1/ Prevent an integer overflow of t.
2/ Avoid an infinite loop if s contains characters other than comma,
spaces, +, -, and digits.
3/ Handle all possible return values of snprintf().
---------------------------- adapted for newlib branch
. we can't use xrealloc(), so we use realloc() instead
. and must account for a mem failure via a return of 1
Signed-off-by: Jim Warner <james.warner@comcast.net>
1/ Do not read past the terminating null byte when hashing the name.
2/ S[x] is used as an index, but S is "char *S" (signed) and hence may
index the array out-of-bounds. Bit-mask S[x] with 127 (the array has 128
entries).
3/ Use a size_t for j, not an int (strlen() returns a size_t).
Notes:
- These are (mostly) theoretical problems, because the contents of
/proc/PID/status are (mostly) trusted.
- The "name" member of the status_table_struct has 8 bytes, and
"RssShmem" occupies exactly 8 bytes, which means that "name" is not
null-terminated. This is fine right now, because status2proc() uses
memcmp(), not strcmp(), but it is worth mentioning.
---------------------------- adapted for newlib branch
. newlib doesn't use that 'unlikely' crap
. newlib also had a '#ifdef FALSE_THREADS'
Signed-off-by: Jim Warner <james.warner@comcast.net>
This function is unused (SIGNAL_STRING is defined by default, and if it
is not, procps does not compile -- for example, there is no "outbuf" in
help_pr_sig()) but fix it anyway. There are two bugs:
- it accepts non-hexadecimal characters (anything >= 0x30);
- "(c - (c>0x57) ? 0x57 : 0x30)" is always equal to 0x57.
---------------------------- adapted for newlib branch
. newlib doesn't use that 'unlikely' crap
Signed-off-by: Jim Warner <james.warner@comcast.net>
This solves several problems:
1/ outbuf[1] was written to, but not outbuf[0], which was left
uninitialized (well, SECURE_ESCAPE_ARGS() already fixes this, but do it
explicitly as well); we know it is safe to write one byte to outbuf,
because SECURE_ESCAPE_ARGS() guarantees it.
2/ If bytes was 1, the write to outbuf[1] was an off-by-one overflow.
3/ Do not call escape_str() with a 0 bufsize if bytes == overhead.
4/ Prevent various buffer overflows if bytes <= overhead.
Simply rearrange the old comparisons. The new comparisons are safe,
because we know from previous checks that:
1/ wlen > 0
2/ my_cells < *maxcells (also: my_cells >= 0 and *maxcells > 0)
3/ len > 1
4/ my_bytes+1 < bufsize (also: my_bytes >= 0 and bufsize > 0)
This should never happen, because wcwidth() is called only if iswprint()
returns nonzero. But belt-and-suspenders, and make it visually clear
(very important for the next patch).
The SECURE_ESCAPE_ARGS() macro solves several potential problems
(although we found no problematic calls to the escape*() functions in
procps's code-base, but had to thoroughly review every call; and this is
library code):
1/ off-by-one overflows if the size of the destination buffer is 0;
2/ buffer overflows if this size (or "maxroom") is negative;
3/ integer overflows (for example, "*maxcells+1");
4/ always null-terminate the destination buffer (unless its size is 0).
---------------------------- adapted for newlib branch
. the escape.c now has just a single exported function
. thus SECURE_ESCAPE_ARGS() is needed in only 2 places
. unlike that original patch, macro is executed 1 time
( not like 'escape_command' calling 'escape_strlist' )
( which might then call 'escape_str' multiple times! )
Signed-off-by: Jim Warner <james.warner@comcast.net>
In the human_readable case; otherwise the strcat() that follows may
append bytes to the previous contents of buf.
Also, slightly enlarge buf, as it was a bit too tight.
Could also replace all sprintf()s with snprintf()s, but all the calls
here output a limited number of characters, so they should be safe.
---------------------------- adapted for newlib branch
. the source file is now proc/uptime.c
. function is now named 'procps_uptime_sprint()'
. new human readable function 'procps_uptime_sprint_short()'
. both were already initialized, so just raised size of 2 buffers
Signed-off-by: Jim Warner <james.warner@comcast.net>
In proc/slab.c, functions parse_slabinfo20() and parse_slabinfo11(),
sscanf() might overflow curr->name, because "String input conversions
store a terminating null byte ('\0') to mark the end of the input; the
maximum field width does not include this terminator."
Add one byte to name[] for this terminator.
---------------------------- adapted for newlib branch
. file is now proc/slabinfo.c (not .h)
. manifest constant renamed SLABINFO_NAME_LEN
. older parse_slabinfo11() function no longer present
Signed-off-by: Jim Warner <james.warner@comcast.net>
And signal_name_to_number().
---------------------------- adapted for newlib branch
. file has been moved to: lib/signals.c
. only 'signal_name_to_number()' was impacted
. function 'print_given_signals()' no longer exists
. thus the bulk of original patch no longer applicable
Signed-off-by: Jim Warner <james.warner@comcast.net>
Do not memleak "copy" in case of an error.
Do not use "sizeof(converted)" in snprintf(), since "converted" is a
"char *" (luckily, 8 >= sizeof(char *)). Also, remove "sizeof(char)"
which is guaranteed to be 1 by the C standard, and replace 8 with 12,
which is enough to hold any stringified int and does not consume more
memory (in both cases, the glibc malloc()ates a minimum-sized chunk).
---------------------------- adapted for newlib branch
. no longer in library, logic now found in lib/signals.c
. craig already addressed "copy" memleak in commit beloww
Reference(s):
commit d2df396ba9
Signed-off-by: Jim Warner <james.warner@comcast.net>
sig.c had this odd logic where on non-Hurd systems it would undefine
SIGLOST. Fine for Hurd or amd64 Linux systems. Bad for a sparc which
has SIGLOST defined *and* is not Hurd.
Just check its defined, its much simpler.
--------------- Original Master Branch Commit Message:
Some non-glibc systems didn't have libio.h or __BEGIN_DECLS
Changes to make it more standard.
References:
issue #88
Signed-off-by: Jim Warner <james.warner@comcast.net>
--------------- Original Master Branch Commit Message:
This reverts commit dcb6914f11.
This commit broke a lot of scripts that were expecting to see all
programs. See #91
Signed-off-by: Jim Warner <james.warner@comcast.net>
--------------- Original Master Branch Commit Message:
If pgrep is run with a non-program name match and there are
no matches, it segfaults.
The testsuite thinks zero bytes sent, and zero bytes sent
because the program crashed is the same :/
References:
commit 1aacf4af7fhttps://bugs.debian.org/894917
Signed-off-by: Jim Warner <james.warner@comcast.net>
--------------- Original Master Branch Commit Message:
Update NEWS with the version
Add library API change into NEWS
Update c:r:a for library to 7:0:1
This means the current and age are incremented, so old programs can
use new library but not vice-versa as they won't have the numa*
functions.
Signed-off-by: Jim Warner <james.warner@comcast.net>
--------------- Original Master Branch Commit Message:
pidof will miss scripts that are run a certain way due to how
they appear in procfs. This is just a note to say it might miss
them.
References:
procps-ng/procps#17
Signed-off-by: Jim Warner <james.warner@comcast.net>
--------------- Original Master Branch Commit Message:
Hurd doesn't have HOST_NAME_MAX, neither does Solaris.
An early fix just checked for this value and used 64 instead.
This change uses sysconf which is the correct method, possibly until
this compiles on some mis-behaving OS which doesn't have this value.
References:
commit e564ddcb01procps-ng/procps#54
Signed-off-by: Jim Warner <james.warner@comcast.net>
--------------- Original Master Branch Commit Message:
Changed "a variables" to "the given variable(s)"
References:
procps-ng/procps#84
Signed-off-by: Jim Warner <james.warner@comcast.net>
--------------- Original Master Branch Commit Message:
The manual page for watch for the exec option was confusing and
backwards. Hopefully this one makes more sense.
References:
procps-ng/procps#75
Signed-off-by: Jim Warner <james.warner@comcast.net>
When 'newlib' was introduced, in the commit referenced
below, the use of that glibc '__BEGIN_DECLS' macro was
standardized. However, as issue #88 revealed, this may
result in a fatal build error with other environments.
So, this patch just trades that macro for the standard
'#ifdef __cplusplus' conventions (thus avoiding use of
all those '#include <features.h>' directives as well).
Reference(s):
. newlib introduced
commit a410e236ab
. procps-ng-3.3.13 issue
https://gitlab.com/procps-ng/procps/issues/88
. some additional discussion
https://www.freelists.org/post/procps/PATCH-Replace-glibcspecific-macros-in-procnumah,1
. musl wiki (see: sys/cdefs.h error messages)
https://wiki.musl-libc.org/faq.html
Signed-off-by: Jim Warner <james.warner@comcast.net>
This patch simply eliminates that glibc specific macro
from all header files which contain no public callable
functions. After all, if user code can't link to them,
then protection from C++ name mangling is unnecessary.
[ we also remove any related '#include <features.h>' ]
Signed-off-by: Jim Warner <james.warner@comcast.net>
The only essential change was substituting 'comma' for
the word 'colon' in the man page plus program comment.
Signed-off-by: Jim Warner <james.warner@comcast.net>
Duplicate that <libio.h> change made in master branch.
While we're at it, let's remove an unnecessary include
from procio.h and reflect in its single prototype what
those 'const char *' params are really supposed to be.
Signed-off-by: Jim Warner <james.warner@comcast.net>
Now that the procio logic was removed from the library
we must move the header file, lest we break make dist.
In the process, we will relocate that source file too.
[ we'll take a slightly different approach than that ]
[ used under the master branch by exploiting those 2 ]
[ non-library directories 'include' and 'lib', while ]
[ avoiding any sysctl hard coded function prototype. ]
Signed-off-by: Jim Warner <james.warner@comcast.net>
By default pgrep/pkill should not kill processes in a namespace it is not
part of. If this is allowed, it allows callers to break namespaces they did
not expect to affect, requiring rewrite of all callers to fix.
So by default, we should work in the current namespace. If --ns 0 is
specified, they we look at all namespaces, and if any other pid is specified
we continue to look in only that namespace.
Signed-off-by: Debabrata Banerjee <dbanerje@akamai.com>
References:
procps-ng/procps!41
With a little luck, this should be the final tweak for
our support of extra wide characters. Currently, those
characters don't always display the '+' indicator when
they've been truncated. Now, it should always be seen.
[ plus it's done a tad more efficiently via snprintf ]
Signed-off-by: Jim Warner <james.warner@comcast.net>
The previous commit had one minor bug in it because the fields need
to be alphabetical and times comes after timeout.
Added NEWS item for this feature
Added another testsuite check for new flags in case they
disappear or go strange one day.
References:
commit 8a94ed6111
These format specifiers are to time & cputime what etimes is to etime.
Signed-off-by: Sébastien Bigaret <sebastien.bigaret@telecom-bretagne.eu>
References:
procps-ng/procps!43
I frequency use pidof command with strace system call tracer.
strace can trace MULTIPLE processes specified with "-p $PID"
arguments like:
strace -p 1 -p 1030 -p 3043
Sometimes I want to do as following
strace -p $(pidof httpd)
However, above command line doesn't work because -p option
is needed for specifying a pid. pidof uses a whitespace as
a separator. For passing the output to strace, the separator
should be replaced with ' -p '.
This maybe not a special to my use case.
This commit introduces -S option that allows a user to specify a
separator the one wants.
$ ./pidof bash
./pidof bash
24624 18790 12786 11898 11546 10766 7654 5095
$ ./pidof -S ',' bash
./pidof -S ',' bash
24624,18790,12786,11898,11546,10766,7654,5095
$ ./pidof -S '-p ' bash
./pidof -S '-p ' bash
24624-p 18790-p 12786-p 11898-p 11546-p 10766-p 7654-p 5095
$ ./pidof -S ' -p ' bash
./pidof -S ' -p ' bash
24624 -p 18790 -p 12786 -p 11898 -p 11546 -p 10766 -p 7654 -p 5095
$ strace -p $(./pidof -S ' -p ' bash)
strace -p $(./pidof -S ' -p ' bash)
strace: Process 24624 attached
strace: Process 18790 attached
strace: Process 12786 attached
...
Signed-off-by: Masatake YAMATO <yamato@redhat.com>
The procio functions that were in the library have been
moved into sysctl. sysctl is not linked to libprocps in
newlib and none of the other procps binaries would need
to read/write large data to the procfs.
References:
be6b048a41
thereby use one allocated buffer for I/O which now might
be increased by the stdio function getline(3) on the
file if required.
Signed-off-by: Werner Fink <werner@suse.de>
to be able to read and write large buffers below /proc.
The buffers and file offsets are handled dynamically
on the required buffer size at read, that is lseek(2)
is used to determine this size. Large buffers at
write are split at a delimeter into pieces and also
lseek(2) is used to write each of them.
Signed-off-by: Werner Fink <werner@suse.de>
by using getline(3) to use a dynamically increased buffer
if required by the input found in sysctl configuration files.
Signed-off-by: Werner Fink <werner@suse.de>
