Commit Graph

11 Commits

Author SHA1 Message Date
Qualys Security Advisory
f1077b7a55 proc/alloc.*: Use size_t, not unsigned int.
Otherwise this can truncate sizes on 64-bit platforms, and is one of the
reasons the integer overflows in file2strvec() are exploitable at all.
Also: catch potential integer overflow in xstrdup() (should never
happen, but better safe than sorry), and use memcpy() instead of
strcpy() (faster).

Warnings:

- in glibc, realloc(ptr, 0) is equivalent to free(ptr), but not here,
  because of the ++size;

- here, xstrdup() can return NULL (if str is NULL), which goes against
  the idea of the xalloc wrappers.

We were tempted to call exit() or xerrx() in those cases, but decided
against it, because it might break things in unexpected places; TODO?
2018-05-19 07:32:21 +10:00
Qualys Security Advisory
98b79d1ef1 proc/alloc.c: Use vfprintf(), not fprintf().
This can disclose information from the stack, but is unlikely to have a
security impact in the context of the procps utilities:

user@debian:~$ w 2>&1 | xxd
00000000: a03c 79b7 1420 6661 696c 6564 2074 6f20  .<y.. failed to
00000010: 616c 6c6f 6361 7465 2033 3232 3137 3439  allocate 3221749
00000020: 3738 3020 6279 7465 7320 6f66 206d 656d  780 bytes of mem
00000030: 6f72 79                                  ory
2018-05-19 07:32:21 +10:00
Sami Kerola
c043c47ddd pmap: use correct types for memory allocation
Fixes error which did not happen always.  Changes of being affected by
the bug where greater the more there where pids defined as pmap argument.
The debian bug referral can almost certainly reproduce the problem,
especially when tried multiple times in row.

pmap: malloc.c:3096: sYSMALLOc: Assertion `(old_top == (((mbinptr)
(((char *) &((av)->bins[((1) - 1) * 2])) - __builtin_offsetof (struct
malloc_chunk, fd)))) && old_size == 0) || ((unsigned long) (old_size) >=
(unsigned long)((((__builtin_offsetof (struct malloc_chunk,
fd_nextsize))+((2 * (sizeof(size_t))) - 1)) & ~((2 * (sizeof(size_t))) -
1))) && ((old_top)->size & 0x1) && ((unsigned long)old_end & pagemask) ==
0)' failed.

Reported-by: lee <lee@yun.yagibdah.de>
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688180
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
2012-11-06 22:22:11 +11:00
Sami Kerola
ce61089059 docs: clarification to license headers in files
Add license header to all files.  The summary of licensing is below,
taken from Craig Small's email which is referred in commit message
tail.

sysctl and pgrep are GPL 2+
The rest is LGPL 2.1+

Reference: http://www.freelists.org/post/procps/Incorrect-FSF-address-in-the-license-files,8
Bug-Redhat: https://bugzilla.redhat.com/show_bug.cgi?id=797962
CC: Craig Small <csmall@enc.com.au>
CC: Jaromir Capik <jcapik@redhat.com>
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
2012-03-03 18:41:11 +11:00
Sami Kerola
9057b18a32 libproc-ng & ps: fix warning reported by smatch
proc/ksym.c +279 read_file(54) info: redundant null check on buf calling free()
proc/ksym.c +330 parse_ksyms(41) info: redundant null check on ksyms_data calling free()
proc/ksym.c +332 parse_ksyms(43) info: redundant null check on ksyms_index calling free()
proc/ksym.c +451 sysmap_mmap(110) info: redundant null check on sysmap_index calling free()
proc/procps.h:74:5: warning: undefined preprocessor identifier 'SHARED'
proc/slab.c +145 parse_slabinfo20(24) error: potential null derefence 'prev'.
proc/slab.c +222 parse_slabinfo11(21) error: potential null derefence 'prev'.
ps/stacktrace.c +131 debug(6) error: snprintf() is printing too much 99 vs 16

Signed-off-by: Sami Kerola <kerolasa@iki.fi>
2011-12-20 17:30:50 +01:00
Jim Warner
7126cc4491 library: expanded/generalized memory allocation provisions
A callback provision in the form of xalloc_err_handler
(of type message_fn) was added to the alloc module.

This change allowed a program like top, who alters the
termios structure, to override the default fprint(stderr...)
behavior in the event of an error.

The new function xstrdup was also added for symmetry.
2011-12-11 22:26:49 +11:00
albert
3e67b58ec2 satisfy GPL section 2a and LGPL section 2b name+date requirement 2002-12-15 00:30:17 +00:00
albert
5087f3dbf6 big header clean-up 2002-12-09 07:00:07 +00:00
albert
21c9ffa15e top gets pcpu work 2002-10-10 00:01:37 +00:00
albert
83957ee887 make warning go away 2002-09-30 23:32:54 +00:00
csmall
03a9b5a30f procps 010114 2002-02-01 22:47:29 +00:00