From 229be7b16056310b27611f54450d4dfb7a952495 Mon Sep 17 00:00:00 2001 From: Jim Warner Date: Tue, 22 Nov 2011 09:36:00 -0600 Subject: [PATCH] ps: exploit enhanced library memory allocation provisions There were numerous ps memory allocation inconsistencies. Some were checked for failure and others were not. The program was modified to utilize the library memory rouines which are consistent in dealing with errors. (a few changes simply removed trailing whitespace) --- ps/display.c | 7 ++++--- ps/global.c | 12 ++++++------ ps/parser.c | 28 +++++++++++++-------------- ps/sortformat.c | 51 +++++++++++++++++++++---------------------------- 4 files changed, 46 insertions(+), 52 deletions(-) diff --git a/ps/display.c b/ps/display.c index 74d1119b..d7bf5b5e 100644 --- a/ps/display.c +++ b/ps/display.c @@ -29,6 +29,7 @@ #include /* catch signals */ #include "common.h" +#include "../proc/alloc.h" #include "../proc/wchan.h" #include "../proc/version.h" #include "../proc/readproc.h" @@ -236,7 +237,7 @@ static void lists_and_needs(void){ format_node *p_end = &pfn; format_node *t_end = &tfn; while(walk){ - format_node *new = malloc(sizeof(format_node)); + format_node *new = xmalloc(sizeof(format_node)); memcpy(new,walk,sizeof(format_node)); p_end->next = walk; t_end->next = new; @@ -380,7 +381,7 @@ static void prep_forest_sort(void){ if(!sort_list) { /* assume start time order */ incoming = search_format_array("start_time"); if(!incoming) { fprintf(stderr, "Could not find start_time!\n"); exit(1); } - tmp_list = malloc(sizeof(sort_node)); + tmp_list = xmalloc(sizeof(sort_node)); tmp_list->reverse = 0; tmp_list->typecode = '?'; /* what was this for? */ tmp_list->sr = incoming->sr; @@ -391,7 +392,7 @@ static void prep_forest_sort(void){ /* this is required for the forest option */ incoming = search_format_array("ppid"); if(!incoming) { fprintf(stderr, "Could not find ppid!\n"); exit(1); } - tmp_list = malloc(sizeof(sort_node)); + tmp_list = xmalloc(sizeof(sort_node)); tmp_list->reverse = 0; tmp_list->typecode = '?'; /* what was this for? */ tmp_list->sr = incoming->sr; diff --git a/ps/global.c b/ps/global.c index f795e018..51512059 100644 --- a/ps/global.c +++ b/ps/global.c @@ -1,13 +1,13 @@ /* - * Copyright 1998-2002 by Albert Cahalan; all rights resered. + * Copyright 1998-2002 by Albert Cahalan; all rights resered. * This file may be used subject to the terms and conditions of the - * GNU Library General Public License Version 2, or any later version + * GNU Library General Public License Version 2, or any later version * at your option, as published by the Free Software Foundation. * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Library General Public License for more details. - */ + */ #include #include #include @@ -19,11 +19,11 @@ #include #include #include - #include "common.h" #include +#include "../proc/alloc.h" #include "../proc/wchan.h" #include "../proc/version.h" #include "../proc/sysinfo.h" @@ -234,7 +234,7 @@ static const char *set_personality(void){ if(sl > 15) return "Environment specified an unknown personality."; strncpy(buf, s, sl); buf[sl] = '\0'; - saved_personality_text = strdup(buf); + saved_personality_text = xstrdup(buf); found = bsearch(&findme, personality_table, personality_table_count, sizeof(personality_table_struct), compare_personality_table_structs @@ -361,7 +361,7 @@ void reset_global(void){ look_up_our_self(&p); set_screen_size(); set_personality(); - + all_processes = 0; bsd_c_option = 0; bsd_e_option = 0; diff --git a/ps/parser.c b/ps/parser.c index 70d94fe1..4fa8e4ad 100644 --- a/ps/parser.c +++ b/ps/parser.c @@ -26,6 +26,7 @@ #include #include "common.h" +#include "../proc/alloc.h" #include "../proc/version.h" #define ARG_GNU 0 @@ -173,11 +174,10 @@ static const char *parse_list(const char *arg, const char *(*parse_fn)(char *, s int need_item; const char *err; /* error code that could or did happen */ /*** prepare to operate ***/ - node = malloc(sizeof(selection_node)); - node->u = malloc(strlen(arg)*sizeof(sel_union)); /* waste is insignificant */ + node = xmalloc(sizeof(selection_node)); + node->u = xmalloc(strlen(arg)*sizeof(sel_union)); /* waste is insignificant */ node->n = 0; - buf = malloc(strlen(arg)+1); - strcpy(buf, arg); + buf = xstrdup(arg); /*** sanity check and count items ***/ need_item = 1; /* true */ items = 0; @@ -576,8 +576,8 @@ static const char *parse_bsd_option(void){ /* put our tty on a tiny list */ { selection_node *node; - node = malloc(sizeof(selection_node)); - node->u = malloc(sizeof(sel_union)); + node = xmalloc(sizeof(selection_node)); + node->u = xmalloc(sizeof(sel_union)); node->u[0].tty = cached_tty; node->typecode = SEL_TTY; node->n = 1; @@ -705,8 +705,8 @@ static const char *parse_bsd_option(void){ if(!arg){ /* Wow, obsolete BSD syntax. Put our tty on a tiny list. */ selection_node *node; - node = malloc(sizeof(selection_node)); - node->u = malloc(sizeof(sel_union)); + node = xmalloc(sizeof(selection_node)); + node->u = xmalloc(sizeof(sel_union)); node->u[0].tty = cached_tty; node->typecode = SEL_TTY; node->n = 1; @@ -1018,16 +1018,16 @@ static const char *parse_trailing_pids(void){ argp = ps_argv + thisarg; thisarg = ps_argc - 1; /* we must be at the end now */ - pidnode = malloc(sizeof(selection_node)); - pidnode->u = malloc(i*sizeof(sel_union)); /* waste is insignificant */ + pidnode = xmalloc(sizeof(selection_node)); + pidnode->u = xmalloc(i*sizeof(sel_union)); /* waste is insignificant */ pidnode->n = 0; - grpnode = malloc(sizeof(selection_node)); - grpnode->u = malloc(i*sizeof(sel_union)); /* waste is insignificant */ + grpnode = xmalloc(sizeof(selection_node)); + grpnode->u = xmalloc(i*sizeof(sel_union)); /* waste is insignificant */ grpnode->n = 0; - sidnode = malloc(sizeof(selection_node)); - sidnode->u = malloc(i*sizeof(sel_union)); /* waste is insignificant */ + sidnode = xmalloc(sizeof(selection_node)); + sidnode->u = xmalloc(i*sizeof(sel_union)); /* waste is insignificant */ sidnode->n = 0; while(i--){ diff --git a/ps/sortformat.c b/ps/sortformat.c index dec351e8..db803687 100644 --- a/ps/sortformat.c +++ b/ps/sortformat.c @@ -1,13 +1,13 @@ /* - * Copyright 1998-2004 by Albert Cahalan; all rights resered. + * Copyright 1998-2004 by Albert Cahalan; all rights resered. * This file may be used subject to the terms and conditions of the - * GNU Library General Public License Version 2, or any later version + * GNU Library General Public License Version 2, or any later version * at your option, as published by the Free Software Foundation. * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Library General Public License for more details. - */ + */ #include #include @@ -18,6 +18,7 @@ #include #include +#include "../proc/alloc.h" #include "../proc/readproc.h" #include "../proc/sysinfo.h" #include "common.h" @@ -38,7 +39,7 @@ static format_node *do_one_spec(const char *spec, const char *override){ if(fs){ int w1, w2; format_node *thisnode; - thisnode = malloc(sizeof(format_node)); + thisnode = xmalloc(sizeof(format_node)); if(fs->flags & CF_PIDMAX){ w1 = (int)get_pid_digits(); w2 = strlen(fs->head); @@ -49,12 +50,10 @@ static format_node *do_one_spec(const char *spec, const char *override){ if(override){ w2 = strlen(override); thisnode->width = (w1>w2)?w1:w2; - thisnode->name = malloc(strlen(override)+1); - strcpy(thisnode->name, override); + thisnode->name = xstrdup(override); }else{ thisnode->width = w1; - thisnode->name = malloc(strlen(fs->head)+1); - strcpy(thisnode->name, fs->head); + thisnode->name = xstrdup(fs->head); } thisnode->pr = fs->pr; thisnode->need = fs->need; @@ -101,7 +100,7 @@ static void O_wrap(sf_node *sfn, int otype){ if(!fnode)fprintf(stderr,"Seriously crashing. Goodbye cruel world.\n"); endp = sfn->f_cooked; while(endp->next) endp = endp->next; /* find end */ endp->next = fnode; - + fnode = do_one_spec(trailer,NULL); if(!fnode) { fprintf(stderr,"Seriously crashing. Goodbye cruel world.\n"); exit(1); } endp = fnode; while(endp->next) endp = endp->next; /* find end */ @@ -144,10 +143,9 @@ static const char *aix_format_parse(sf_node *sfn){ } /*** sanity check passed ***/ - buf = malloc(strlen(sfn->sf)+1); - strcpy(buf, sfn->sf); + buf = xstrdup(sfn->sf); walk = sfn->sf; - + while(items--){ format_node *fnode; /* newly allocated */ format_node *endp; /* for list manipulation */ @@ -178,17 +176,16 @@ double_percent: } buf[len] = '\0'; walk += len; - fnode = malloc(sizeof(format_node)); + fnode = xmalloc(sizeof(format_node)); fnode->width = len; - fnode->name = malloc(len+1); - strcpy(fnode->name, buf); + fnode->name = xstrdup(buf); fnode->pr = NULL; /* checked for */ fnode->need = 0; fnode->vendor = AIX; fnode->flags = CF_PRINT_EVERY_TIME; fnode->next = NULL; } - + endp = fnode; while(endp->next) endp = endp->next; /* find end */ endp->next = sfn->f_cooked; sfn->f_cooked = fnode; @@ -215,9 +212,8 @@ static const char *format_parse(sf_node *sfn){ static char errbuf[80]; /* for variable-text error message */ /*** prepare to operate ***/ - buf = malloc(strlen(sfn->sf)+1); - strcpy(buf, sfn->sf); - + buf = xstrdup(sfn->sf); + /*** sanity check and count items ***/ need_item = 1; /* true */ items = 0; @@ -331,7 +327,7 @@ static sort_node *do_one_sort_spec(const char *spec){ fs = search_format_array(spec); if(fs){ sort_node *thisnode; - thisnode = malloc(sizeof(sort_node)); + thisnode = xmalloc(sizeof(sort_node)); thisnode->sr = fs->sr; thisnode->need = fs->need; thisnode->reverse = reverse; @@ -355,9 +351,8 @@ static const char *long_sort_parse(sf_node *sfn){ int need_item; /*** prepare to operate ***/ - buf = malloc(strlen(sfn->sf)+1); - strcpy(buf, sfn->sf); - + buf = xstrdup(sfn->sf); + /*** sanity check and count items ***/ need_item = 1; /* true */ items = 0; @@ -560,9 +555,8 @@ int defer_sf_option(const char *arg, int source){ const format_struct *fs; int need_item = 1; - sfn = malloc(sizeof(sf_node)); - sfn->sf = malloc(strlen(arg)+1); - strcpy(sfn->sf, arg); + sfn = xmalloc(sizeof(sf_node)); + sfn->sf = xstrdup(arg); sfn->sf_code = source; sfn->s_cooked = NULL; sfn->f_cooked = NULL; @@ -685,10 +679,9 @@ static const char *generate_sysv_list(void){ if( (format_flags & FF_Ul) && !(format_modifiers & FM_y) ){ if(personality & PER_IRIX_l){ /* add "rss" then ':' here */ PUSH("sgi_rss"); - fn = malloc(sizeof(format_node)); + fn = xmalloc(sizeof(format_node)); fn->width = 1; - fn->name = malloc(2); - strcpy(fn->name, ":"); + fn->name = xstrdup(":"); fn->pr = NULL; /* checked for */ fn->need = 0; fn->vendor = AIX; /* yes, for SGI weirdness */