procps/proc at 7efa1022483d205bcfb392d810b05684ae21055d - procps - Project Segfault Git

emo/procps

History

Qualys Security Advisory 7efa102248 proc/escape.c: Prevent buffer overflows in escape_command().

This solves several problems:

1/ outbuf[1] was written to, but not outbuf[0], which was left
uninitialized (well, SECURE_ESCAPE_ARGS() already fixes this, but do it
explicitly as well); we know it is safe to write one byte to outbuf,
because SECURE_ESCAPE_ARGS() guarantees it.

2/ If bytes was 1, the write to outbuf[1] was an off-by-one overflow.

3/ Do not call escape_str() with a 0 bufsize if bytes == overhead.

4/ Prevent various buffer overflows if bytes <= overhead.

2018-05-19 07:32:21 +10:00

..

alloc.c

proc/alloc.*: Use size_t, not unsigned int.

2018-05-19 07:32:21 +10:00

alloc.h

proc/alloc.*: Use size_t, not unsigned int.

2018-05-19 07:32:21 +10:00

COPYING

…

devname.c

proc/devname.c: Never write more than "chop" (part 2).

2018-05-19 07:32:21 +10:00

devname.h

…

escape.c

proc/escape.c: Prevent buffer overflows in escape_command().

2018-05-19 07:32:21 +10:00

escape.h

…

fprocopen.3

docs: Change name of fprocopen man page

2018-02-28 21:24:03 +11:00

libprocps.pc.in

…

libprocps.sym

sysctl: Bring procio functions out of library

2018-03-01 21:25:04 +11:00

numa.c

library: set stage for NUMA node field display support

2017-05-22 21:34:32 +10:00

numa.h

library: build on non-glibc systems

2018-04-10 21:28:11 +10:00

openproc.3

documentation: fix man pages due to refactor for wchan

2015-06-19 19:09:21 +10:00

procps-private.h

library: Change linux version

2015-06-19 21:00:46 +10:00

procps.h

library: relocate the typedef used in alloc.h override

2017-12-23 17:41:37 +11:00

pwcache.c

library: rename clashing pwcache functions

2016-07-06 22:26:02 +10:00

pwcache.h

library: rename clashing pwcache functions

2016-07-06 22:26:02 +10:00

readproc.3

misc: result after checking all files for misspellings

2014-08-08 22:14:21 +02:00

readproc.c

proc/readproc.c: Add checks to get_ns_name() and get_ns_id().

2018-05-19 07:32:21 +10:00

readproc.h

library: avoid QUICK_THREADS, swat Redhat bug #1284091

2016-07-09 13:23:27 +10:00

readproctab.3

misc: result after checking all files for misspellings

2014-08-08 22:14:21 +02:00

sig.c

proc/sig.c: Harden print_given_signals().

2018-05-19 07:32:21 +10:00

sig.h

…

slab.c

proc/slab.c: Initialize struct slab_info in get_slabnode().

2018-05-19 07:32:21 +10:00

slab.h

proc/slab.h: Fix off-by-one overflow in sscanf().

2018-05-19 07:32:21 +10:00

sysinfo.c

proc/sysinfo.c: Fix off-by-one in get_pid_digits().

2018-05-19 07:32:21 +10:00

sysinfo.h

- Fixing sysinfo - devices with length exceeding 15 chars are not displayed in vmstat -d

2016-06-30 18:29:50 +02:00

version.c

miscellaneous: remove some trailing whitespace buildup

2015-06-20 07:46:23 +10:00

version.h

proc/version.h: Protect parameter in LINUX_VERSION() macro.

2018-05-19 07:32:21 +10:00

wchan.c

misc: remove some trailing whitespace newly introduced

2016-12-07 21:50:59 +11:00

wchan.h

library: refactor and rely on modern kernels for wchan

2015-06-19 19:09:20 +10:00

whattime.c

proc/whattime.c: Always initialize buf.

2018-05-19 07:32:21 +10:00

whattime.h

…