f44fe715bd
The SECURE_ESCAPE_ARGS() macro solves several potential problems (although we found no problematic calls to the escape*() functions in procps's code-base, but had to thoroughly review every call; and this is library code): 1/ off-by-one overflows if the size of the destination buffer is 0; 2/ buffer overflows if this size (or "maxroom") is negative; 3/ integer overflows (for example, "*maxcells+1"); 4/ always null-terminate the destination buffer (unless its size is 0). ---------------------------- adapted for newlib branch . formerly applied to proc/escape.c . function was moved to ps/output.c Signed-off-by: Jim Warner <james.warner@comcast.net> |
||
|---|---|---|
| .. | ||
| common.h | ||
| COPYING | ||
| display.c | ||
| global.c | ||
| HACKING | ||
| help.c | ||
| output.c | ||
| parser.c | ||
| ps.1 | ||
| regression | ||
| select.c | ||
| sortformat.c | ||
| stacktrace.c | ||