procps/proc
Qualys Security Advisory 7efa102248 proc/escape.c: Prevent buffer overflows in escape_command().
This solves several problems:

1/ outbuf[1] was written to, but not outbuf[0], which was left
uninitialized (well, SECURE_ESCAPE_ARGS() already fixes this, but do it
explicitly as well); we know it is safe to write one byte to outbuf,
because SECURE_ESCAPE_ARGS() guarantees it.

2/ If bytes was 1, the write to outbuf[1] was an off-by-one overflow.

3/ Do not call escape_str() with a 0 bufsize if bytes == overhead.

4/ Prevent various buffer overflows if bytes <= overhead.
2018-05-19 07:32:21 +10:00
..
alloc.c proc/alloc.*: Use size_t, not unsigned int. 2018-05-19 07:32:21 +10:00
alloc.h proc/alloc.*: Use size_t, not unsigned int. 2018-05-19 07:32:21 +10:00
COPYING miscellaneous: clean up trailing whitespace once again 2013-04-07 18:05:01 +10:00
devname.c proc/devname.c: Never write more than "chop" (part 2). 2018-05-19 07:32:21 +10:00
devname.h Change restrict to __restrict in public includes 2012-01-09 21:44:51 +11:00
escape.c proc/escape.c: Prevent buffer overflows in escape_command(). 2018-05-19 07:32:21 +10:00
escape.h Change restrict to __restrict in public includes 2012-01-09 21:44:51 +11:00
fprocopen.3 docs: Change name of fprocopen man page 2018-02-28 21:24:03 +11:00
libprocps.pc.in Renaming libprocfs to libprocps 2011-12-23 09:18:43 +11:00
libprocps.sym sysctl: Bring procio functions out of library 2018-03-01 21:25:04 +11:00
numa.c library: set stage for NUMA node field display support 2017-05-22 21:34:32 +10:00
numa.h library: build on non-glibc systems 2018-04-10 21:28:11 +10:00
openproc.3 documentation: fix man pages due to refactor for wchan 2015-06-19 19:09:21 +10:00
procps-private.h library: Change linux version 2015-06-19 21:00:46 +10:00
procps.h library: relocate the typedef used in alloc.h override 2017-12-23 17:41:37 +11:00
pwcache.c library: rename clashing pwcache functions 2016-07-06 22:26:02 +10:00
pwcache.h library: rename clashing pwcache functions 2016-07-06 22:26:02 +10:00
readproc.3 misc: result after checking all files for misspellings 2014-08-08 22:14:21 +02:00
readproc.c proc/readproc.c: Add checks to get_ns_name() and get_ns_id(). 2018-05-19 07:32:21 +10:00
readproc.h library: avoid QUICK_THREADS, swat Redhat bug #1284091 2016-07-09 13:23:27 +10:00
readproctab.3 misc: result after checking all files for misspellings 2014-08-08 22:14:21 +02:00
sig.c proc/sig.c: Harden print_given_signals(). 2018-05-19 07:32:21 +10:00
sig.h Change restrict to __restrict in public includes 2012-01-09 21:44:51 +11:00
slab.c proc/slab.c: Initialize struct slab_info in get_slabnode(). 2018-05-19 07:32:21 +10:00
slab.h proc/slab.h: Fix off-by-one overflow in sscanf(). 2018-05-19 07:32:21 +10:00
sysinfo.c proc/sysinfo.c: Fix off-by-one in get_pid_digits(). 2018-05-19 07:32:21 +10:00
sysinfo.h - Fixing sysinfo - devices with length exceeding 15 chars are not displayed in vmstat -d 2016-06-30 18:29:50 +02:00
version.c miscellaneous: remove some trailing whitespace buildup 2015-06-20 07:46:23 +10:00
version.h proc/version.h: Protect parameter in LINUX_VERSION() macro. 2018-05-19 07:32:21 +10:00
wchan.c misc: remove some trailing whitespace newly introduced 2016-12-07 21:50:59 +11:00
wchan.h library: refactor and rely on modern kernels for wchan 2015-06-19 19:09:20 +10:00
whattime.c proc/whattime.c: Always initialize buf. 2018-05-19 07:32:21 +10:00
whattime.h Add -p|--pretty option to uptime(1) for pretty output. 2012-02-22 10:35:12 -05:00