From d28f3f28aa9d1e631b3872953fb311e8e521976b Mon Sep 17 00:00:00 2001
From: Jim Warner <james.warner@comcast.net>
Date: Sat, 15 Feb 2020 00:00:00 -0600
Subject: [PATCH] top: restore configuration file backward compatibility

The Debian bug referenced below has nothing to do with
locales. In fact, top was made locale independent back
in release 3.3.13 (April, 2018). However, that bug did
reveal some misplaced logic which this patch corrects.

Prompted by the Qualys audit, all rcfile field strings
were checked for potential duplicates which could only
have resulted from some user's manual/malicious edits.

Unfortunately, that code was executed before top had a
chance to enforce the proper/maximum string length (in
the event an extremely old rcfile had just been read).
This created some potential string overrun references.

In top's original 3.3.15 implementation, the potential
overrun extended for 15 characters. That is the number
of field characters added with 3.3.9 (December, 2013).
But, since strchr() was used, no error exit was taken.

In the revised 3.3.16 implementation, the strchr() was
replaced with '&w->rc.fieldscur[n]'. This held overrun
to a single position while producing an error message.

So, this commit just moves that logic to a point where
fieldscur is guaranteed to be longer than EU_MAXPFLGS.

Reference(s):
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951335
. revised 3.3.16 validation logic
commit 775223a8174cdede123199a67372dc207a2dbdc2
. original 3.3.15 validation logic
commit 085351a0ee9e7abcaca499dbc1d6444cfa9c9da9

Signed-off-by: Jim Warner <james.warner@comcast.net>
---
 top/top.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/top/top.c b/top/top.c
index af83835a..6df2324b 100644
--- a/top/top.c
+++ b/top/top.c
@@ -3518,11 +3518,6 @@ static const char *configs_file (FILE *fp, const char *name, float *delay) {
  // too bad fscanf is not as flexible with his format string as snprintf
  #error Hey, fix the above fscanf 'PFLAGSSIZ' dependency !
 #endif
-      // ensure there's been no manual alteration of fieldscur
-      for (n = 0 ; n < EU_MAXPFLGS; n++) {
-         if (&w->rc.fieldscur[n] != strrchr(w->rc.fieldscur, w->rc.fieldscur[n]))
-            return p;
-      }
       // be tolerant of missing release 3.3.10 graph modes additions
       if (3 > fscanf(fp, "\twinflags=%d, sortindx=%d, maxtasks=%d, graph_cpus=%d, graph_mems=%d\n"
          , &w->rc.winflags, &w->rc.sortindx, &w->rc.maxtasks, &w->rc.graph_cpus, &w->rc.graph_mems))
@@ -3568,6 +3563,11 @@ static const char *configs_file (FILE *fp, const char *name, float *delay) {
                   return p;
             break;
       }
+      // ensure there's been no manual alteration of fieldscur
+      for (n = 0 ; n < EU_MAXPFLGS; n++) {
+         if (&w->rc.fieldscur[n] != strrchr(w->rc.fieldscur, w->rc.fieldscur[n]))
+            return p;
+      }
 #ifndef USE_X_COLHDR
       OFFw(w, NOHIFND_xxx | NOHISEL_xxx);
 #endif