Commit Graph

550 Commits

Author SHA1 Message Date
Jim Warner
33cd2ccf87 top: tweak logic associated with keyboard translations
This commit most significant change is the elimination
of the kbd_ENTER entry from that tinfo_tab in iokey().

That entry was a useless artifact left from the commit
which is shown below. It makes no sense to 'translate'
a keystroke into something it already was (i.e. '\n').

The remaining changes just reorder those table entries
for a progression consistent with vim keys: h,j,k & l.

Reference(s):
. fix 'iokey()' flaw preventing proper translations
commit c3323bdb68

Signed-off-by: Jim Warner <james.warner@comcast.net>
2019-09-22 07:32:03 +10:00
Jim Warner
97e1264525 top: standardize PgUp/PgDn management within task area
This commit standardizes the behavior of the PgUp/PgDn
keys when on the main top display. With PgDn, the last
process will become the first process. With PgUp, that
first task will now appear as the last task displayed.

[ this also eliminates some quirks that were evident ]
[ when paging at or near the end of the process list ]

Signed-off-by: Jim Warner <james.warner@comcast.net>
2019-07-04 20:46:18 +10:00
Jim Warner
e6a2931c39 top: attempt to provide missing xterm vim keys support
A recent issue (and merge request) reminded me of gaps
in top's alternate 'vim' navigation keys support. Some
xterm emulators do not pass the customary strings when
keys were used with the <Ctrl> and/or <Alt> modifiers.

While it was a known problem, this issue/merge request
prompted research into the root cause. As it turns out
the problem is traceable to an X resource known by the
name 'eightBitInput'. When 'true' (the default), a key
pressed in combination with <Alt> will not be preceded
by the <Esc> character. Rather, a single character was
presented (modified via an 'eightBitMeta' X resource).

The following approaches would eliminate this problem:

. start xterm thus: xterm -xrm '*eightBitInput: false'

. use: ~/.Xresources with 'Xterm*eightBitInput: false'

. build xterm with 'configure --enable-meta-sends-esc'
( apparently used for CentOS, Fedora, openSUSE, etc. )

. enable xterm's menu via 'configure --enable-toolbar'
( so the user can set the 'Meta Sends Escape' option )

Of course, none of the above steps is desirable from a
user's perspective. So, this patch will add additional
entries to the iokey function's tinfo_tab to represent
strings passed when the <Alt> key does not send <Esc>.

[ hopefully they'll be the same across all platforms ]

Lastly, this patch will also eliminate those redundant
<Atl> + '\', '/', '<' & '>' provisions, which now seem
like overkill and suffer from that same 'eightBitMeta'
xterm problem. And we might as well say goodbye to the
4 '<Alt> + arrow key' table entries (which do not seem
to currently work with any emulator which I can find).

[ what in the world was I thinking way back in 2011? ]

Reference(s):
. issue
https://gitlab.com/procps-ng/procps/issues/135
. merge request
https://gitlab.com/procps-ng/procps/merge_requests/84

Signed-off-by: Jim Warner <james.warner@comcast.net>
2019-07-04 20:46:18 +10:00
Jim Warner
e85e3ee4d8 top: just correct a couple of misspellings in comments
Signed-off-by: Jim Warner <james.warner@comcast.net>
2019-03-26 19:55:30 +11:00
Jim Warner
34ca0a17ec top: adapt for changes in item identifiers, <STAT> api
Signed-off-by: Jim Warner <james.warner@comcast.net>
2019-01-22 22:49:24 +11:00
Jim Warner
ca9142767c top: harden management of 'Hide_pid' array allocations
While setting the size of that Hide_pid array to equal
total pids high water mark was probably safe, in truth
there is no real relationship. At some point one could
exceed that HWM if the 'v' toggle was used extensively
and at least 1 of those entries remained non-negative.

This commit simply divorces Hide_tot from the pids HWM
and bases Hide_pid array size on actual run-time need.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2019-01-03 08:06:48 +11:00
Jim Warner
22ae537707 top: enable alternate '+' placement with collapsed pid
Currently, except for tasks that have no parents, when
a process' children are collapsed the '+' indicator is
shown in the first position within that COMMAND field.

This commit simply provides for indenting the '+' char
so it displays next to that program name/command line.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2019-01-03 08:06:48 +11:00
Jim Warner
59f02f19c7 top: plug a minor hole in the vertical scrolling logic
In that commit referenced below, a few edge cases were
addressed regarding vertical positioning involving any
'hidden' tasks. But, 2 additional edge cases remained.

In a running top, if the user employed 'other filters'
(o/O) or 'user filters' (u/U) proper vertical position
was not ensured. And, while this could be easily fixed
by striking the home/end or up/down arrow keys, it was
very poor etiquette to shift this burden to the users.

So, this patch plugs that gap, automating the process.

Reference(s):
commit 9d59ddc466

Signed-off-by: Jim Warner <james.warner@comcast.net>
2019-01-03 08:06:48 +11:00
Jim Warner
a6dfc2382e top: eliminated the use of that 'procps.h' header file
That prior patch set the stage for eliminating the use
of that 'procps.h' header, while retaining support for
a ./configure -DXTRA_PROCPS_DEBUG' during development.

This commit just eliminates top's use of 'procps.h' in
favor of a separate include for needed newlib headers.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-09-12 21:12:06 +10:00
Jim Warner
19dd4f7120 top: a tweak to the forest view collapsed code (again)
From the outset, top has tried to provide some minimal
garbage collection in support of forest view collapse.
For example, with every 'v' keystroke, a check is made
of the currently targeted pids.  If all were negative,
which means expanded, that Hide_pid array was emptied.

Recently, yet another efficiency was added wherein the
continuing scan for a targeted pid was terminated when
a match was found. But, one more inefficiency existed.

When a task which was subject to collapse under forest
view mode has disappeared (ended), repeatedly scanning
for such a pid with each iteration makes little sense.

So this commit will negate such targeted pids and thus
avoid scanning every current task looking for a match.
Then, if 'v' is ever stuck at some point in the future
there will be a chance to empty that Hide_pid[] array.

[ hopefully this will be a final tweak of the forest ]
[ view collapse stuff, but cross your fingers anyway ]

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-09-12 21:12:05 +10:00
Jim Warner
5c8d94ff2e top: the '#define SCROLLVAR_NO' is bent but not broken
This patch simply avoids an 'unused' variable warning.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-09-12 21:12:05 +10:00
Jim Warner
43caa7a144 top: speed up the collapsed children forest view logic
In forest view mode, once a collapsible parent process
and all of its children (if any) have been identified,
there is no longer a need to scan the remaining tasks.

So this patch will just force a new scan for any other
'Hide_pid' entries which might remain to be identified
after a targeted parent has been completely processed.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-08-13 20:55:50 +10:00
Jim Warner
52376d16e2 top: miscellaneous accumulated tweaks to code/comments
This patch includes the following miscellaneous stuff:

. ensure 1 space before any '*' ptr sizeof() reference

. explain the rather cryptic 'ioa' guy a little better

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-08-13 20:55:50 +10:00
Jim Warner
65feb3c558 top: eliminate all of that 'relative enumerator' bloat
The top program has always specified the maximum stack
depth at 'new' time. Then, in those stacks the minimum
number of result structures were used for representing
only fields actually being displayed in the 4 windows.

That, however, complicated all subsequent access since
each field's enumerator then had to be translated into
a relative position when interacting with the library.
This was accomplished by that Fieldstab 'erel' member.

So this patch eliminates an extra level of indirection
by fully exploiting the existing maximum sized stacks.
Now, the enumerators that top uses to represent fields
also represent their relative positions in each stack.

[ for fields not actually displayed, the position in ]
[ a stack is represented by the 'PIDS_extra' struct. ]
[ thus, there isn't any real library costs for those ]
[ enumerators/fields which aren't currently visible. ]

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-08-13 20:54:48 +10:00
Jim Warner
ede4a5f9b0 top: existing 'Inspect' pipe feature now more flexible
Currently, it isn't possible to establish an 'Inspect'
pipe that relies on SIGINT to end. That's because this
signal will also end the parent process (top) as well.

So this patch will temporarily ignore that signal when
processing any 'Inspect' pipe, allowing one like this:

. pipe ^I Trace Calls ^I /usr/bin/strace -r -p %d 2>&1

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-08-01 21:38:44 +10:00
Jim Warner
40dbd50056 top: avoid unrecognized 'Inspect' entries memory leaks
Upon startup there exists the potential for some minor
memory leakage should some rcfile 'Inspect' entries be
invalid. By delaying any malloc/strdup until after the
entries are completely validated we will prevent that.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-08-01 21:38:44 +10:00
Jim Warner
11b87c73ed top: ensure collapsed children cpu reported accurately
Parent tasks with collapsed children should have their
cpu reflect any unseen tasks only under the following:

1) When built without TREE_VCPUOFF having been defined

2) Exclusively when 'Show_FOREST' display mode was set

3) And only under the current window when in alternate
display mode (except if TREE_VWINALL has been defined)

So, this commit just ensures these objectives are met.

Reference(s):
. issue that began odyssey
https://gitlab.com/procps-ng/procps/issues/99
. original cpu implementation
commit 7c7903e50d

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-08-01 21:38:44 +10:00
Jim Warner
beea4e0f20 top: make the TREE_VCPUOFF define a tad more inclusive
While this newlib branch did not suffer that SEGV fate
the master branch did with children's %CPU accounting,
it didn't manage the 'TREE_VCPUOFF' #define optimally.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-07-18 20:19:43 +10:00
Jim Warner
ab33cd1101 top: '^V' is now 'v' (collapse/expand children toggle)
Using Ctrl-V for the collapse children key now appears
as a mistake. First, it's too close to that Ctrl-C key
which would prematurely terminate top. Second, a lower
case 'v' was unused and perfectly compliments an upper
case 'V' which is used to toggle 'forest view' itself.

Reference(s):
https://gitlab.com/procps-ng/procps/issues/99

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-07-18 20:19:43 +10:00
Jim Warner
43c3afb57e top: some minor renaming, reformatting and rearranging
This commit just addresses these miscellaneous issues:
. make a few pseudo enum's just a tad more descriptive
. always use 'p' for pointers to a 'struct pids_stack'
. add just a little indent to the 'rSv' macro comments
. rearrange section dealing with new library interface
. always match order of local #undef to parent #define
. forest_begin array index usage is now more efficient

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-07-18 20:19:43 +10:00
Jim Warner
90849fa1ed top: parent total cpu includes collapsed children, doc
Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-07-17 20:58:32 +10:00
Jim Warner
7c7903e50d top: parent total cpu includes collapsed children, pgm
Now, when a parent's children have been collapsed, the
cpu used by those unseen tasks will disappear no more.
Instead such tics will be added to the parent's total.

[ if one wished a return to the 'land of lost tics', ]
[ the '#define TREE_VCPUOFF' directive is available. ]

------------------------------------------------------
Note: With collapsible parents now displaying children
cpu usage, it will eventually be noticed the cpu stats
for the summary area and task areas often vary widely.

It's worth a reminder that for top's summary area each
individual cpu and the cpu summary is limited to 100%,
regardless of how many tics a linux kernel may export.

An individual task is limited to 100% times the number
of threads. But, in no case will cpu usage ever exceed
100% times total number of processors. Such limits are
further reduced under 'Solaris' mode ('I' toggle off).
In this mode, a task cpu usage will never exceed 100%.
These limits will now also apply to collapsed parents.

In addition to those influences, results are subjected
to kernel timer sampling anomalies and the distortions
inherent in a small sample size, made worse by smaller
delay intervals. Often there is just 1 or 2 tics for a
few tasks at smaller intervals such as: 1/10th second.

Anyway, should questions on this subject arise, a good
starting point, beyond the reminders above, is the 1st
link listed below. Those other links were derivatives.

Reference(s):
. from the kernel documentation
https://www.kernel.org/doc/Documentation/cpu-load.txt
. as mentioned in the above kernel documentation
https://lkml.org/lkml/2007/2/12/6
. from above, with many more links on the subject
https://www.boblycat.org/~malc/apc/

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-07-17 20:58:32 +10:00
Jim Warner
1801bacc0d top: exploited the newly added field 'executable path'
[ along the way we'll shorten some of the repetitive ]
[ variable width field narratives in top's man page. ]

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:18 +10:00
Jim Warner
9d59ddc466 top: a few tweaks for those scrolling (mostly) changes
This patch just addresses some edge cases with respect
to 'unseen' tasks. Given the ability to preserve other
filters in the rcfile, it's entirely possible the very
first task(s) may not be visible at top startup. Also,
when switching between windows ('a'/'w') we should try
to always position its row #1 on some visible process.

Lastly, a window might have *NO* visible tasks at all.
Therefore, protect 'window_hlp' from an infinite loop.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:18 +10:00
Jim Warner
6aedeac667 top: normalize vertical scrolling for hidden processes
To my knowledge, nobody has ever complained about some
anomalies when scrolling vertically if tasks should be
hidden from view. This can happen with the user filter
('u/U') or other filter ('o/O') features. And although
some tasks are not shown, they still impact scrolling.

This is most apparent when that scroll coordinates msg
is on ('C') & up/down arrow keys used (vs. pgup/pgdn).

Now that we can collapse/expand forked children, there
is a potential for yet more of those hidden processes.

So this commit normalizes vertical scrolling providing
an expected behavior. In other words, the up/down keys
skip the unseen tasks to reposition on a visible task.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:18 +10:00
Jim Warner
a8dc1a6e5a top: refactor the 'scroll coordinates' message support
This patch is simply preparation for upcoming vertical
scrolling enhancements. With those changes, it will be
impossible to predict what the beginning task position
should be at the time the message is currently issued.

This patch will allow such a message to be shown after
the individual windows' tasks have all been displayed.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:18 +10:00
Jim Warner
97eb4388c6 top: allow collapsible forest view children, documents
Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:18 +10:00
Jim Warner
42e8abec0d top: allow collapsible forest view children, pgm logic
The issue cited below really dealt with preserving the
'Other filter' criteria in the rcfile. But as an aside
the htop 'F6' feature (collapsed children) was raised.

I took that as an implied challenge and decided to try
implementing a similar feature in top. So, this commit
will now provide a brand new forest view toggle ('^V')
which will be used to collapse/expand forked children.

[ this patch will also lead to additional patches in ]
[ support of more rational vertical scrolling, since ]
[ many more tasks might now be hidden in some window ]

Reference(s):
. where this secondary issue was raised
https://gitlab.com/procps-ng/procps/issues/99

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:18 +10:00
Jim Warner
c88ff1782c top: to prepare for collapse, move forest view support
In anticipation of a new collapsible child feature, we
will have to make some forest view variables available
to that 'keys_task()' function. This commit just moves
the forest view logic ahead of tertiary input support.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:17 +10:00
Jim Warner
79a92c3478 top: 'other filters' saved with config file, documents
Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:17 +10:00
Jim Warner
35e9269bbe top: 'other filters' saved with config file, pgm logic
Well, after the rearranging and refactoring, all those
active 'other filter' entries for each window will now
be preserved in the user's configuration file via 'W'.

For raising the issue below, thanks to Marco Ippolito.

Reference(s):
https://gitlab.com/procps-ng/procps/issues/99

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:17 +10:00
Jim Warner
12b0b5b2cf top: refactored some more peripheral 'inspect' support
These modifications are being made now in anticipation
of some coming 'other filter' config file changes. Our
entries must be written last to the rc file since that
is where the users have been told to 'echo' additions.

Therefore, that 'config_insp' function must be adapted
to anticipate a passed buffer that was already primed.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:17 +10:00
Jim Warner
5e8bf3c028 top: refactored some of that 'other filtering' support
If we are to support preserving 'other filter' entries
in the rcfile, then the current logic setting up those
osel entries for a WIN_t must be shareable for startup
and when interacting with a user. So, this commit just
repositions this current code in a shareable function.

[ along the way, we give the prior guy a proper name ]

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:17 +10:00
Jim Warner
016f10cb93 top: reposition some of that 'other filtering' support
When we get around to saving that 'Other Filter' stuff
in the rcfile, we'll need access to the Fieldstab plus
the justify_pad() function. So this commit repositions
two 'osel' functions in anticipation of adding 1 more.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:17 +10:00
Jim Warner
8398b7d9b0 top: refactor some of that configuration files support
The 'config_file()' function was getting a little long
in the tooth, so this commit simply renames/rearranges
some stuff anticipating 'other filters' in the rcfile.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:17 +10:00
Jim Warner
567a9b6240 top: let's honor <Esc> key on color mapping screen too
Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:17 +10:00
Jim Warner
775223a817 top: make rcfile duplicate fields check more efficient
Jeeze, there was no need to employ *both* strchr() and
strrchr() when ensuring fields hadn't been duplicated.

So let's avoid one of those function calls completely.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:17 +10:00
Jim Warner
80f9815f5f top: a tweak to the recent 256-color termninal support
We now use the actual terminfo 'max_colors' value with
the 'color mapping' screen, not that hard coded '256'.

Reference(s):
https://gitlab.com/procps-ng/procps/issues/96

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:45:38 +10:00
Jim Warner
5705866fb6 top: treat all of those vertical scroll keys uniformly
When not displaying all tasks (the 'i' toggle is off),
the concept of vertical scrolling has no real meaning.

However, only 2 keys (up/down) impacting that vertical
position were currently being disabled with this mode.

This patch will extend such treatment to the following
additional vertical impact keys: pgup,pgdn,home & end.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:45:38 +10:00
Jim Warner
19ec80bd41 top: force return to row 1 for thread mode transitions
This program does a good job of policing that vertical
scrolled position, ensuring that total tasks are never
exceeded. However, during transitions from thread mode
to normal task mode (the 'H' toggle) that wasn't true.

And while there was no real harm done, it did make the
use of up/down arrow keys "appear" disabled especially
if that scroll message was not displayed ('C' toggle).

This patch simply forces a return to row #1 whenever a
user toggles that display between thread & task modes.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:45:38 +10:00
Jim Warner
c3323bdb68 top: fix 'iokey()' flaw preventing proper translations
As it turns out, the very first entry in the 'iokey()'
tinfo_tab was preventing the proper translation of the
simulated PgUp/PgDn keys (ctrl+meta+k/j). Ignoring the
tortured history behind the most recent change to that
entry, this patch restores the previous value and once
again properly translates these particular keystrokes.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:45:38 +10:00
Jim Warner
4d9e4ac4f6 top: provide the means to exploit a 256-color terminal
With the Qualys security audit, we began to harden our
treatment of the top rcfile. In particular, the values
read were checked so as to prevent some malicious user
from editing it in order to achieve an evil objective.

However when it came to colors I was surprised to find
that at least one user edited the rcfile for 256-color
support. Unfortunately, our new checks prevented this.

So this commit will provide the means to exploit those
extra colors with no need to manually edit the rcfile.

Reference(s):
https://gitlab.com/procps-ng/procps/issues/96

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:35:20 +10:00
Jim Warner
fa96f3e5dc top: sanitized some potentially corrupt 'Inspect' data
This guards against rcfile 'Inspect' entries which may
include non-printable characters. While this shouldn't
occur, we have no real control over those crazy users.

[ and, while such data can't be used maliciously, it ]
[ does adversely impact such a user's screen display ]

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:35:20 +10:00
Jim Warner
34feb6183a top: prevent buffer overruns in 'inspection_utility()'
For our master branch, a Qualys patch referenced below
was reverted as being unwarranted. That original patch
was not applied in this branch so there was no revert.

However, there was 1 specific problem their patch had,
in fact, prevented. Thus, this patch now addresses it.

Reference(s):
. original qualys patch
0109-top-Protect-scat-from-buffer-overflows.patch

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:35:20 +10:00
Jim Warner
59c8c1c86c top: add another field sanity check in 'config_file()'
Until the Qualys security audit I had never considered
it a possibility that some malicious person might edit
the top config file to achieve some nefarious results.

And while the Qualys approach tended to concentrate on
the symptoms from such an effort, subsequent revisions
more properly concentrated on startup and that rcfile.

This commit completes those efforts with 1 more field.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:35:20 +10:00
Jim Warner
8ce5f080a2 top: don't mess with groff line length in man document
I've long since forgotten why the attempt to influence
groff line lengths was made. However, I did receive an
email regarding problems formatting postscript output.

Hopefully this patch will eliminate any such problems.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:35:20 +10:00
Jim Warner
2c6a480cc8 top: just respond to the increased command name length
The command name for running tasks is displayed by top
in a variable length field, so the increase from 16 to
64 bytes was not a problem. However, there's one place
where top is sensitive to length - insp_view_choice().

So, this patch just bumps a buffer used to display it.

Reference(s):
. master branch increase to 64
commit 2cfdbbe897

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:35:20 +10:00
Jim Warner
a24b369132 top: eliminate a couple of warnings of -Wunused-result
Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:35:20 +10:00
Jim Warner
c314f9f953 top: ensure sane rcfile values for the remaining stuff
This will protect some remaining rcfile variables from
a possible manual editing of top's configuration file.

[ and correct two #error related boo-boos introduced ]
[ with the system default rcfile in the commit shown ]

Reference(s):
. introduced /etc/topdefaultrc
commit 55a42ae040

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:35:20 +10:00
Jim Warner
bd7e1fb343 top: Prevent out-of-bounds writes in PUFF(). __Tweaked
This commit moves some overhead to the Batch mode path
where it's needed. And given the new 'else if' test we
can delete some now redundant logic in the other path.

Reference(s):
. original qualys patch
0117-top-Prevent-out-of-bounds-writes-in-PUFF.patch

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:35:20 +10:00
Jim Warner
8b94d11585 top: address 'show_special()' o-o-b read/write concern
This patch addresses a potential (but unlikely) buffer
overflow by reducing, if necessary, a memcpy length by
3 bytes to provide for an eol '\0' and 2 unused buffer
positions which also might receive the '\0' character.

[ note to future analysis tool: just because you see ]
[ binary data being manipulated in the routine, that ]
[ doesn't mean such function was passed binary data! ]

Reference(s):
. original qualys patch
0116-top-Fix-out-of-bounds-read-write-in-show_special.patch

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:35:20 +10:00
Jim Warner
085351a0ee top: prevent buffer overflow potential in all routines
Whereas an original patch (referenced below) addressed
some symptoms related to manually edited config files,
this solution deals with root causes. And it goes much
beyond any single top field by protecting all of top's
fields. Henceforth, a duplicated field is not allowed.

Reference(s):
. original qualys patch
0114-top-Prevent-buffer-overflow-in-calibrate_fields.patch

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:35:20 +10:00
Jim Warner
ffee26c370 top: check sortindx risk exposure (not treat symptoms)
Rather than validate the window's 'sortindx' each time
it was referenced (as was done in the patch below), we
now ensure the validity just once when the config file
is read. Thereafter, a running top will police bounds.

Reference(s):
. original qualys patch
0102-top-Check-sortindx.patch

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:35:20 +10:00
Jim Warner
e691cbaef4 top: other graph_cpus, graph_mems, and summ_mscale fix
This patch replaces an original patch referenced below
(omitted under this branch). We now validate variables
'graph_cpus', 'graph_mems' and 'summ_mscale' just once
at startup. Thereafter, top enforces the proper range.

[ we afford the same treatment to that 'task_mscale' ]
[ variable, which was ignored in the original patch. ]

Reference(s):
. original qualys patch
0099-top-Check-graph_cpus-graph_mems-and-summ_mscale.patch

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:35:20 +10:00
Jim Warner
4550e60144 top: Do not default to the cwd in configs_r... Tweaked
While it's only documented (so far) in commit text and
an occasional email I've tried to maintain some coding
standards primarily for reference/navigation purposes.
They also served, I felt, as useful mental challenges.

Someday I will get around to formerly documenting them
but in the meantime here are the ones for this commit:

. functions are grouped into logical (i hope) sections
. functions & sections are ordered to avoid prototypes
. function names are alphabetical within every section
. all functions & sections must be referenced in top.h

This patch just attempts to honor the above standards,
while also covering this new behavior in the man page.

[ please note that the net result of these 2 patches ]
[ is simply to avoid pathname truncations should our ]
[ limit of 1024 be exceeded. they do not have a role ]
[ in solving the 'local privilege escalation' issue. ]

[ and we can never prevent a user from setting their ]
[ HOME var to a directory writable by some attacker! ]

[ the only real protection for that CVE-2018-1122 is ]
[ those soon to be enhanced rcfile integrity checks, ]
[ achieved through several of the following patches. ]

Reference(s):
. original qualys patch
0097-top-Do-not-default-to-the-cwd-in-configs_read.patch

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:35:20 +10:00
Qualys Security Advisory
d099d0e5a1 0117-top: Prevent out-of-bounds writes in PUFF().
This patch prevents three problems:

1/ Because snprintf() returns "the number of characters (excluding the
terminating null byte) which would have been written to the final string
if enough space had been available", _eol may point past the end of _str
and write out-of-bounds (in Batch mode).

2/ _eol is never checked against _str, so "while (*(--_eol) == ' ');"
may point _eol below _str and write out-of-bounds (in Batch mode).

3/ Sanity-check Pseudo_row to protect the strcpy().
2018-06-09 21:35:20 +10:00
Qualys Security Advisory
2ba9c569e5 0115-top: Harden calibrate_fields().
- Make sure i is at least 1 before "i - 1" and "--i".

- Initialize endpflg (to 0, as it was originally, since it is static)
  before the "for" loop (the "break" may leave endpflg uninitialized,
  for example).
2018-06-09 21:35:20 +10:00
Qualys Security Advisory
6024543e79 0113-top: Impose a minimum on Screen_cols.
The safety of the critical function task_show() depends on the sanity of
Screen_cols. Just copy the tests on w_cols to Screen_cols (from the same
function adj_geometry()).
2018-06-09 21:35:20 +10:00
Qualys Security Advisory
74e9d0afe1 0112-top: Prevent integer overflow in adj_geometry(). 2018-06-09 21:35:20 +10:00
Qualys Security Advisory
34b08eb8ac 0111-top: Limit Width_mode to SCREENMAX.
adj_geometry() limits to SCREENMAX too, but belt and suspenders, and
might as well tell the user about it.
2018-06-09 21:35:20 +10:00
Qualys Security Advisory
2fabc50998 0110-top: Prevent integer overflows in config_file() and other_selection(). 2018-06-09 21:35:20 +10:00
Qualys Security Advisory
e1f419737f 0108-top: Always exit from sig_abexit().
The default action for SIGURG is to ignore the signal, for example.
This is very similar to the patch "ps/display.c: Always exit from
signal_handler()."
2018-06-09 21:35:20 +10:00
Qualys Security Advisory
022cda9599 0107-top: Initialize struct sigaction in before(). 2018-06-09 21:35:20 +10:00
Qualys Security Advisory
2c461c8b05 0106-top: Fix snprintf() call in capsmk().
Replace "snprintf(msg, sizeof(pmt)" with "snprintf(msg, sizeof(msg)".
Luckily sizeof(pmt) == sizeof(msg), but fix it anyway.
2018-06-09 21:35:20 +10:00
Qualys Security Advisory
f02fff62fb 0104-top: Initialize cp in task_show().
Found no problematic case at the moment, but this is a cheap
just-in-case.
2018-06-09 21:35:20 +10:00
Qualys Security Advisory
8b29093481 0103-top: Protect macro parameters.
---------------------------- adapted for newlib branch
. the 'isBUSY' macro is quite different under newlib

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:35:19 +10:00
Qualys Security Advisory
9cb8bee6a1 0101-top: Check width and col.
Otherwise they may lead to out-of-bounds writes (snprintf() returns the
number of characters which would have been written if enough space had
been available).

Also, make sure buf is null-terminated after COLPLUSCH has been written.
2018-06-09 21:35:19 +10:00
Qualys Security Advisory
766e31a2c3 0100-top: Check Rc.fixed_widest.
Otherwise it leads to crashes (for example, setting it to 2147483600 in
the configuration file segfaults top).
2018-06-09 21:35:19 +10:00
Qualys Security Advisory
0b0356de5c 0098-top: Check i when setting Curwin in config_file().
Otherwise it leads to out-of-bounds reads (and maybe writes).
2018-06-09 21:35:19 +10:00
Qualys Security Advisory
7c92bff183 0097-top: Do not default to the cwd in configs_read().
If the HOME environment variable is not set, or not absolute, use the
home directory returned by getpwuid(getuid()), if set and absolute
(instead of the cwd "."); otherwise, set p_home to NULL.

To keep the changes to a minimum, we rely on POSIX, which requires that
fopen() fails with ENOENT if the pathname (Rc_name) is an empty string.
This integrates well into the existing code, and makes write_rcfile()
work without a change.

Also, it makes the code in configs_read() easier to follow: only set and
use p_home if safe, and only set Rc_name if safe (in all the other cases
it is the empty string, and the fopen() calls fail). Plus, check for
snprintf() truncation (and if it happens, reset Rc_name to the empty
string).

Important note: top.1 should probably be updated, since it mentions the
fallback to the current working directory.
2018-06-09 21:35:19 +10:00
Qualys Security Advisory
54f02b7e11 0096-top: Fix double-fclose() in configs_read().
It happens only if RCFILE_NOERR is defined (it is not, by default).
2018-06-09 21:35:19 +10:00
Jim Warner
b2d7f620c0 top: show that truncation indicator ('+') consistently
With a little luck, this should be the final tweak for
our support of extra wide characters. Currently, those
characters don't always display the '+' indicator when
they've been truncated. Now, it should always be seen.

[ plus it's done a tad more efficiently via snprintf ]

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-03-03 17:53:10 +11:00
Jim Warner
2119750a51 top: change to exploit a newly added UID used at login
In addition to exploiting the login user ID provision,
the following miscellaneous changes are also included:

. unnecessary braces have been eliminated from an 'if'

. a comment with case EU_CPU: was corrected to 's_int'
and the associated block of code relocated accordingly

. case EU_CPN: wasn't shared with other enumerators so
reference to 'i' was changed to that actual enumerator

. case EU_SGN: wasn't shared with other enumerators so
reference to 'i' was changed to that actual enumerator

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-02-19 20:33:59 +11:00
Jim Warner
52f0ee2c41 top: update copyright dates in source and man document
Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-02-19 20:33:59 +11:00
Jim Warner
0f54ff181a top: try to avoid premature truncation indicator ('+')
Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-02-19 20:33:59 +11:00
Jim Warner
3aa348ad77 top: avoid potential truncation with 'Inspect' feature
As it turns out, that Ukrainian 'demo' text supporting
the '=' command was 152 bytes long, up from an English
version of 80 bytes. Unfortunately, the buffer used to
format all such strings was insufficient at 128 bytes.

Depending on the width of one's terminal, some strange
result could be experienced when a multi-byte sequence
was truncated. So, this just makes that buffer bigger.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-02-19 20:33:59 +11:00
Jim Warner
603129e60a top: allow translated field headers to determine width
After wrestling with extra wide characters, supporting
languages like zh_CN, sometimes default/minimum column
widths might force a truncation of translated headers.

So, this commit explores one way that such truncations
could be avoided. It is designed so as to have minimal
impact on existing code, ultimately affecting just one
function. But it's off by default via its own #define.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-02-19 20:33:59 +11:00
Jim Warner
7e1dfc12b6 top: an efficiency tweak to extra wide character logic
When I recently added extra wide character support for
locales like zh_CN, I didn't worry about some overhead
associated with the new calls to 'mbtowc' & 'wcwidth'.
That's because such overhead was usually incurred with
user interactions, not a normal iterative top display.

There was, however, one area where this overhead would
impact the normal iterative top mode - that's with the
Summary display. So I peeked at the glibc source code.

As it turns out, the costs of executing those 'mbtowc'
and 'wcwidth' functions were not at all insignificant.
So, this patch will avoid them in the vast majority of
instances, while still enabling extra wide characters.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-02-19 20:33:59 +11:00
Jim Warner
0192197198 top: standardize width of the %CPU & %MEM columns at 5
There is (should be) no justification for changing the
width of the percentage columns (%CPU, %MEM) depending
on the BOOST_PERCNT #define. So this patch will ensure
that both columns are fixed at their former maximum 5.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-02-19 20:33:59 +11:00
Jim Warner
6a5cd6d6fb top: respond to an additional library 'state' category
Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-02-12 20:58:31 +11:00
Jim Warner
264790d80d top: adapt utf8 logic to support extra wide characters
Back when top was refactored to support UTF-8 encoding
it was acknowledged that languages like zh_CN were not
supported. That was because a single 'character' might
require more than a single 'column' when it's printed.

Well I've now figured out how to accommodate languages
like that. My adaptation is represented in this patch.

[ and just in case someone wishes to avoid the extra ]
[ runtime costs, a #define OFF_XTRAWIDE is included. ]

Along the way, I've cleaned up some miscellaneous code
supporting the 'Inspect' feature so that the rightmost
screen column was always used rather than being blank.

[ interestingly, my xterm & urxvt terminal emulators ]
[ are able to split extra wide characters then print ]
[ 1/2 of such graphics in the last column. the gnome ]
[ terminal emulator does not duplicate such behavior ]
[ but prints 1 extra character in same width window. ]

Reference(s):
. Sep, 2017 - original utf8 support
commit 9773c56add

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-02-12 20:58:31 +11:00
Jim Warner
6f2e66969a top: tweak that recent enhancement to startup defaults
When the new approach for startup defaults was adopted
in the reference below, a file might be left open that
technically should be closed. This situation arises in
the unlikely event the #define RCFILE_NOERR is active.

Without that #define, the program will exit early thus
rendering the open file issue moot. However, even with
that #define there was no real harm with an open file.
It simply meant a 2nd FILE struct would have been used
when, or if, the rcfile was written via a 'W' command.

Anyway, this patch ensures such a file will be closed.

Reference(s):
. Dec, 2017 - /etc/topdefaultrc introduced
commit 55a42ae040

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-02-12 20:58:31 +11:00
Craig Small
91df65b9e7 docs: Document I idle state in ps and top
Linux 4.2 provided a new process state of I which is used for an idle
kernel thread. This new state means that kernel threads do not
contribute to the loadavg as they are no longer state D or S but I.

While both ps and top displayed this state, it wasn't documented in
either manual page until now.

References:
 https://bugs.debian.org/886967
 https://www.quora.com/What-does-mean-Linux-process-state-I-in-the-top-output
 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=80ed87c8a9ca0cad7ca66cf3bbdfb17559a66dcf
2018-01-13 11:25:59 +11:00
Jim Warner
55a42ae040 top: allow more flexible approach for startup defaults
Those references below offer more detail regarding the
default startup changes beginning with version 3.3.10.

It is important to remember that all such changes were
supposed to impact only new users or users who had not
saved the personal config file (via that 'W' command).
However, I introduced a bug wherein the rcfile was not
fully honored. This gave the changes a bad reputation.

That bug was corrected in release 3.3.11 but the issue
of default startup options keeps resurfacing. And it's
clear there's no consensus on what should be included.

Our --disable-modern-top configure option is of little
help since it remains an all-or-nothing approach. What
we need is an answer offering unlimited customization.
So, this commit will provide distribution packagers or
system administrators with a much more flexible way to
set their own preferred startup default configuration.

A new rcfile is being introduced: '/etc/topdefaultrc',
whose format/content is the same as a personal rcfile.
Thus once a 'proper' enterprise configuration has been
established and saved via 'W', it can be copied to the
/etc/ directory. Thereafter, startup in the absence of
a saved rcfile will use that configuration as default.

Now if a distribution packager or system administrator
wishes to expose their users to some of top's advanced
capabilities they can do so gradually. Perhaps setting
up graph mode for summary area task and memory display
while retaining the %CPU sort could be tried. Or maybe
showing colors, but better customized for a particular
terminal emulator. Such possibilities are now endless.

[ in exploiting this new capability, i hope that the ]
[ other windows (alt display mode) aren't overlooked ]

Reference(s):
. Sep, 2014 - Not fully honoring rcfile bug discussed
https://www.freelists.org/post/procps/top-saved-rcfile-bug
. Oct, 2014 - Attempt to defend new startup defaults
https://bugzilla.redhat.com/show_bug.cgi?id=1153049
. Jul, 2015 - Forest vs. %CPU views discussion
https://gitlab.com/procps-ng/procps/issues/6
. Oct, 2017 - Question the use of --disable-modern-top
https://bugzilla.redhat.com/show_bug.cgi?id=1499410
. Oct, 2017 - Forest vs. %CPU views discussion again
https://www.freelists.org/post/procps/Forest-mode-by-default-in-top-seems-a-bit-strange
. Dec, 2017 - Rehash of 3.3.10 startup defaults change
https://gitlab.com/procps-ng/procps/issues/78

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-12-23 17:44:34 +11:00
Jim Warner
0a502adfd0 top: let's exploit the new standardized errno handling
With the library having now normalized errno handling,
perhaps it is time at least one program took advantage
of it. So, instead of printing just a message with the
programs's line number, top will now also provide that
associated errno string text, compliments of strerror.

[ with those newlib functions returning NULL, we can ]
[ use errno directly in strerror. for the ones which ]
[ yield an int, all we need do is invert such return ]
[ values before passing it to the strerror function. ]

Reference(s):

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-12-23 17:44:34 +11:00
Jim Warner
71b3de01f2 top: miscellaneous changes to whitespace/comments only
[ ok, there's also 1 newly added #undef included too ]

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-12-23 17:44:34 +11:00
Jim Warner
fd77d86942 top: add and/or expand a couple more translation hints
After noticing that the 'uk' translation expanded what
was supposed to be a 3 line header into 5 lines, seems
appropriate to offer more guidance on max lines count.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-12-20 21:18:53 +11:00
Jim Warner
b5104910b1 top: stop neglecting potential utf8 field descriptions
And I thought those strange characters I saw with only
certain translations in Fields Management descriptions
were resulting from my terminal emulator deficiencies.

Turns out that ol' top wasn't addressing possibilities
of such descriptions ending with multi-byte sequences.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-10-14 21:48:00 +11:00
Jim Warner
a02a31f7e9 top: eliminate that potential vulnerability for TOCTOU
Initially, I was going to ignore that coverity warning
CID #177876. But, since top may be running SETUID it's
best if it can be avoided instead. The fix was simple.

We'll trade the access() call for a real fopen() call.
This time-of-check-time-of-use warning should go away.
------------------------------------------------------

When XDG support was originally introduced in top, the
author made a poor choice in access(). A real question
that needed asking was 'does the file exist'. However,
the question that was asked was 'can this real user ID
or this real group ID access the file'. Then, when the
fopen() is finally issued, top would use the effective
user ID or the effective group ID to access that file.

That's what opened the potential TOCTOU vulnerability,
which was important only if top was running SUID/SGID.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-10-14 21:48:00 +11:00
Jim Warner
d734d18f62 top: make 'utf8_justify' independent of non-utf8 logic
By eliminating the call to 'fmtmk', the 'utf8_justify'
function could more easily be used in libproc someday.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-10-14 21:48:00 +11:00
Jim Warner
474f4da5d1 top: utf8 utils should observe indentation conventions
Gosh, all this time we used indents of 4 spaces, not 3
spaces which were always the top standard indentation.

[ and we made our 'utf8_embody' a little more robust ]

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-10-14 21:48:00 +11:00
Jim Warner
3afadf56e4 top: ensure bug report suggestion agrees with man page
The top man page was changed back on 10/20/15, in that
commit shown below. There, freelists.org was suggested
as the bug reports recipient. But, the program was not
changed from the original Debian bug reports approach.

Reference(s):
commit b1f7b2a509

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-10-14 21:48:00 +11:00
Jim Warner
a74f604441 top: make the 'utf8_proper_col' routine more efficient
This patch better exploits short-circuit evaluation in
two 'if' tests. In every case, the 1st of 2 conditions
in each 'if' test must take place but it always proves
true with each iteration for 1 of the 'if' statements.
Thus, the 2nd condition will have to be evaluated too.

By reordering 2 tests in each 'if', we can ensure that
the 2nd condition will then be tested much less often.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-10-07 09:07:17 +11:00
Jim Warner
ca566ad554 top: make that 'make_str_utf8' function more efficient
Upon reflection, there was absolutely no justification
for that call to strlen() which was then followed by a
call to snprintf(). The latter provides this needed #.

[ also make that 'delta' value a little more visible ]
[ instead of hiding it at the end of a its code line ]

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-10-07 09:07:17 +11:00
Jim Warner
0154ffb280 top: ensured one translation hint agrees with template
Now that top can properly handle translated multi-byte
strings I've been reviewing translated efforts so far,
and weighing output against related translation hints.

In one case, a translation hint has not kept pace with
the current program state. In addition, that same hint
could be expanded to suggest translation alternatives.

[ frankly I never expected the translators to tackle ]
[ some of those 'special' strings. the task appeared ]
[ just too daunting. but they have done a great job! ]

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-10-07 09:07:17 +11:00
Jim Warner
53a1b9650b top: again avoid multiple evaluation of macro argument
Before top was modified to exploit the new <pids> api,
there was protection in that task_show() makeVAR macro
to avoid multiple evaluation of this macro's argument.

But, in that commit referenced below, such a safeguard
was lost. This commit simply restores proper behavior.

Reference(s);
. offending change
commit 77dc22b910

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-10-07 09:07:17 +11:00
Jim Warner
e55016def5 top: when did scale_mem parm lose 'unsigned' qualifier
Well, for some strange unknown reason it happened in a
commit referenced below. But this patch reverts it and
puts this newlib scale_mem on par with the master guy.

[ a little more research reveals that it should have ]
[ been reverted in the 2nd commit shown. that's when ]
[ types were fixed after XTRA_PROCPS_DEBUG was used. ]

Reference(s):
. when 'unsigned' qualifier lost
commit 911083bf76
. when 'unsigned' qualifier not restored
commit 105058ae2d
. when XTRA_PROCPS_DEBUG validation introduced
commit e3270d463d

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-10-07 09:07:17 +11:00
Jim Warner
335c070c8d top: improve the translator hint regarding field width
Reference(s):
https://www.freelists.org/post/procps/Does-COMMAND-really-have-to-be-at-most-7-characters,2

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-10-07 09:07:17 +11:00
Jim Warner
1bc25e920a top: correct an insidious occasional truncation buglet
With the help of our Swedish translator, hopefully the
final buglet has now been vanquished in the multi-byte
translation support. This one was a real nasty bugger.

Although it didn't occur with every terminal emulator,
occasionally random text lines were being chopped off.

As it turns out, those terminals were blameless. There
were two separate places in top's show_special routine
where potential multi-byte sequences were inadequately
addressed. Solution: exploit existing utf-8 functions.

[ it also became apparent that the translation hints ]
[ in the top_nls module were deficient. so a special ]
[ caution was added regarding the final line of txt. ]

Reference(s):
https://gitlab.com/procps-ng/procps/issues/68

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-10-02 22:23:13 +11:00
Jim Warner
e189569db2 top: plug a small potential hole in multi-byte support
Unlike the insp_mkrow_raw function the insp_mkrow_utf8
routine is not equipped to print non-ctl, non-printing
characters like '<7f>'. However, technically that very
value currently slips through the cracks. So with this
patch top will now print a space in the unlikely event
a character with the value of 127 is ever encountered.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-10-02 22:23:13 +11:00