From 434530a038023f2e2fcb0a9b7341cbdefc08baef Mon Sep 17 00:00:00 2001 From: Jim Warner Date: Thu, 24 May 2018 00:00:00 -0500 Subject: [PATCH] top: prevent buffer overruns in 'inspection_utility()' When a Qualys patch was reverted as being unwarranted, 1 specific problem their patch had, in fact, prevented was re-introduced. This patch corrects that oversight. Reference(s): . qualys patch revert commit c5026787156d23512487ad9bbf540be7e3ee8de1 Signed-off-by: Jim Warner --- top/top.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/top/top.c b/top/top.c index 0c02201a..67779428 100644 --- a/top/top.c +++ b/top/top.c @@ -3468,8 +3468,8 @@ static void inspection_utility (int pid) { Inspect.tab[sel].caps = "~4"; dst[0] = '\0'; \ for (i = 0; i < Inspect.total; i++) { char _s[SMLBUFSIZ]; \ snprintf(_s, sizeof(_s), " %s %s", Inspect.tab[i].name, Inspect.tab[i].caps); \ - strcat(dst, _s); } } - char sels[MEDBUFSIZ]; + strncat(dst, _s, (sizeof(dst) - 1) - strlen(dst)); } } + char sels[SCREENMAX]; static int sel; int i, key; proc_t *p;