0058-ps/output.c: Replace strcpy() with snprintf() in show_one_proc().

This strcpy() should normally not overflow outbuf, but names can be overridden (via -o). Also, check "amount" in all cases. ---------------------------- adapted for newlib branch . we don't use that 'likely/unlikely' crap in newlib Signed-off-by: Jim Warner <james.warner@comcast.net>
1970-01-01 00:00:00 +00:00 · 1970-01-01 00:00:00 +00:00 · d9eb77bd68
commit d9eb77bd68
parent 15c7fa7aba
1 changed files with 4 additions and 1 deletions
--- a/ps/output.c
+++ b/ps/output.c
@ -1950,7 +1950,10 @@ void show_one_proc(const proc_t *restrict const p, const format_node *restrict f

    /* prepare data and calculate leftpad */
    if(p && fmt->pr) amount = (*fmt->pr)(outbuf,p);
-    else amount = strlen(strcpy(outbuf, fmt->name)); /* AIX or headers */
+    else amount = snprintf(outbuf, OUTBUF_SIZE, "%s", fmt->name); /* AIX or headers */
+
+    if(amount < 0) outbuf[amount = 0] = '\0';
+    else if(amount >= OUTBUF_SIZE) outbuf[amount = OUTBUF_SIZE-1] = '\0';

    switch((fmt->flags) & CF_JUST_MASK){
    case 0:  /* for AIX, assigned outside this file */