emo/procps
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

top: check sortindx risk exposure (not treat symptoms)

Browse Source 
Rather than validate the window's 'sortindx' each time
it was referenced (as was done in the patch below), we
now ensure the validity just once when the config file
is read. Thereafter, a running top will police bounds.

Reference(s):
. original qualys patch
0102-top-Check-sortindx.patch

Signed-off-by: Jim Warner <james.warner@comcast.net>
This commit is contained in:
Jim Warner 2018-06-02 00:00:00 -05:00 committed by Craig Small
parent e691cbaef4
commit ffee26c370
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
top/top.c
View File

@ -3213,6 +3213,8 @@ static int config_cvt (WIN_t *q) {
// lastly, we must adjust the old sort field enum... // lastly, we must adjust the old sort field enum...
x = q->rc.sortindx; x = q->rc.sortindx;
q->rc.sortindx = fields_src[x] - FLD_OFFSET; q->rc.sortindx = fields_src[x] - FLD_OFFSET;
if (q->rc.sortindx < 0 || q->rc.sortindx >= EU_MAXPFLGS)
return 1;
return 0; return 0;
} // end: config_cvt } // end: config_cvt
@ -3260,6 +3262,8 @@ error Hey, fix the above fscanf 'PFLAGSSIZ' dependency !
if (3 > fscanf(fp, "\twinflags=%d, sortindx=%d, maxtasks=%d, graph_cpus=%d, graph_mems=%d\n" if (3 > fscanf(fp, "\twinflags=%d, sortindx=%d, maxtasks=%d, graph_cpus=%d, graph_mems=%d\n"
, &w->rc.winflags, &w->rc.sortindx, &w->rc.maxtasks, &w->rc.graph_cpus, &w->rc.graph_mems)) , &w->rc.winflags, &w->rc.sortindx, &w->rc.maxtasks, &w->rc.graph_cpus, &w->rc.graph_mems))
return p; return p;
if (w->rc.sortindx < 0 || w->rc.sortindx >= EU_MAXPFLGS)
return p;
if (w->rc.graph_cpus < 0 || w->rc.graph_cpus > 2) if (w->rc.graph_cpus < 0 || w->rc.graph_cpus > 2)
return p; return p;
if (w->rc.graph_mems < 0 || w->rc.graph_mems > 2) if (w->rc.graph_mems < 0 || w->rc.graph_mems > 2)