Commit Graph

2396 Commits

Author SHA1 Message Date
Jan Rybar
7febddabd8 Possible segfault in file2strvec introduced by latest CVE fix
'rbuf' used before allocated.
Revealed by static analysis

References:
 commit 36e066df52

Signed-off-by: Craig Small <csmall@enc.com.au>
2018-08-08 20:06:57 +10:00
simonis
16bd4cd5aa Build fails if not done from the source root directory (#105) 2018-08-08 20:03:16 +10:00
Jim Warner
ede4a5f9b0 top: existing 'Inspect' pipe feature now more flexible
Currently, it isn't possible to establish an 'Inspect'
pipe that relies on SIGINT to end. That's because this
signal will also end the parent process (top) as well.

So this patch will temporarily ignore that signal when
processing any 'Inspect' pipe, allowing one like this:

. pipe ^I Trace Calls ^I /usr/bin/strace -r -p %d 2>&1

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-08-01 21:38:44 +10:00
Jim Warner
40dbd50056 top: avoid unrecognized 'Inspect' entries memory leaks
Upon startup there exists the potential for some minor
memory leakage should some rcfile 'Inspect' entries be
invalid. By delaying any malloc/strdup until after the
entries are completely validated we will prevent that.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-08-01 21:38:44 +10:00
Jim Warner
11b87c73ed top: ensure collapsed children cpu reported accurately
Parent tasks with collapsed children should have their
cpu reflect any unseen tasks only under the following:

1) When built without TREE_VCPUOFF having been defined

2) Exclusively when 'Show_FOREST' display mode was set

3) And only under the current window when in alternate
display mode (except if TREE_VWINALL has been defined)

So, this commit just ensures these objectives are met.

Reference(s):
. issue that began odyssey
https://gitlab.com/procps-ng/procps/issues/99
. original cpu implementation
commit 7c7903e50d

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-08-01 21:38:44 +10:00
Jim Warner
beea4e0f20 top: make the TREE_VCPUOFF define a tad more inclusive
While this newlib branch did not suffer that SEGV fate
the master branch did with children's %CPU accounting,
it didn't manage the 'TREE_VCPUOFF' #define optimally.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-07-18 20:19:43 +10:00
Jim Warner
ab33cd1101 top: '^V' is now 'v' (collapse/expand children toggle)
Using Ctrl-V for the collapse children key now appears
as a mistake. First, it's too close to that Ctrl-C key
which would prematurely terminate top. Second, a lower
case 'v' was unused and perfectly compliments an upper
case 'V' which is used to toggle 'forest view' itself.

Reference(s):
https://gitlab.com/procps-ng/procps/issues/99

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-07-18 20:19:43 +10:00
Jim Warner
43c3afb57e top: some minor renaming, reformatting and rearranging
This commit just addresses these miscellaneous issues:
. make a few pseudo enum's just a tad more descriptive
. always use 'p' for pointers to a 'struct pids_stack'
. add just a little indent to the 'rSv' macro comments
. rearrange section dealing with new library interface
. always match order of local #undef to parent #define
. forest_begin array index usage is now more efficient

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-07-18 20:19:43 +10:00
Jim Warner
90849fa1ed top: parent total cpu includes collapsed children, doc
Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-07-17 20:58:32 +10:00
Jim Warner
7c7903e50d top: parent total cpu includes collapsed children, pgm
Now, when a parent's children have been collapsed, the
cpu used by those unseen tasks will disappear no more.
Instead such tics will be added to the parent's total.

[ if one wished a return to the 'land of lost tics', ]
[ the '#define TREE_VCPUOFF' directive is available. ]

------------------------------------------------------
Note: With collapsible parents now displaying children
cpu usage, it will eventually be noticed the cpu stats
for the summary area and task areas often vary widely.

It's worth a reminder that for top's summary area each
individual cpu and the cpu summary is limited to 100%,
regardless of how many tics a linux kernel may export.

An individual task is limited to 100% times the number
of threads. But, in no case will cpu usage ever exceed
100% times total number of processors. Such limits are
further reduced under 'Solaris' mode ('I' toggle off).
In this mode, a task cpu usage will never exceed 100%.
These limits will now also apply to collapsed parents.

In addition to those influences, results are subjected
to kernel timer sampling anomalies and the distortions
inherent in a small sample size, made worse by smaller
delay intervals. Often there is just 1 or 2 tics for a
few tasks at smaller intervals such as: 1/10th second.

Anyway, should questions on this subject arise, a good
starting point, beyond the reminders above, is the 1st
link listed below. Those other links were derivatives.

Reference(s):
. from the kernel documentation
https://www.kernel.org/doc/Documentation/cpu-load.txt
. as mentioned in the above kernel documentation
https://lkml.org/lkml/2007/2/12/6
. from above, with many more links on the subject
https://www.boblycat.org/~malc/apc/

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-07-17 20:58:32 +10:00
Jim Warner
6658492df6 ps: exploited that newly added field 'executable path'
Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:18 +10:00
Jim Warner
1801bacc0d top: exploited the newly added field 'executable path'
[ along the way we'll shorten some of the repetitive ]
[ variable width field narratives in top's man page. ]

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:18 +10:00
Jim Warner
ad4269f118 library: expanded to provide for the 'executable path'
This patch is the first of three implementing a newlib
branch version of that Jan Rybar master merge request.

With this series we'll ultimately extend 'EXE' support
to both ps and top (plus, everyone else who wants it).

Reference(s):
. master branch merge request
https://gitlab.com/procps-ng/procps/merge_requests/66

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:18 +10:00
Jim Warner
9d59ddc466 top: a few tweaks for those scrolling (mostly) changes
This patch just addresses some edge cases with respect
to 'unseen' tasks. Given the ability to preserve other
filters in the rcfile, it's entirely possible the very
first task(s) may not be visible at top startup. Also,
when switching between windows ('a'/'w') we should try
to always position its row #1 on some visible process.

Lastly, a window might have *NO* visible tasks at all.
Therefore, protect 'window_hlp' from an infinite loop.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:18 +10:00
Jim Warner
6aedeac667 top: normalize vertical scrolling for hidden processes
To my knowledge, nobody has ever complained about some
anomalies when scrolling vertically if tasks should be
hidden from view. This can happen with the user filter
('u/U') or other filter ('o/O') features. And although
some tasks are not shown, they still impact scrolling.

This is most apparent when that scroll coordinates msg
is on ('C') & up/down arrow keys used (vs. pgup/pgdn).

Now that we can collapse/expand forked children, there
is a potential for yet more of those hidden processes.

So this commit normalizes vertical scrolling providing
an expected behavior. In other words, the up/down keys
skip the unseen tasks to reposition on a visible task.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:18 +10:00
Jim Warner
a8dc1a6e5a top: refactor the 'scroll coordinates' message support
This patch is simply preparation for upcoming vertical
scrolling enhancements. With those changes, it will be
impossible to predict what the beginning task position
should be at the time the message is currently issued.

This patch will allow such a message to be shown after
the individual windows' tasks have all been displayed.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:18 +10:00
Jim Warner
97eb4388c6 top: allow collapsible forest view children, documents
Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:18 +10:00
Jim Warner
42e8abec0d top: allow collapsible forest view children, pgm logic
The issue cited below really dealt with preserving the
'Other filter' criteria in the rcfile. But as an aside
the htop 'F6' feature (collapsed children) was raised.

I took that as an implied challenge and decided to try
implementing a similar feature in top. So, this commit
will now provide a brand new forest view toggle ('^V')
which will be used to collapse/expand forked children.

[ this patch will also lead to additional patches in ]
[ support of more rational vertical scrolling, since ]
[ many more tasks might now be hidden in some window ]

Reference(s):
. where this secondary issue was raised
https://gitlab.com/procps-ng/procps/issues/99

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:18 +10:00
Jim Warner
c88ff1782c top: to prepare for collapse, move forest view support
In anticipation of a new collapsible child feature, we
will have to make some forest view variables available
to that 'keys_task()' function. This commit just moves
the forest view logic ahead of tertiary input support.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:17 +10:00
Jim Warner
79a92c3478 top: 'other filters' saved with config file, documents
Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:17 +10:00
Jim Warner
35e9269bbe top: 'other filters' saved with config file, pgm logic
Well, after the rearranging and refactoring, all those
active 'other filter' entries for each window will now
be preserved in the user's configuration file via 'W'.

For raising the issue below, thanks to Marco Ippolito.

Reference(s):
https://gitlab.com/procps-ng/procps/issues/99

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:17 +10:00
Jim Warner
12b0b5b2cf top: refactored some more peripheral 'inspect' support
These modifications are being made now in anticipation
of some coming 'other filter' config file changes. Our
entries must be written last to the rc file since that
is where the users have been told to 'echo' additions.

Therefore, that 'config_insp' function must be adapted
to anticipate a passed buffer that was already primed.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:17 +10:00
Jim Warner
5e8bf3c028 top: refactored some of that 'other filtering' support
If we are to support preserving 'other filter' entries
in the rcfile, then the current logic setting up those
osel entries for a WIN_t must be shareable for startup
and when interacting with a user. So, this commit just
repositions this current code in a shareable function.

[ along the way, we give the prior guy a proper name ]

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:17 +10:00
Jim Warner
016f10cb93 top: reposition some of that 'other filtering' support
When we get around to saving that 'Other Filter' stuff
in the rcfile, we'll need access to the Fieldstab plus
the justify_pad() function. So this commit repositions
two 'osel' functions in anticipation of adding 1 more.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:17 +10:00
Jim Warner
8398b7d9b0 top: refactor some of that configuration files support
The 'config_file()' function was getting a little long
in the tooth, so this commit simply renames/rearranges
some stuff anticipating 'other filters' in the rcfile.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:17 +10:00
Jim Warner
567a9b6240 top: let's honor <Esc> key on color mapping screen too
Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:17 +10:00
Jim Warner
775223a817 top: make rcfile duplicate fields check more efficient
Jeeze, there was no need to employ *both* strchr() and
strrchr() when ensuring fields hadn't been duplicated.

So let's avoid one of those function calls completely.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-26 21:25:17 +10:00
Qualys Security Advisory
7e55bff63b 0125-vmstat: Prevent out-of-bounds writes in new_header() and diskheader().
This does not happen with the default string (" -----timestamp-----"),
but this string is translated (to unknown lengths).

Signed-off-by: Craig Small <csmall@enc.com.au>
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
aca26df501 0124-vmstat: Check return values of localtime() and strftime().
Otherwise it leads to NULL-pointer dereferences (in case of localtime()
errors) and indeterminate contents of timebuf (in case of strftime()
errors).

Signed-off-by: Craig Small <csmall@enc.com.au>
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
c7e17f4439 0123-vmstat: Replace memcmp() with strncmp().
Otherwise this may read out-of-bounds (there is no guarantee that 5
bytes are actually available at partition/optarg).

Signed-off-by: Craig Small <csmall@enc.com.au>
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
e37e4528d0 0122-vmstat: getopt*() returns -1 when done, not EOF.
Luckily, EOF is usually -1, but this is not guaranteed by the standard.

Signed-off-by: Craig Small <csmall@enc.com.au>
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
eaec2d0977 0121-w: Clamp maxcmd to the MIN/MAX_CMD_WIDTH range.
The current checks allow out-of-range values (for example, if
getenv/atoi returns ~-2GB, maxcmd becomes ~+2GB after the subtraction).
This is not a security problem, none of this is under an attacker's
control.
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
e24804a9de 0120-w: Prevent out-of-bounds reads in print_display_or_interface().
They occur if disp or tmp reaches host + len: add checks. Also, constify
everything.
2018-06-23 21:59:14 +10:00
Craig Small
e9172d0484 misc: Tell po4a to handle email macros
References:
 https://www.freelists.org/post/procps/newlib-Qualys-patches
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
7bc4779718 0095-pmap: Fix extended mode in one_proc().
Check the return value of sscanf() to make sure that all input items are
properly initialized.

In extended mode (x_option), one_proc() loads the values of start and
perms during one iteration of the while loop, and displays them during
one of the following iterations, but start and perms are variables local
to the while loop: move them out of the while loop, to the beginning of
the function.

Also, display a mapping only if cp2 is properly initialized; otherwise
(for example), mappings that do not belong to a selected range are
displayed, and with a NULL mapping name:

$ pmap -x -A 6FFF00000000,7FFF00000000 $$
...
Address           Kbytes     RSS   Dirty Mode  Mapping
000055b3d1e9b000       0     912       0  r-xp (null)
000055b3d2194000       0      16      16  r--p (null)
000055b3d2198000       0      36      36  rw-p (null)
...

Removed const as this causes problems elsewhere.

Signed-off-by: Craig Small <csmall@enc.com.au>
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
7d3b4bcaf2 0093-pmap: Remove dead code in mapping_name().
If "cp = strrchr(mapbuf_b, '/')" then this function returns, and
otherwise there is no '/' in mapbuf_b and "cp = strchr(mapbuf_b, '/')"
is always false: remove this second block, since it is never entered.
Also, constify a few things in this function.

Signed-off-by: Craig Small <csmall@enc.com.au>
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
991b41cb32 0092-pmap: Harden one_proc().
Replace sprintf() with snprintf().

Signed-off-by: Craig Small <csmall@enc.com.au>
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
550a2a21f9 0091-pmap: Check sscanf() in discover_shm_minor().
Need at least 6 items ("inode" is unused).

Signed-off-by: Craig Small <csmall@enc.com.au>
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
2119cd3dd5 0090-pmap: Fix output format of VmFlags.
In the headers, the space was misplaced; for example, "pmap -XX $$"
outputs "VmFlagsMapping" (without a space). Use justify_print() instead
of printf().

There was also an extra space in the output, because vmflags[] (from the
"VmFlags:" line) always ends with a space. Overwriting this last space
with a null byte fixes this misalignment.

Signed-off-by: Craig Small <csmall@enc.com.au>
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
7e2bd279ed 0089-pmap: Prevent buffer overflow in sscanf().
vmflags[] is a 27*(2+1)=81 char array, but there are 30 flags now (not
27), and even with 27 flags this was an off-by-one overflow (the kernel
always outputs a flag with "%c%c ", so the last +1 is for a space, not
for the terminating null byte). Protect vmflags[] with a maximum field
width, as in the surrounding sscanf() calls.

Signed-off-by: Craig Small <csmall@enc.com.au>
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
5f654f143a 0088-pmap: Always check the return value of fgets().
Otherwise "the contents of the array remain unchanged and a null pointer
is returned" or "the array contents are indeterminate and a null pointer
is returned".

Signed-off-by: Craig Small <csmall@enc.com.au>
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
45f81ef706 0087-pmap: Fix parsing error in config_read().
$ echo '[' > crash
$ pmap -C crash $$
Segmentation fault (core dumped)

Signed-off-by: Craig Small <csmall@enc.com.au>
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
bf409f92fd 0086-pmap: Prevent integer overflow in main().
Unlikely to ever happen, but just in case.

Signed-off-by: Craig Small <csmall@enc.com.au>
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
105ab093b8 0085-pmap.c: Plug memory leak in range_arguments().
Also, simplify the code slightly (but functionally equivalent). Check
the return value of xstrdup() only once (yes, it can return NULL).

Adapted slightly to remove goto and leave the format of checks the same.
A lot of the fixes were already in newlib, caught by coverity

References:
 commit 25f655891f

Signed-off-by: Craig Small <csmall@enc.com.au>
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
a016a43b53 0027-skill: Prevent multiple overflows in ENLIST().
First problem: saved_argc was used to calculate the size of the array,
but saved_argc was never initialized. This triggers an immediate heap-
based buffer overflow:

$ skill -c0 -c0 -c0 -c0
Segmentation fault (core dumped)

Second problem: saved_argc was not the upper bound anyway, because one
argument can ENLIST() several times (for example, in parse_namespaces())
and overflow the array as well.

Third problem: integer overflow of the size of the array.
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
3f75d105b9 0026-skill: Fix double-increment of pid_count.
No need to "pid_count++;" because "ENLIST(pid," does it already. Right
now this can trigger a heap-based buffer overflow.

Also, remove the unneeded "pid_count = 0;" (it is static, and
skillsnice_parse() is called only once; and the other *_count variables
are not initialized explicitly either).
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
18efff2a1f 0024-skill: Always NULL-terminate argv.
The memmove() itself does not move the NULL-terminator, because nargs is
decremented first. Copy how skill_sig_option() does it: decrement nargs
last, and remove the "if (nargs - i)" (we are in "while (i < nargs)").
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
fa7ea000ce 0023-skill: Fix getline() usage.
man getline: "If *lineptr is set to NULL and *n is set 0 before the
call, then getline() will allocate a buffer for storing the line. This
buffer should be freed by the user program even if getline() failed."
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
c704460c7d 0022-skill: Simplify the kill_main() loop.
Right now the "loop=0; break;" is never reached.
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
f69d54f05b 0021-pwdx: Fix a misleading comment.
It sounds like an off-by-one, but the code itself is correct.
2018-06-23 21:59:14 +10:00