ps now checks the comm length and if it is 15 and if the given match
is 15 or more, it will only match the first 15 characters.

This is also how killall has worked for about a year.

Thanks to Jean Delvare <jdelvare@suse.de> for the note.

References:
 commit 14005a371e
 commit psmisc/psmisc@1188315cd0

Signed-off-by: Craig Small <csmall@dropbear.xyz>
2020-09-24 22:01:22 +10:00
Craig Small
cc032cbd99 docs: some manpage fixes
Some editorial changes so the man pages follow the standards.

References:
 procps#173
2020-06-04 22:25:26 +10:00
Jim Warner
d93609225c ps: eliminated inadvertent trailing double semi-colons
Signed-off-by: Jim Warner <james.warner@comcast.net>
2020-04-10 14:35:17 +10:00
Craig Small
4c23fcfd3c docs: Mention stime in ps.1
References:
 procps-ng/procps#164
2020-04-07 19:35:27 +10:00
Jim Warner
7db65421d0 ps: for abnormal end allow core dumps (fix qualys bug)
A Qualys audit patch, represented in the commit below,
added the _exit() call to our abnormal signal handler.
Unfortunately, that disabled the associated core dump.

This patch restores expected behavior of those signals
whose default produces a core dump file + termination.

Reference(s):
commit 2e4a594221

Signed-off-by: Jim Warner <james.warner@comcast.net>
2020-01-06 09:13:29 +11:00
Craig Small
bb272580a6 docs: Update ps.1 to warn about command name length
Previous versions of ps used to only match on the first 15 characters
because that's what the kernel used to provide. Newer kernels have a
longer length for this field so procps has been updated to suit.

References:
 procps-ng/procps#101
 https://bugzilla.suse.com/show_bug.cgi?id=1099091
2018-08-08 20:13:58 +10:00
Bjarni Ingi Gislason
336d4ab90e docs: Tidying of ps,kill and skill manpages
Some minor tidying of these three man pages using more of the modern
(ish) macros that have been around for a while.

References:
 https://bugs.debian.org/893452
 https://bugs.debian.org/893457
 https://bugs.debian.org/894480

Signed-off-by: Craig Small <csmall@enc.com.au>
2018-05-31 21:18:27 +10:00
Craig Small
14005a371e ps: Increase command selection field to 64
The library now presents command names up to 64 characters, in line with
the kernel changes.  ps command name selection (the -C option) now also
is 64 characters long.

References:
 commit 2cfdbbe897
2018-05-19 22:10:11 +10:00
Qualys Security Advisory
015669383f ps/sortformat.c: Avoid "sep_loc + 1" when sep_loc is NULL. 2018-05-19 07:32:22 +10:00
Qualys Security Advisory
bb89dad867 ps/sortformat.c: Handle large width in aix_format_parse().
Unlikely to ever happen, since it would imply a very large string, but
better safe than sorry.
2018-05-19 07:32:22 +10:00
Qualys Security Advisory
cde22815af ps/sortformat.c: Catch negative width in format_parse().
The existing strspn() check guarantees that the string contains no '-'
but atoi() does not catch errors, especially not integer overflows.
2018-05-19 07:32:22 +10:00
Qualys Security Advisory
db00f54f4a ps/sortformat.c: Double-check chars in verify_short_sort().
To avoid an out-of-bounds access at checkoff[tmp]. The strspn() at the
beginning of the function protects against it already, but double-check
this in case of some future change.
2018-05-19 07:32:22 +10:00
Qualys Security Advisory
afca7eee75 ps/display.c: Fix "move process-only flags to the process".
Use "proc |= (task & PROC_ONLY)" not "proc |= (task &~ PROC_ONLY)".
2018-05-19 07:32:22 +10:00
Qualys Security Advisory
2e4a594221 ps/display.c: Always exit from signal_handler().
Right now, "we _exit() anyway" is not always true: for example, the
default action for SIGURG is to ignore the signal, which means that
"kill(getpid(), signo);" does not terminate the process. Call _exit()
explicitly, in this case (rather than exit(), because the terminating
kill() calls do not call the functions registered with atexit() either).
2018-05-19 07:32:21 +10:00
Qualys Security Advisory
7dd7bdb09f ps/output.c: Always null-terminate outbuf in show_one_proc().
Before "strlen(outbuf)", if one of the pr_*() functions forgot to do it.
This prevents an out-of-bounds read in strlen(), and an out-of-bounds
write in "outbuf[sz] = '\n'". Another solution would be to replace
strlen() with strnlen(), but this is not used anywhere else in the
code-base and may not exist in all libc's.
2018-05-19 07:32:21 +10:00
Qualys Security Advisory
db25d0375a ps/output.c: Protect outbuf in various pr_*() functions.
pr_bsdstart(): Replace "strcpy(outbuf," with "snprintf(outbuf, COLWID,"
(which is used in all surrounding functions). (side note: the fact that
many pr_*() functions simply return "snprintf(outbuf, COLWID," justifies
the "amount" checks added to show_one_proc() by the "ps/output.c:
Replace strcpy() with snprintf() in show_one_proc()." patch)

pr_stime(): Check the return value of strftime() (in case of an error,
"the contents of the array are undefined").

help_pr_sig(): Handle the "len < 8" case, otherwise "sig+len-8" may
point outside the sig string.

pr_context(): Handle the empty string case, or else "outbuf[len-1]"
points outside outbuf.
2018-05-19 07:32:21 +10:00
Qualys Security Advisory
14e0247ea5 ps/output.c: Enforce a safe range for max_rightward.
Enforce a maximum max_rightward of OUTBUF_SIZE-1, because it is used in
constructs such as "snprintf(outbuf, max_rightward+1," (we could remove
the extra check at the beginning of forest_helper() now, but we decided
to leave it, as a precaution and reminder).

The minimum max_rightward check is not strictly needed, because it is
unsigned. However, we decided to add it anyway:

- most of the other variables are signed;

- make it visually clear that this case is properly handled;

- ideally, the minimum max_rightward should be 1, not 0 (to prevent
  integer overflows such as "max_rightward-1"), but this might change
  the behavior/output of ps, so we decided against it, for now.

Instead, we fixed the only function that overflows if max_rightward is
0. Also, enforce the same safe range for max_leftward, although it is
never used throughout the code-base.
2018-05-19 07:32:21 +10:00
Qualys Security Advisory
1d9ddb615a ps/output.c: Replace strcpy() with snprintf() in show_one_proc().
This strcpy() should normally not overflow outbuf, but names can be
overridden (via -o). Also, check "amount" in all cases.
2018-05-19 07:32:21 +10:00
Qualys Security Advisory
97408d8b10 ps/output.c: Remove the page_shift variable.
It is static and not used anywhere.
2018-05-19 07:32:21 +10:00
Qualys Security Advisory
e66bf564f8 ps/output.c: Check return value of mmap() in init_output().
We decided not to check the return value of the mprotect() calls,
because they are not vital to the operation of ps.
2018-05-19 07:32:21 +10:00
Qualys Security Advisory
bb9c217f29 ps/display.c: Harden show_tree().
1/ Do not go deeper than the size of forest_prefix[], to prevent a
buffer overflow (sizeof(forest_prefix) is roughly 128K, but the maximum
/proc/sys/kernel/pid_max is 4M). (actually, we go deeper, but we stop
adding bytes to forest_prefix[])

2/ Always null-terminate forest_prefix[] at the current level.
2018-05-19 07:32:21 +10:00
Qualys Security Advisory
136e372495 ps/output.c: Fix outbuf overflows in pr_args() etc.
Because there is usually less than OUTBUF_SIZE available at endp.
2018-05-19 07:32:21 +10:00
Qualys Security Advisory
d31f5eb545 ps/output.c: Harden forest_helper().
This patch solves several problems:

1/ Limit the number of characters written (to outbuf) to OUTBUF_SIZE-1
(-1 for the null-terminator).

2/ Always null-terminate outbuf at q.

3/ Move the "rightward" checks *before* the strcpy() calls.

4/ Avoid an integer overflow in these checks (e.g., rightward-4).
2018-05-19 07:32:21 +10:00
Craig Small
5d0b094b8c ps: Add NEWS and checks for times and cputimes
The previous commit had one minor bug in it because the fields need
to be alphabetical and times comes after timeout.

Added NEWS item for this feature
Added another testsuite check for new flags in case they
disappear or go strange one day.

References:
 commit 8a94ed6111
2018-03-02 22:07:46 +11:00
Sébastien Bigaret
8a94ed6111 ps: add times & cputimes format specifiers: cumulative CPU time in seconds
These format specifiers are to time & cputime what etimes is to etime.

Signed-off-by: Sébastien Bigaret <sebastien.bigaret@telecom-bretagne.eu>
2018-03-02 21:58:45 +11:00
Jan Rybar
67bc433c17 ps: LUID format option impelemented 2018-02-19 20:41:40 +11:00
Craig Small
a238a687ce docs: Document I idle state in ps and top
Linux 4.2 provided a new process state of I which is used for an idle
kernel thread. This new state means that kernel threads do not
contribute to the loadavg as they are no longer state D or S but I.

While both ps and top displayed this state, it wasn't documented in
either manual page until now.

References:
 https://bugs.debian.org/886967
 https://www.quora.com/What-does-mean-Linux-process-state-I-in-the-top-output
 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=80ed87c8a9ca0cad7ca66cf3bbdfb17559a66dcf
2018-01-13 11:18:09 +11:00
Jim Warner
62367defa2 ps: don't use '+' truncation indicator with multi-byte
The ps program generally supports multi-byte sequences
in strings representing user and group names. However,
should a multi-byte sequence span the maximum width of
a column, the '+' inserted by ps to signify truncation
will corrupt that sequence, misaligning the text line.

Unfortunately, there's insufficient info returned from
the escape_str function (who calls escape_str_utf8) to
provide a robust response. So, this commit will revert
to the old standby of displaying a number when the '+'
character would've corrupted that multi-byte sequence.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-10-02 22:20:58 +11:00
Wayne Porter
53e101452f Consolidated patch of previously merged CYGWIN support
The combined results of merge request #49 without that
overhead plus distortion in this repository's history.

Prototyped-by: Wayne Porter <wporter82@gmail.com>
2017-09-03 20:59:23 +10:00
Jim Warner
0082035172 ps: have now added the NUMA node field display support
[ this patch has been adapted from the newlib branch ]

Reference(s):
https://gitlab.com/procps-ng/procps/issues/58

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-05-22 21:34:32 +10:00
Jim Warner
629fa81b57 misc: eliminate all those remaining gcc -Wall warnings
Reference(s):
proc/readproc.c: In function 'statm2proc'
proc/readproc.c:627:9: warning: variable 'num' set but not used [-Wunused-but-set-variable]

ps/output.c: In function 'pr_context':
ps/output.c:1273:14: warning: unused variable 'tried_load' [-Wunused-variable]
ps/output.c:1272:16: warning: unused variable 'ps_is_selinux_enabled' [-Wunused-variable]
ps/output.c:1272:16: warning: 'ps_is_selinux_enabled' defined but not used [-Wunused-variable]
ps/output.c:1273:14: warning: 'tried_load' defined but not used [-Wunused-variable]
ps/output.c:1837:18: warning: 'shortsort_array_count' defined but not used [-Wunused-const-variable=]
ps/output.c:1803:18: warning: 'aix_array_count' defined but not used [-Wunused-const-variable=]

ps/parser.c: In function 'arg_type':
ps/parser.c:1098:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
ps/parser.c:1099:34: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the 'if'

ps/sortformat.c: In function 'format_parse':
ps/sortformat.c:241:1: warning: label 'out' defined but not used [-Wunused-label]

ps/stacktrace.c:176:13: warning: 'stack_trace_sigsegv' defined but not used [-Wunused-function]

watch.c: In function 'process_ansi':
watch.c:234:5: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
watch.c:237:2: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the 'if'

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-05-22 21:34:32 +10:00
Jim Warner
c41c614b0c ps: provide 'namespace' protection for 32-bit compiles
This patch ensures that namespace output will look the
same whether ps is built under a 32 or a 64-bit model.

[ it would have been easier to change that library's ]
[ data type, but we'll avoid breaking that ABI again ]

Signed-off-by: Jim Warner <james.warner@comcast.net>
2016-12-07 21:51:14 +11:00
Jim Warner
da9f31ef3e ps: now made responsive to 32 or 64-bit address widths
While a Debian bug report referenced below was limited
to the 'eip' and 'esp' fields, this patch also extends
address width adaptations to some other addresses too.

[ and, we do so in a far less invasive manner than a ]
[ redhat approach shown below adding two new fields! ]

Reference(s):
. new debian bug report
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=846361
. old redhat solution
https://bugzilla.redhat.com/show_bug.cgi?id=244152

Signed-off-by: Jim Warner <james.warner@comcast.net>
2016-12-07 21:51:06 +11:00
Martin Polednik
f8ccf3126e ps: recognize SCHED_DEADLINE 2016-11-07 10:23:01 +01:00
Thomas Petazzoni
4fc9a34802 ps/output.c: include <dlfcn.h> only when necessary
dlopen() functionality is only used when SELinux support is enabled, so
<dlfcn.h> only needs to be included when ENABLE_LIBSELINUX is
defined. This fixes the build in configurations where <dlfcn.h> is not
available.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-08-07 11:08:26 +02:00
Jim Warner
eca9168617 misc: adapted others to that new proc_t 'cgname' field
This patch adapts the ps program to a newly add proc_t
field and provides for new support in that top program
along with his man document (ps was already ok there).

Signed-off-by: Jim Warner <james.warner@comcast.net>
2016-07-06 21:33:17 +10:00
Jim Warner
8a198e3eaf ps: adapt to revised approach for --with-systemd build
We'll now display a '?' for any systemd field when our
library was built without that above configure option.

Since the man page documents such fields this approach
is far superior to that old (confusing) error message:
. error: unknown user-defined format specifier "slice"

Signed-off-by: Jim Warner <james.warner@comcast.net>
2016-06-07 20:49:30 +10:00
Shivkrishna A
3a52dfa340 Fix for Bug:1174313 2016-03-02 22:35:55 +05:30
Laurent Bigonville
5da390422d ps: use attr/current as fallback for context
If SELINUX is enabled but the machine is using another MAC system
(like apparmor), ps will fallback to just parsing
"/proc/%d/attr/current", otherwise the label/context would not
be properly displayed in that case.

References:
 https://bugs.debian.org/786956

Signed-off-by: Craig Small <csmall@enc.com.au>
2016-01-03 18:13:47 +11:00
Craig Small
b2f49b105d Closes: #9 ps: Remove Unix98 output limitations
ps previously followed the Unix98 standard when it comes to
user-defined output, sometimes. This meant you could have
user output format with a header that included commas and
equals signs. It was dependent on if ps thought you wanted
sysv or bsd format and THAT was dependent on things in previous
options.

It was very confusing to a user because
 ps p $$ -o pid=,comm=
gave you a two-column output but
 ps -p $$ -o pid=,comm=
would give you a one column output with the header ",comm="

The -p versus p means (to ps) you want sysv or bsd parsing.
Unix98 standard or not, this is plainly just silly.

The commit removes any of the quirks Unix98 has with user defined
output.  If you really wanted a ps header with commas in the output,
today isn't your day.

Signed-off-by: Craig Small <csmall@enc.com.au>
2015-10-26 11:18:52 +11:00
Craig Small
0ee090ae16 ps: display control group name
The cgroup field while shown as a vector is a concatenated
string, so alot of the complexity of sorting and displaying
has gone.

This change simplifies the cgroup sorting and adds display
and sorting for the name attribute of the cgroup, if found.

Signed-off-by: Craig Small <csmall@enc.com.au>
2015-08-15 17:10:38 +10:00