procps/proc
Qualys Security Advisory d9c0a3e36f 0075-proc/readproc.c: Harden read_unvectored().
1/ Prevent an out-of-bounds write if sz is 0.

2/ Limit sz to INT_MAX, because the return value is an int, not an
unsigned int (and because if INT_MAX is equal to SSIZE_MAX, man 2 read
says "If count is greater than SSIZE_MAX, the result is unspecified.")

3/ Always null-terminate dst (unless sz is 0), because a return value of
0 because of an open() error (for example) is indistinguishable from a
return value of 0 because of an empty file.

4/ Use an unsigned int for i (just like n), not an int.

5/ Check for snprintf() truncation.

---------------------------- adapted for newlib branch
. adapted via 'patch (without rejections)

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-06-09 21:35:19 +10:00
..
.gitignore tests: update template and add pids 2016-04-19 21:33:02 +10:00
COPYING miscellaneous: clean up trailing whitespace once again 2013-04-07 18:05:01 +10:00
devname.c 0040-proc/devname.c: Never write more than "chop" (part 2). 2018-06-09 21:35:19 +10:00
devname.h library: eliminate inappropriate '__BEGIN_DECLS' macro 2018-05-06 07:19:38 +10:00
diskstats.c library: delete some obsolete parameter checking logic 2017-12-20 21:18:54 +11:00
diskstats.h library: replace the troublesome '__BEGIN_DECLS' macro 2018-05-06 07:19:38 +10:00
escape.c 0051-proc/escape.c: Prevent buffer overflows in escape_command(). 2018-06-09 21:35:19 +10:00
escape.h library: eliminate inappropriate '__BEGIN_DECLS' macro 2018-05-06 07:19:38 +10:00
libprocps.pc.in Renaming libprocfs to libprocps 2011-12-23 09:18:43 +11:00
libprocps.sym library: provide for validating result type references 2016-08-07 21:40:48 +10:00
meminfo.c library: delete some obsolete parameter checking logic 2017-12-20 21:18:54 +11:00
meminfo.h library: replace the troublesome '__BEGIN_DECLS' macro 2018-05-06 07:19:38 +10:00
namespace.c library: ensure 'namespace' types treated consistently 2017-01-04 08:29:44 +11:00
namespace.h library: replace the troublesome '__BEGIN_DECLS' macro 2018-05-06 07:19:38 +10:00
numa.c library: set stage for NUMA node field display support 2017-05-22 21:38:10 +10:00
numa.h library: eliminate inappropriate '__BEGIN_DECLS' macro 2018-05-06 07:19:38 +10:00
pids.c library: expanded to provide for the UID used at login 2018-02-19 20:33:59 +11:00
pids.h library: replace the troublesome '__BEGIN_DECLS' macro 2018-05-06 07:19:38 +10:00
procps-private.h library: please keep procps-private.h free of #include 2016-06-11 11:50:37 +10:00
procps.h library: provide for validating result type references 2016-08-07 21:40:48 +10:00
pwcache.c library: eliminate all dependencies on alloc.h/alloc.c 2017-12-20 21:18:53 +11:00
pwcache.h library: eliminate inappropriate '__BEGIN_DECLS' macro 2018-05-06 07:19:38 +10:00
readproc.c 0075-proc/readproc.c: Harden read_unvectored(). 2018-06-09 21:35:19 +10:00
readproc.h library: eliminate inappropriate '__BEGIN_DECLS' macro 2018-05-06 07:19:38 +10:00
slabinfo.c 0042-proc/slab.h: Fix off-by-one overflow in sscanf(). 2018-06-09 21:35:19 +10:00
slabinfo.h library: replace the troublesome '__BEGIN_DECLS' macro 2018-05-06 07:19:38 +10:00
stat.c library: delete some obsolete parameter checking logic 2017-12-20 21:18:54 +11:00
stat.h library: replace the troublesome '__BEGIN_DECLS' macro 2018-05-06 07:19:38 +10:00
sysinfo.c library: eliminate all dependencies on alloc.h/alloc.c 2017-12-20 21:18:53 +11:00
sysinfo.h library: replace the troublesome '__BEGIN_DECLS' macro 2018-05-06 07:19:38 +10:00
test_namespace.c tests: update template and add pids 2016-04-19 21:33:02 +10:00
test_pids.c related: change for lost 'PROCPS_' enumerator prefixes 2016-07-26 20:49:44 +10:00
test_sysinfo.c tests: update template and add pids 2016-04-19 21:33:02 +10:00
test_uptime.c library: procps_uptime() return value is a status 2016-05-01 16:50:25 +10:00
test_version.c library: Fix LINUX_VERSION macro 2016-05-01 17:46:25 +10:00
uptime.c 0047-proc/whattime.c: Always initialize buf. 2018-06-09 21:35:19 +10:00
uptime.h library: replace the troublesome '__BEGIN_DECLS' macro 2018-05-06 07:19:38 +10:00
version.c miscellaneous: remove some trailing whitespace buildup 2015-06-20 07:46:23 +10:00
version.h library: replace the troublesome '__BEGIN_DECLS' macro 2018-05-06 07:19:38 +10:00
vmstat.c library: delete some obsolete parameter checking logic 2017-12-20 21:18:54 +11:00
vmstat.h library: replace the troublesome '__BEGIN_DECLS' macro 2018-05-06 07:19:38 +10:00
wchan.c library: don't strip off prefixes from the wchan names 2016-12-07 22:07:00 +11:00
wchan.h library: eliminate inappropriate '__BEGIN_DECLS' macro 2018-05-06 07:19:38 +10:00
xtra-procps-debug.h library: strengthen the VAL macro validation functions 2016-08-08 22:01:37 +10:00