packages/procps-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Package init

Browse Source
This commit is contained in:
dogsheng 2019-12-25 17:13:31 +08:00
parent cab8695772
commit 9a72cbdc2a
24 changed files with 2455 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
Possible-segfault-in-file2strvec-introduced-by-lates.patch Normal file
View File

@ -0,0 +1,13 @@
diff --git a/proc/readproc.c b/proc/readproc.c
index 0f00231..b5fbbaa 100644
--- a/proc/readproc.c
+++ b/proc/readproc.c
@@ -714,7 +714,7 @@ static char** file2strvec(const char* directory, const char* what) {
#undef ARG_LEN
if (end_of_file &&
((n > 0 && buf[n-1] != '\0') || /* last read char not null */
- (n <= 0 && rbuf[tot-1] != '\0'))) /* last read char not null */
+ (n <= 0 && rbuf && rbuf[tot-1] != '\0'))) /* last read char not null */
buf[n++] = '\0'; /* so append null-terminator */
if (n <= 0) break; /* unneeded (end_of_file = 1) but avoid realloc */

36
README.en.md
View File

@ -1,36 +0,0 @@
# procps-ng
#### Description
{**When you're done, you can delete the content in this README and update the file with details for others getting started with your repository**}
#### Software Architecture
Software architecture description
#### Installation
1. xxxx
2. xxxx
3. xxxx
#### Instructions
1. xxxx
2. xxxx
3. xxxx
#### Contribution
1. Fork the repository
2. Create Feat_xxx branch
3. Commit your code
4. Create Pull Request
#### Gitee Feature
1. You can use Readme\_XXX.md to support different languages, such as Readme\_en.md, Readme\_zh.md
2. Gitee blog [blog.gitee.com](https://blog.gitee.com)
3. Explore open source project [https://gitee.com/explore](https://gitee.com/explore)
4. The most valuable open source project [GVP](https://gitee.com/gvp)
5. The manual of Gitee [https://gitee.com/help](https://gitee.com/help)
6. The most popular members [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/)

79
README.md
View File

@ -1,39 +1,52 @@
# procps-ng
[![build status](https://gitlab.com/ci/projects/2142/status.png?ref=master)](https://gitlab.com/ci/projects/2142?ref=master)
procps
======
#### 介绍
{**以下是码云平台说明,您可以替换此简介**
码云是 OSCHINA 推出的基于 Git 的代码托管平台(同时支持 SVN。专为开发者提供稳定、高效、安全的云端软件开发协作平台
无论是个人、团队、或是企业,都能够用码云实现代码托管、项目管理、协作开发。企业项目请看 [https://gitee.com/enterprises](https://gitee.com/enterprises)}
procps is a set of command line and full-screen utilities that provide
information out of the pseudo-filesystem most commonly located at /proc.
This filesystem provides a simple interface to the kernel data structures.
The programs of procps generally concentrate on the structures that describe
the processess running on the system.
#### 软件架构
软件架构说明
The following programs are found in procps:
* *free* - Report the amount of free and used memory in the system
* *kill* - Send a signal to a process based on PID
* *pgrep* - List processes based on name or other attributes
* *pkill* - Send a signal to a process based on name or other attributes
* *pmap* - Report memory map of a process
* *ps* - Report information of processes
* *pwdx* - Report current directory of a process
* *skill* - Obsolete version of pgrep/pkill
* *slabtop* - Display kernel slab cache information in real time
* *snice* - Renice a process
* *sysctl* - Read or Write kernel parameters at run-time
* *tload* - Graphical representation of system load average
* *top* - Dynamic real-time view of running processes
* *uptime* - Display how long the system has been running
* *vmstat* - Report virtual memory statistics
* *w* - Report logged in users and what they are doing
* *watch* - Execute a program periodically, showing output fullscreen
## Reporting Bugs
There are a few ways of reporting bugs or feature requests:
#### 安装教程
1. Your distributions bug reporter. If you are using a distribution your first
port of call is their bug tracker. This is because each distribution has their
own patches and way of dealing with bugs. Also bug reporting often does not need
any subscription to websites.
2. GitLab Issues - To the left of this page is the issue tracker. You can report
bugs here.
3. Email list - We have an email list (see below) where you can report bugs.
The problem with this method is bug reports often get lost and cannot be
tracked. This is especially a big problem when its something that will take
time to resolve.
1. xxxx
2. xxxx
3. xxxx
If you need to report bugs, there is more details on the
[Bug Reporting](https://gitlab.com/procps-ng/procps/blob/master/Documentation/bugs.md)
page.
#### 使用说明
1. xxxx
2. xxxx
3. xxxx
#### 参与贡献
1. Fork 本仓库
2. 新建 Feat_xxx 分支
3. 提交代码
4. 新建 Pull Request
#### 码云特技
1. 使用 Readme\_XXX.md 来支持不同的语言,例如 Readme\_en.md, Readme\_zh.md
2. 码云官方博客 [blog.gitee.com](https://blog.gitee.com)
3. 你可以 [https://gitee.com/explore](https://gitee.com/explore) 这个地址来了解码云上的优秀开源项目
4. [GVP](https://gitee.com/gvp) 全称是码云最有价值开源项目,是码云综合评定出的优秀开源项目
5. 码云官方提供的使用手册 [https://gitee.com/help](https://gitee.com/help)
6. 码云封面人物是一档用来展示码云会员风采的栏目 [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/)
## Email List
The email list for the developers and users of procps is found at
http://www.freelists.org/archive/procps/
This email list discusses the development of procps and is used by distributions
to also forward or discuss bugs.

377
README.top Normal file
View File

@ -0,0 +1,377 @@
This file summarizes changes to the top program and supporting documentation
introduced on March 31, 2011.
Contents:
DOCUMENT Changes
INTERNAL Improvements
EXTERNAL Improvements
BUGS Previously Fixed and Preserved
BUGS Newly/Nearly Fixed
BUGS/WISH-LISTS That Should Go Bye-bye
BUGS FIXED You Didn't Know You Had
OTHER Changes, Hopefully They Won't Bite You
BENCHMARKS
DOCUMENT Changes =========================================================
. The entire file was cleaned up, standardized and expanded to include:
- a new section "2. SUMMARY Display" added for symmetry with Fields
- nine new fields were added to section "3a. DESCRIPTIONS of Fields"
- a new section "3b. MANAGING Fields" replaced the obsolete section
"2b. SELECTING and ORDERING Columns"
- section "5c. SCROLLING a Window" was added for that new feature
. I don't know when the explanations for CODE and DATA were changed to
show 'virtual' memory, but I think there's a reason their alternate
names contain the word 'resident'. Thus they were changed back to
say 'physical memory'.
. And as I indicated in a previous email, the former string identifier
'ME' was restored as were the 'h' key/command conventions (vs. <h>).
Oops, the 'h' key/command conventions remain restored, but subsequent
testing revealed problems with the .ME string identifier. Thus, it was
changed to .WE (along with the companion .Me/.We id).
. Also previously mentioned, the 'man2html' program translates top.1 to
HTML with near perfect fidelity. I take that to mean there should be
no problems with the top.1 source on most other platforms.
To further improve translation to HTML, several .Bd and .Ed macros
were added to preserve literal (fixed width) spacing.
INTERNAL Improvements ====================================================
. The old restriction of 26 fields has been lifted. With this new-top
100+ fields are now possible. It currently supports up to 55, of
which 35 are in use. Adding a new field is almost too easy.
. Task row construction has been considerably improved -- both from
a programming perspective and a performance perspective.
. The column highlighting costs for sort field visibility were
virtually eliminated.
An optional define (USE_X_COLHDR) can be enabled to completely
eliminate any costs associated with the 'x' command toggle.
. The management of the HST_t structures, used for %cpu calculations,
was optimized with a hashing scheme. Thus the need for a qsort then
a binary search in each frame was completely eliminated.
An optional define can restore the former qsort/bsearch approach but
with an internal inlined binary search function offering substantially
better performance than the old top.
. This far more capable new-top executable is no larger than old top.
. The above combine to produce substantially improved performance
whose details are documented below under BENCHMARKS.
EXTERNAL Improvements ====================================================
. Field management has been completely redesigned. It's now embodied
on a single screen where display-ability, position and sort selection
can be handled in one place -- for all windows at one time!
This function is dependent on cursor motion keys and should a device
not have the customary arrow keys, alternatives are provided and
documented under "Operation" near the beginning of the man page.
. The following new fields have been added:
Group Id
Minor Page Faults
Number of Threads
Process Group Id
Real User Id
Saved User Id
Saved User Name
Session Id
Tty Process Group Id
. Scrolling keys now allow one to move the view of any window vertically
or horizontally to reveal any desired task or column. Previously, only
some tasks were viewable even with reversible, selectable sort columns.
Each of the four windows is capable of maintaining its own scrolled
coordinates and an optional toggle ('C') displays a message aiding
navigation within the available tasks and displayable fields.
. User interactive line oriented input now provides for true line
editing supported by these new keys:
Left/Right arrow keys, Delete key, Backspace and
Home/End keys (likely limited to xterm, not terminal)
. User filtering via the -u | -U interactive commands is now window
based which means that different windows could be used to filter
different users.
. Signal handling has been normalized and is now consistent regardless
of the particular top screen a user may have been using.
. The 'i' toggle now shows any task that has used *some* cpu since the
last screen update. It's no longer limited to just running tasks.
. The summary area 'task states' line now reflects either 'Threads'
or 'Tasks' depending on the -H toggle.
BUGS Previously Fixed and Preserved ======================================
( but not necessarily literally)
. 228822, suspending top leaves xterm in slightly messed-up state
. 256376, segfaults, if the xterm is to small
. 320289, segv on sigwinch
. 351065, wrong highlight 1st column (escape characters displayed)
. 358724, accepts extra numeric args
. 378695, seg fault if "/proc" is not mounted
. 426782, UID field is too narrow
. 458986, should check xterm for EOF/EIO
. 459890, Irix mode should use %#4.1f when threads shown
BUGS Newly/Nearly Fixed ==================================================
. 225542, 'Unknown command' message blocks further commands
The message is now displayed using usleep for 1.25 seconds, instead
of the former full 2 seconds. And while it still blocks further
commands, the delay is much more tolerable.
Can we consider this bug 'nearly' fixed?
. 410292, interface error when using backspace
Full line editing was added but could be disabled via a #define.
And via that define, even under basic termios support, the backspace
problem was cured.
. 567509, top idle command ('i') not working for threaded programs
Since the 'i' command now reflects tasks that have used *some* cpu,
and is no longer dependent on an 'R' state, I *believe/hope* this
bug has been swatted.
BUGS/WISH-LISTS That Should Go Bye-bye ===================================
. 340751, wish for hostname to benefit multiple top sessions
Craig's suggestion regarding symlinks is the perfect solution.
How dare Craig say that the solution was "not ideal" !
. 586497, wish for graceful degradation on small screen sizes
This objective could be accomplished by setting up 2 symlinks for
top, personalizing them for the 2 tiny phone displays, then writing
the respective configuration files.
I shudder at the programming effort suggested by Paul. And when it
was done you'd find everybody else would have different criteria.
BUGS FIXED You Didn't Know You Had =======================================
. Without amplifying the dirty details, the long standing occasionally
reported display corruption, and an unreported source of performance
degradation, has been eliminated. The cure is in the elimination of
the Pseudo_cols variable and the improved PUFF macro.
. Line oriented input was not sensitive to screen width. Thus a user
could hold down any key and ultimately line wrap, overwriting the
columns header and the entire screen. New top prevents this.
. User filtering (-u|-U) via a user ID (not name) now validates that
number. The old-top just made sure it was numeric, then blindly
displayed no matching users (i.e. an empty window).
. The threads toggle ('H') is no longer window based but more properly
applies to all windows. The previous implementation produced the
following aberration if multiple windows were being shown:
. -H would be acknowledged and applied to all visible windows
. keying 'a' or 'w' would silently turn it off
. then keying -H would turn it back on, but the user expected off
. If you hit ^Z on any help or fields screen to suspend old-top, after
issuing 'fg' you would then be left with a seemingly hung application
inviting ^C. In truth, one could recover with the space bar, but that
was far from intuitive.
. The old-top consistently writes 1 extra byte for each task row or 1
byte too few for columns headers, depending on your perspective.
The new top writes the same number of bytes for each.
. By failing to clear to eol, old top left the display in a terrible
state after exiting a 'fields' screen when only a few columns were
being displayed.
. The old-top used a zero value for the L_NONE library flag which could
cause repeated rebuilding of columns headers with each frame. In truth,
this was not likely to happen in real life since only two fields actually
used that flag. However, if it did happen, performance could be degraded
by 800%.
OTHER Changes, Hopefully They Won't Bite You =============================
. The undocumented TOPRC environment variable is no longer supported.
Any similar need can be met through a symlink alias.
. The use of environment variables to override terminal size is now
off by default but could be enabled through '#define TTYGETENVYES'.
. The global 'bold enable' toggle is active by default and thus agrees
with the documentation. It's been wrong ever since Al's wholesale
'cosmetic' changes in procps-3.2.2.
. Task defaults now show bold (not reverse) and row highlighting.
This agrees with what was always stated in the documentation.
. The 'H' toggle (thread mode) is not persistent. Persistence can be
achieved with a simple shell script employing the -H switch.
. Then 'g' and 'G' commands were reversed to reflect their likely use.
BENCHMARKS ===============================================================
Tested as root with nice -10 and using only common fields
( on a pretty old, slow laptop under Debian Lenny )
but rcfiles specified identical sort fields and identical
settings for the 'B', 'b', 'x' and 'y' toggles (even though
the defaults are not necessarily identical).
In every case new-top outperforms old-top, but I've shown %
improvements for only the most significant. Those cases mostly
involve colors with both row & column highlighting. I suggested
above that the highlighting cost was virtually eliminated in
new-top, and these tests bare that out.
Note the much smaller differences for new-top between the 24x80
window results and full screen (but don't mix apples_terminal
with oranges_xterm). This is a reflection of the simplification
of task row construction, also mentioned above.
It's always been the case that any top in an xterm outperforms
that top under the terminal application, even when the xterm
provides additional rows and columns. It's true below with
Gnome and it was true nine years ago under KDE.
----------------------------------------------------------
The following comparisons were run with:
100 tasks & 160 threads
-d0 -n5000
new-top old-top
xterm 24x80
a 1 win, lflgs_none 11.2 secs 51.8 secs + 462.6%
1 win, default 61.0 secs 66.8 secs
1 win, colors w/ x+y 61.3 secs 83.0 secs + 135.4%
1 win, thread mode 88.3 secs 94.2 secs
b 1 win, every field on 99.7 secs 106.0 secs
1 win, cmdline 71.2 secs 76.6 secs
4 wins, defaults 101.3 secs 107.2 secs
4 wins, colors w/ x+y 101.5 secs 122.8 secs + 121.0%
xterm, full screen (53x170)
a 1 win, lflgs_none 15.9 secs 54.2 secs + 340.9%
1 win, default 70.0 secs 73.2 secs
1 win, colors w/ x+y 69.4 secs 131.3 secs + 189.2%
1 win, thread mode 97.6 secs 102.6 secs
c 1 win, every field on 122.1 secs 128.1 secs
1 win, cmdline 80.8 secs 83.7 secs
4 wins, defaults 111.4 secs 115.8 secs
4 wins, colors w/ x+y 112.0 secs 172.9 secs + 154.4%
terminal 24x80
a 1 win, lflgs_none 8.9 secs 58.6 secs + 658.4%
1 win, default 70.1 secs 80.3 secs
1 win, colors w/ x+y 70.6 secs 157.3 secs + 222.8%
1 win, thread mode 104.7 secs 120.5 secs
b 1 win, every field on 111.2 secs 134.5 secs
1 win, cmdline 83.8 secs 94.5 secs
4 wins, defaults 125.6 secs 146.7 secs
4 wins, colors w/ x+y 125.6 secs 206.9 secs + 176.7%
terminal, full screen (39x125)
a 1 win, lflgs_none 9.1 secs 60.6 secs + 665.9%
1 win, default 74.3 secs 88.0 secs
1 win, colors w/ x+y 73.9 secs 314.5 secs + 425.6%
1 win, thread mode 113.0 secs 140.9 secs
b 1 win, every field on 117.7 secs 154.9 secs
1 win, cmdline 87.4 secs 107.2 secs
4 wins, defaults 139.1 secs 166.7 secs
4 wins, colors w/ x+y 157.3 secs 423.2 secs + 269.0%
----------------------------------------------------------
The following comarisons were run with:
300 tasks & 360 threads
-d0 -n3000
new-top old-top
xterm, full screen (53x170)
a 1 win, lflgs_none 14.3 secs 79.0 secs + 552.4%
1 win, default 101.1 secs 104.5 secs
1 win, colors w/ x+y 101.3 secs 140.0 secs + 138.2%
1 win, thread mode 120.1 secs 123.1 secs
c 1 win, every field on 179.8 secs 185.6 secs
1 win, cmdline 124.9 secs 132.8 secs
4 wins, defaults 174.8 secs 179.2 secs
4 wins, colors w/ x+y 175.0 secs 215.2 secs + 123.0%
terminal, full screen (39x125)
a 1 win, lflgs_none 12.3 secs 98.5 secs + 800.8%
1 win, default 117.4 secs 134.0 secs
1 win, colors w/ x+y 111.6 secs 296.1 secs + 265.3%
1 win, thread mode 141.3 secs 155.3 secs
b 1 win, every field on 197.7 secs 204.8 secs
1 win, cmdline 143.9 secs 157.3 secs
4 wins, defaults 204.0 secs 226.2 secs
4 wins, colors w/ x+y 216.9 secs 434.5 secs + 200.3%
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
notes:
a these results represent the library flags L_NONE zero value and
thus the hidden cost of rebuilding column headers w/ every frame
b while every common field was turned on, not all fields could be
displayed due to limited screen width
c only in a full screen xterm window could all common fields
actually be displayed
BENCHMARKS, Redux (for NLS) ==============================================
December, 2011 benchmarks produced on a much more modern
platform containing:
Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
SMP with 4 cpus
reflected in the substantially reduced elapsed times.
Tested as root with nice -10 and using only common fields
but rcfiles specified identical sort fields and identical
settings for the 'B', 'b', 'x' and 'y' toggles (even though
the defaults are not necessarily identical).
Each test was run outside of X-windows at a linux console
offering 48 rows and 170 columns. This was done to reduce
contention which sometimes made comparisons problematic.
old-top = procps-3.2.8 (debian patched and memory leaking)
new-top = procps-ng-3.3.2 with NLS support
----------------------------------------------------------
The following comparisons were run with
-d0 -n5000
140 tasks & 275 threads
linux console (48x170) new-top old-top
d 1 win, lflgs_none 2.6 secs 15.0 secs + 577.0%
1 win, default 16.1 secs 19.3 secs
1 win, colors w/ x+y 16.6 secs 35.0 secs + 210.8%
e 1 win, show cpus 16.2 secs 20.1 secs + 124.1%
1 win, thread mode 31.8 secs 34.1 secs
f 1 win, every field on 30.5 secs 34.0 secs
1 win, cmdline 19.9 secs 23.1 secs
4 wins, default 31.9 secs 35.2 secs
4 wins, colors w/ x+y 29.2 secs 47.4 secs + 162.3%
g 1 win, b&w w/ bold x 30.0 secs 33.2 secs
h 1 win, scroll msg on 31.1 secs 33.9 secs
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
notes:
d these represent the same anamoly as the original 'a' footnote
e these represent the '1' toggle, where each of 4 cpus was shown
(not possible on the original uniprocessor)
f every common field was turned on and all fields were visible
g on a black and white display, sort column was shown in bold
(further proof of column highlighting improvements)
h similar to 'g', but new top was showing scroll msg
(old top has no such provision)

27
bugfix-top-exit-with-error-when-pid-overflow.patch Normal file
View File

@ -0,0 +1,27 @@
From 68bd42fb10cfaf278e841d2925da7f061820abd4 Mon Sep 17 00:00:00 2001
From: xuchunmei <xuchunmei@huawei.com>
Date: Wed, 23 Jan 2019 07:57:53 -0500
Subject: [PATCH] top: exit with error when pid overflow
Signed-off-by: xuchunmei <xuchunmei@huawei.com>
---
top/top.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/top/top.c b/top/top.c
index 9bfc7f0..d1dbf95 100644
--- a/top/top.c
+++ b/top/top.c
@@ -4098,7 +4098,8 @@ static void parse_args (char **args) {
if (Monpidsidx >= MONPIDMAX)
error_exit(fmtmk(N_fmt(LIMIT_exceed_fmt), MONPIDMAX));
if (1 != sscanf(cp, "%d", &pid)
- || strpbrk(cp, "+-."))
+ || strpbrk(cp, "+-.")
+ || 0 > pid)
error_exit(fmtmk(N_fmt(BAD_mon_pids_fmt), cp));
if (!pid) pid = getpid();
for (i = 0; i < Monpidsidx; i++)
--
1.8.3.1

1111
docs-Tidying-of-ps-kill-and-skill-manpages.patch Normal file
View File

File diff suppressed because it is too large Load Diff

55
feature-add-options-M-and-N-for-top.patch Normal file
View File

@ -0,0 +1,55 @@
From 6e59f5e746c15df4d4b53f2df85b64aa1f10d0c3 Mon Sep 17 00:00:00 2001
From: xuchunmei <xuchunmei@huawei.com>
Date: Fri, 11 Jan 2019 01:29:55 -0500
Subject: [PATCH] procps-ng: add -M and -N options for top
Signed-off-by: xuchunmei <xuchunmei@huawei.com>
---
top/top.c | 17 +++++++++++++++++
top/top_nls.c | 2 +-
2 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/top/top.c b/top/top.c
index d890140..9bfc7f0 100644
--- a/top/top.c
+++ b/top/top.c
@@ -4139,6 +4139,23 @@ static void parse_args (char **args) {
args += ai;
if (pn) cp = pn + ci;
} continue;
+ case 'M':
+ {
+ Curwin->rc.sortindx = EU_MEM;
+ break;
+ }
+ case 'N':
+ {
+ if (cp[1])
+ cp++;
+ else if (*args)
+ cp = *args++;
+ else
+ error_exit("-N requires argument");
+ if (sscanf(cp, "%d", &Curwin->rc.maxtasks) != 1 || Curwin->rc.maxtasks < 0)
+ error_exit(fmtmk("bad iterations arg '%s'", cp));
+ break;
+ }
default :
error_exit(fmtmk(N_fmt(UNKNOWN_opts_fmt)
, *cp, Myname, N_txt(USAGE_abbrev_txt)));
diff --git a/top/top_nls.c b/top/top_nls.c
index 0af77ce..79a18e1 100644
--- a/top/top_nls.c
+++ b/top/top_nls.c
@@ -350,7 +350,7 @@ static void build_norm_nlstab (void) {
Norm_nlstab[OFF_one_word_txt] = _("Off");
/* Translation Hint: Only the following words should be translated
. secs (seconds), max (maximum), user, field, cols (columns)*/
- Norm_nlstab[USAGE_abbrev_txt] = _(" -hv | -bcEHiOSs1 -d secs -n max -u|U user -p pid(s) -o field -w [cols]");
+ Norm_nlstab[USAGE_abbrev_txt] = _(" -hv | -bcEHiOSs1 -d secs -n max -u|U user -p pid(s) -o field -w [cols] -M -N num");
Norm_nlstab[FAIL_statget_txt] = _("failed /proc/stat read");
Norm_nlstab[FOREST_modes_fmt] = _("Forest mode %s");
Norm_nlstab[FAIL_tty_get_txt] = _("failed tty get");
--
1.8.3.1

72
library-avoid-problems-involving-supgid-mishandling.patch Normal file
View File

@ -0,0 +1,72 @@
From f9a8009e27d47a61096ff7bf1de37a90f0f801e6 Mon Sep 17 00:00:00 2001
From: Jim Warner <james.warner@comcast.net>
Date: Wed, 30 May 2018 00:00:00 -0500
Subject: [PATCH 08/65] library: avoid problems involving 'supgid' mishandling
Following that patch referenced below, the top SUPGRPS
field would produce a segmentation fault and ps SUPGRP
would often show "(null)". Such problems resulted from
some faulty logic in the status2proc() routine dealing
with 'Groups' (supgid) which served as a source field.
For many processes the original code produced an empty
string which prevented conversion to the expected "-".
Moreover, prior to release 3.3.15 such an empty string
will become 0 after strtol() which pwcache_get_group()
translates to 'root' yielding very misleading results.
So, now we'll check for empty '/proc/#/status/Groups:'
fields & consistently provide a "-" value for callers.
[ we'll also protect against future problems in that ]
[ new qualys logic by always ensuring valid 'supgrp' ]
[ pointers - logic which revealed our original flaw! ]
Reference(s):
. original qualys patch
0071-proc-readproc.c-Harden-supgrps_from_supgids.patch
Signed-off-by: Jim Warner <james.warner@comcast.net>
---
proc/readproc.c | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/proc/readproc.c b/proc/readproc.c
index 0f00231..ea7a31b 100644
--- a/proc/readproc.c
+++ b/proc/readproc.c
@@ -387,12 +387,15 @@ ENTER(0x220);
P->vm_swap = strtol(S,&S,10);
continue;
case_Groups:
- { char *nl = strchr(S, '\n');
- size_t j = nl ? (size_t)(nl - S) : strlen(S);
+ { char *ss = S, *nl = strchr(S, '\n');
+ size_t j;
+ while (' ' == *ss || '\t' == *ss) ss++;
+ if (ss >= nl) continue;
+ j = nl ? (size_t)(nl - ss) : strlen(ss);
if (j > 0 && j < INT_MAX) {
P->supgid = xmalloc(j+1); // +1 in case space disappears
- memcpy(P->supgid, S, j);
+ memcpy(P->supgid, ss, j);
if (unlikely(' ' != P->supgid[--j])) ++j;
P->supgid[j] = '\0'; // whack the space or the newline
for ( ; j; j--)
@@ -472,7 +475,11 @@ static void supgrps_from_supgids (proc_t *p) {
while (',' == *s) ++s;
gid = strtol(s, &end, 10);
- if (end <= s) break;
+ if (end <= s) {
+ if (!p->supgrp)
+ p->supgrp = xstrdup("-");
+ break;
+ }
s = end;
g = pwcache_get_group(gid);
--
2.6.4.windows.1

47
procio-fix-potential-out-of-bounds-access-when-write.patch Normal file
View File

@ -0,0 +1,47 @@
From 3eb4b5375f7ffca0e21fac479dfa688cae936641 Mon Sep 17 00:00:00 2001
From: Patrick Steinhardt <ps@pks.im>
Date: Tue, 29 May 2018 13:20:00 +0200
Subject: [PATCH 62/65] procio: fix potential out-of-bounds access when write
fails
When writing to procfs via `proc_write` fails, we try to chunk the
buffer into smaller pieces to work around that issue. When searching for
the next location to split the buffer, though, we can underflow the
buffer in case the current offset is smaller than `LINELEN`. Fix the
issue by passing `cookie->offset` instead of `LINELEN` into `memrchr` in
case `cookie->offset` is smaller than `LINELEN`.
This bug can be triggered on musl-based systems, e.g. by executing
$ sysctl kernel.printk_ratelimit=1000000000000000
As the value is out-of-range, `write` will return an error and set
`errno` to `EINVAL`. As we're only trying to write a smallish buffer
with a length smaller than `LINELEN` and as the buffer does not contain
any newlines, the call
token = (char*)memrchr(cookie->buf+offset, '\n', LINELEN);
will underflow the buffer and crash the program.
Signed-off-by: Patrick Steinhardt <ps@pks.im>
---
procio.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/procio.c b/procio.c
index 2813cd5..f3258ff 100644
--- a/procio.c
+++ b/procio.c
@@ -251,7 +251,7 @@ ssize_t proc_write(void *c, const char *buf, size_t count)
if (cookie->offset > LINELEN)
token = (char*)memrchr(cookie->buf+offset, cookie->delim, LINELEN);
else
- token = (char*)memrchr(cookie->buf+offset, '\n', LINELEN);
+ token = (char*)memrchr(cookie->buf+offset, '\n', cookie->offset);
if (token)
*token = '\n';
else {
--
2.6.4.windows.1

33
procio-use-the-user-supplied-delimiter-to-split-larg.patch Normal file
View File

@ -0,0 +1,33 @@
From 32720b2ee6c36b84005a002def17e79e3ab009e1 Mon Sep 17 00:00:00 2001
From: Patrick Steinhardt <ps@pks.im>
Date: Fri, 8 Jun 2018 13:27:20 +0200
Subject: [PATCH 61/65] procio: use the user-supplied delimiter to split large
input
The `fprocopen` function allows users to specify a delimiter chacter
that is used to split very large input lines into smaller chunks. While
the code checks that the caller did actually supply the delimiter, it is
in fact never used to split the string. Instead, the hardcoded default
character ',' is always used to split the string.
Fix the issue by using `cookie->delim` instead.
---
procio.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/procio.c b/procio.c
index ad9b4de..2813cd5 100644
--- a/procio.c
+++ b/procio.c
@@ -249,7 +249,7 @@ ssize_t proc_write(void *c, const char *buf, size_t count)
do {
token = NULL;
if (cookie->offset > LINELEN)
- token = (char*)memrchr(cookie->buf+offset, ',', LINELEN);
+ token = (char*)memrchr(cookie->buf+offset, cookie->delim, LINELEN);
else
token = (char*)memrchr(cookie->buf+offset, '\n', LINELEN);
if (token)
--
2.6.4.windows.1

BIN
procps-ng-3.3.15.tar.xz Normal file
View File

Binary file not shown.

161
procps-ng.spec Normal file
View File

@ -0,0 +1,161 @@
Name: procps-ng
Version: 3.3.15
Release: 10
Summary: Utilities that provide system information.
License: GPL+ and GPLv2 and GPLv2+ and GPLv3+ and LGPLv2+
URL: https://sourceforge.net/projects/procps-ng/
Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.xz
Source1: README.md
Source2: README.top
Patch9000: feature-add-options-M-and-N-for-top.patch
Patch9001: bugfix-top-exit-with-error-when-pid-overflow.patch
Patch6002: top-fix-iokey-flaw-preventing-proper-translations.patch
Patch6003: Possible-segfault-in-file2strvec-introduced-by-lates.patch
Patch6004: top-don-t-mess-with-groff-line-length-in-man-documen.patch
Patch6005: top-add-another-field-sanity-check-in-config_file.patch
Patch6006: top-prevent-buffer-overruns-in-inspection_utility.patch
Patch6007: docs-Tidying-of-ps-kill-and-skill-manpages.patch
Patch6008: library-avoid-problems-involving-supgid-mishandling.patch
Patch6009: w-Prevent-out-of-bounds-reads-in-print_display_or_in.patch
Patch6010: w-Clamp-maxcmd-to-the-MIN-MAX_CMD_WIDTH-range.patch
Patch6011: vmstat-getopt-returns-1-when-done-not-EOF.patch
Patch6012: vmstat-Replace-memcmp-with-strncmp.patch
Patch6013: vmstat-Check-return-values-of-localtime-and-strftime.patch
Patch6014: vmstat-Prevent-out-of-bounds-writes-in-new_header-an.patch
Patch6015: top-the-define-PRETEND2_5_X-was-found-to-be-broken.patch
Patch6016: procio-use-the-user-supplied-delimiter-to-split-larg.patch
Patch6017: procio-fix-potential-out-of-bounds-access-when-write.patch
Patch6018: sysctl-do-not-report-set-key-in-case-close_stream-fa.patch
BuildRequires: ncurses-devel libtool autoconf automake gcc gettext-devel systemd-devel
Provides: procps = %{version}-%{release}
Provides: %{name}
%description
The procps package contains a set of system utilities that provide
system information. Procps includes ps, free, skill, pkill, pgrep,
snice, tload, top, uptime, vmstat, pidof, pmap, slabtop, w, watch
and pwdx.
%package devel
Summary: The devel for %{name}
Requires: %{name} = %{version}-%{release}
Provides: procps-devel = %{version}-%{release}
%description devel
System and process monitoring utilities
%package i18n
Summary: Internationalization pack for %{name}
Requires: %{name} = %{version}-%{release}
BuildArch: noarch
%description i18n
The package is used for the Internationalization of %{name}
%package_help
%prep
%autosetup -n %{name}-%{version} -p1
cp -p %{SOURCE1} .
cp -p %{SOURCE2} top/
%build
autoreconf -ivf
%configure --exec-prefix=/ --docdir=/unwanted --disable-w-from --disable-kill --enable-watch8bit \
--enable-skill --enable-sigwinch --enable-libselinux --with-systemd --disable-modern-top
make CFLAGS="%{optflags}"
%install
%make_install
find man-po/ -type d -maxdepth 1 -mindepth 1 | while read dirname; do cp -a $dirname %{buildroot}%{_mandir}/ ; done
%find_lang %{name} --all-name --with-man
ln -s %{_bindir}/pidof %{buildroot}%{_sbindir}/pidof
%ldconfig_scriptlets
%files
%doc COPYING COPYING.LIB
%{!?_licensedir:%global license %%doc}
%license COPYING COPYING.LIB
%{_libdir}/libprocps.so.*
%{_bindir}/*
%{_sbindir}/*
%exclude %{_libdir}/libprocps.la
%exclude /unwanted/*
%exclude %{_libdir}/*.a
%files devel
%doc COPYING COPYING.LIB
%{!?_licensedir:%global license %%doc}
%license COPYING COPYING.LIB
%{_libdir}/libprocps.so
%{_libdir}/pkgconfig/libprocps.pc
%{_includedir}/proc
%files i18n -f %{name}.lang
%files help
%doc AUTHORS Documentation/bugs.md Documentation/FAQ NEWS README.md top/README.top Documentation/TODO
%{_mandir}/man*
%changelog
* Mon Dec 23 2019 wangshuo <wangshuo47@huawei.com> - 3.3.15-10
- Type:bugfix
- ID:NA
- SUG:NA
- DESC: add liscense to main and devel package.
* Thu Dec 19 2019 openEuler Buildteam <buildteam@openeuler.org> - 3.3.15-9
- Fix typo
* Fri Mar 15 2019 xuwei<xuwei58@huawei.com> - 3.3.15-8
- Type:bugfix
- ID:NA
- SUG:restart
- DEC:top: don't mess with groff line length in man document
top: add another field sanity check in 'config_file()'
top: prevent buffer overruns in 'inspection_utility()'
docs: Tidying of ps,kill and skill manpages
library: avoid problems involving 'supgid' mishandling
w: Prevent out-of-bounds reads in
w: Clamp maxcmd to the MIN/MAX_CMD_WIDTH range.
vmstat: getopt*() returns -1 when done, not EOF.
vmstat: Replace memcmp() with strncmp().
vmstat: Check return values of localtime() and
vmstat: Prevent out-of-bounds writes in new_header()
top: the '#define PRETEND2_5_X' was found to be broken
procio: use the user-supplied delimiter to split large
procio: fix potential out-of-bounds access when write
sysctl: do not report set key in case `close_stream`
* Tue Jan 29 2019 huangchangyu<huangchangyu@huawei.com> - 3.3.15-7
- Type:bugfix
- ID:NA
- SUG:NA
- DEC:sync patches
* Wed Jan 23 2019 xuchunmei<xuchunmei@huawei.com> - 3.3.15-6
- Type:bugfix
- ID:NA
- SUG:restart
- DEC:top exit with error when pid overflow
* Fri Jan 11 2019 xuchunmei<xuchunmei@huawei.com> - 3.3.15-5
- Type:feature
- ID:NA
- SUG:restart
- DEC:add options -M and -N for top
* Sat Jul 18 2018 openEuler Buildteam <buildteam@openeuler.org> - 3.3.15-4
- Package init

40
sysctl-do-not-report-set-key-in-case-close_stream-fa.patch Normal file
View File

@ -0,0 +1,40 @@
From da82fe49b1476d227874905068adb69577e11d96 Mon Sep 17 00:00:00 2001
From: Patrick Steinhardt <ps@pks.im>
Date: Tue, 29 May 2018 13:29:03 +0200
Subject: [PATCH 63/65] sysctl: do not report set key in case `close_stream`
fails
As we're using buffered I/O when writing kernel parameters, write errors
may get delayed until we close the `FILE` stream. As we are currently
outputting the key that is to be set disregarding the return value of
`close_stream`, we may end up in a situation where we report error and
success:
$ sysctl kernel.printk_ratelimit=100000000000000
sysctl: setting key "kernel.printk_ratelimit": error code 22
kernel.printk_ratelimit = 100000000000000
Fix the issue by only outputting the updated value in case
`close_stream` does not report an error.
Signed-off-by: Patrick Steinhardt <ps@pks.im>
---
sysctl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sysctl.c b/sysctl.c
index 2371ca9..2172759 100644
--- a/sysctl.c
+++ b/sysctl.c
@@ -465,7 +465,7 @@ static int WriteSetting(const char *setting)
rc = 0;
if (close_stream(fp) != 0)
xwarn(_("setting key \"%s\""), outname);
- if (rc == 0 && !Quiet) {
+ else if (rc == 0 && !Quiet) {
if (NameOnly) {
fprintf(stdout, "%s\n", outname);
} else {
--
2.6.4.windows.1

46
top-add-another-field-sanity-check-in-config_file.patch Normal file
View File

@ -0,0 +1,46 @@
From a42742b0df64a3b282eac469447e9f57d416449e Mon Sep 17 00:00:00 2001
From: Jim Warner <james.warner@comcast.net>
Date: Wed, 23 May 2018 00:00:00 -0500
Subject: [PATCH 03/65] top: add another field sanity check in 'config_file()'
Until the Qualys security audit I had never considered
it a possibility that some malicious person might edit
the top config file to achieve some nefarious results.
And while the Qualys approach tended to concentrate on
the symptoms from such an effort, subsequent revisions
more properly concentrated on startup and that rcfile.
This commit completes those efforts with 1 more field.
Signed-off-by: Jim Warner <james.warner@comcast.net>
---
top/top.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/top/top.c b/top/top.c
index d890140..0c02201 100644
--- a/top/top.c
+++ b/top/top.c
@@ -3759,8 +3759,7 @@ static const char *config_file (FILE *fp, const char *name, float *delay) {
return p;
if (4 != fscanf(fp, "\tsummclr=%d, msgsclr=%d, headclr=%d, taskclr=%d\n"
- , &w->rc.summclr, &w->rc.msgsclr
- , &w->rc.headclr, &w->rc.taskclr))
+ , &w->rc.summclr, &w->rc.msgsclr, &w->rc.headclr, &w->rc.taskclr))
return p;
if (w->rc.summclr < 0 || w->rc.summclr > 7) return p;
if (w->rc.msgsclr < 0 || w->rc.msgsclr > 7) return p;
@@ -3804,6 +3803,8 @@ static const char *config_file (FILE *fp, const char *name, float *delay) {
Rc.summ_mscale = 0;
if (Rc.task_mscale < 0 || Rc.task_mscale > SK_Pb)
Rc.task_mscale = 0;
+ if (Rc.zero_suppress < 0 || Rc.zero_suppress > 1)
+ Rc.zero_suppress = 0;
// we'll start off Inspect stuff with 1 'potential' blank line
// ( only realized if we end up with Inspect.total > 0 )
--
2.6.4.windows.1

35
top-don-t-mess-with-groff-line-length-in-man-documen.patch Normal file
View File

@ -0,0 +1,35 @@
From cc5c9e6c1ea1911cb53f1cb0643cbc5f6e4cad1d Mon Sep 17 00:00:00 2001
From: Jim Warner <james.warner@comcast.net>
Date: Sun, 20 May 2018 00:00:00 -0500
Subject: [PATCH 02/65] top: don't mess with groff line length in man document
I've long since forgotten why the attempt to influence
groff line lengths was made. However, I did receive an
email regarding problems formatting postscript output.
Hopefully this patch will eliminate any such problems.
Signed-off-by: Jim Warner <james.warner@comcast.net>
---
top/top.1 | 5 -----
1 file changed, 5 deletions(-)
diff --git a/top/top.1 b/top/top.1
index b8405e9..3a00543 100644
--- a/top/top.1
+++ b/top/top.1
@@ -6,11 +6,6 @@
. This file may be copied under the terms of the GNU Public License.
..
\# Setup ////////////////////////////////////////////////////////////////
-\# ** Comment out '.nr' or set to 0 to eliminate WIDTH fiddlin' !
-.nr half_xtra 4
-.
-.ll +(\n[half_xtra] + \n[half_xtra])
-.
\# Commonly used strings (for consistency) ----------
\# - our em-dashes
.ds Em \fR\ \-\-\ \fR
--
2.6.4.windows.1

13
top-fix-iokey-flaw-preventing-proper-translations.patch Normal file
View File

@ -0,0 +1,13 @@
diff --git a/top/top.c b/top/top.c
index d1dbf95..9e41999 100644
--- a/top/top.c
+++ b/top/top.c
@@ -1138,7 +1138,7 @@ static int iokey (int action) {
const char *str;
int key;
} tinfo_tab[] = {
- { "\033\n",kbd_ENTER }, { NULL, kbd_UP }, { NULL, kbd_DOWN },
+ { "\n", kbd_ENTER }, { NULL, kbd_UP }, { NULL, kbd_DOWN },
{ NULL, kbd_LEFT }, { NULL, kbd_RIGHT }, { NULL, kbd_PGUP },
{ NULL, kbd_PGDN }, { NULL, kbd_HOME }, { NULL, kbd_END },
{ NULL, kbd_BKSP }, { NULL, kbd_INS }, { NULL, kbd_DEL },

36
top-prevent-buffer-overruns-in-inspection_utility.patch Normal file
View File

@ -0,0 +1,36 @@
From 434530a038023f2e2fcb0a9b7341cbdefc08baef Mon Sep 17 00:00:00 2001
From: Jim Warner <james.warner@comcast.net>
Date: Thu, 24 May 2018 00:00:00 -0500
Subject: [PATCH 04/65] top: prevent buffer overruns in 'inspection_utility()'
When a Qualys patch was reverted as being unwarranted,
1 specific problem their patch had, in fact, prevented
was re-introduced. This patch corrects that oversight.
Reference(s):
. qualys patch revert
commit c5026787156d23512487ad9bbf540be7e3ee8de1
Signed-off-by: Jim Warner <james.warner@comcast.net>
---
top/top.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/top/top.c b/top/top.c
index 0c02201..6777942 100644
--- a/top/top.c
+++ b/top/top.c
@@ -3468,8 +3468,8 @@ static void inspection_utility (int pid) {
Inspect.tab[sel].caps = "~4"; dst[0] = '\0'; \
for (i = 0; i < Inspect.total; i++) { char _s[SMLBUFSIZ]; \
snprintf(_s, sizeof(_s), " %s %s", Inspect.tab[i].name, Inspect.tab[i].caps); \
- strcat(dst, _s); } }
- char sels[MEDBUFSIZ];
+ strncat(dst, _s, (sizeof(dst) - 1) - strlen(dst)); } }
+ char sels[SCREENMAX];
static int sel;
int i, key;
proc_t *p;
--
2.6.4.windows.1

50
top-the-define-PRETEND2_5_X-was-found-to-be-broken.patch Normal file
View File

@ -0,0 +1,50 @@
From 2b82cbfc2aa25d613414d9b164ae5773ca31045f Mon Sep 17 00:00:00 2001
From: Jim Warner <james.warner@comcast.net>
Date: Tue, 14 Aug 2018 00:00:00 -0500
Subject: [PATCH 53/65] top: the '#define PRETEND2_5_X' was found to be broken
Our newlib branch has already dropped support for such
old kernels. However, the master branch still supports
them. So this patch will correct a broken #define that
is used to influence the top Summary Area information.
Signed-off-by: Jim Warner <james.warner@comcast.net>
---
top/top.c | 4 ++++
top/top.h | 4 ----
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/top/top.c b/top/top.c
index 46ffdc5..4146ddb 100644
--- a/top/top.c
+++ b/top/top.c
@@ -3615,7 +3615,11 @@ static void before (char *me) {
struct sigaction sa;
proc_t p;
int i;
+#ifndef PRETEND2_5_X
int linux_version_code = procps_linux_version();
+#else
+ int linux_version_code = LINUX_VERSION(2,5,43);
+#endif
atexit(close_stdout);
diff --git a/top/top.h b/top/top.h
index b6e970c..4a7c49a 100644
--- a/top/top.h
+++ b/top/top.h
@@ -92,10 +92,6 @@
/* For prompting & helping with top's utf-8 support, thanks to:
Göran Uddeborg <goeran@uddeborg.se> - September, 2017 */
-#ifdef PRETEND2_5_X
-#define linux_version_code LINUX_VERSION(2,5,43)
-#endif
-
// pretend as if #define _GNU_SOURCE
char *strcasestr(const char *haystack, const char *needle);
--
2.6.4.windows.1

90
vmstat-Check-return-values-of-localtime-and-strftime.patch Normal file
View File

@ -0,0 +1,90 @@
From 0b55f0dc80e886d43c2e966000e6d56c6535cdb0 Mon Sep 17 00:00:00 2001
From: Qualys Security Advisory <qsa@qualys.com>
Date: Thu, 1 Jan 1970 00:00:00 +0000
Subject: [PATCH 16/65] vmstat: Check return values of localtime() and
strftime().
Otherwise it leads to NULL-pointer dereferences (in case of localtime()
errors) and indeterminate contents of timebuf (in case of strftime()
errors).
---
vmstat.c | 28 ++++++++++++++++++++++------
1 file changed, 22 insertions(+), 6 deletions(-)
diff --git a/vmstat.c b/vmstat.c
index c5f6d62..837244a 100644
--- a/vmstat.c
+++ b/vmstat.c
@@ -255,7 +255,7 @@ static void new_header(void)
if (t_option) {
(void) time( &the_time );
tm_ptr = localtime( &the_time );
- if (strftime(timebuf, sizeof(timebuf), "%Z", tm_ptr)) {
+ if (tm_ptr && strftime(timebuf, sizeof(timebuf), "%Z", tm_ptr)) {
timebuf[strlen(timestamp_header) - 1] = '\0';
} else {
timebuf[0] = '\0';
@@ -307,7 +307,11 @@ static void new_format(void)
if (t_option) {
(void) time( &the_time );
tm_ptr = localtime( &the_time );
- strftime(timebuf, sizeof(timebuf), "%Y-%m-%d %H:%M:%S", tm_ptr);
+ if (tm_ptr && strftime(timebuf, sizeof(timebuf), "%Y-%m-%d %H:%M:%S", tm_ptr)) {
+ ;
+ } else {
+ timebuf[0] = '\0';
+ }
}
duse = *cpu_use + *cpu_nic;
@@ -360,7 +364,11 @@ static void new_format(void)
if (t_option) {
(void) time( &the_time );
tm_ptr = localtime( &the_time );
- strftime(timebuf, sizeof(timebuf), "%Y-%m-%d %H:%M:%S", tm_ptr);
+ if (tm_ptr && strftime(timebuf, sizeof(timebuf), "%Y-%m-%d %H:%M:%S", tm_ptr)) {
+ ;
+ } else {
+ timebuf[0] = '\0';
+ }
}
duse =
@@ -557,7 +565,7 @@ static void diskheader(void)
if (t_option) {
(void) time( &the_time );
tm_ptr = localtime( &the_time );
- if (strftime(timebuf, sizeof(timebuf), "%Z", tm_ptr)) {
+ if (tm_ptr && strftime(timebuf, sizeof(timebuf), "%Z", tm_ptr)) {
timebuf[strlen(timestamp_header) - 1] = '\0';
} else {
timebuf[0] = '\0';
@@ -591,7 +599,11 @@ static void diskformat(void)
if (t_option) {
(void) time( &the_time );
tm_ptr = localtime( &the_time );
- strftime(timebuf, sizeof(timebuf), "%Y-%m-%d %H:%M:%S", tm_ptr);
+ if (tm_ptr && strftime(timebuf, sizeof(timebuf), "%Y-%m-%d %H:%M:%S", tm_ptr)) {
+ ;
+ } else {
+ timebuf[0] = '\0';
+ }
}
if (!moreheaders)
@@ -630,7 +642,11 @@ static void diskformat(void)
if (t_option) {
(void) time( &the_time );
tm_ptr = localtime( &the_time );
- strftime(timebuf, sizeof(timebuf), "%Y-%m-%d %H:%M:%S", tm_ptr);
+ if (tm_ptr && strftime(timebuf, sizeof(timebuf), "%Y-%m-%d %H:%M:%S", tm_ptr)) {
+ ;
+ } else {
+ timebuf[0] = '\0';
+ }
}
for (i = 0; i < ndisks; i++, k++) {
--
2.6.4.windows.1

43
vmstat-Prevent-out-of-bounds-writes-in-new_header-an.patch Normal file
View File

@ -0,0 +1,43 @@
From 0bfe708c4b22d901ded1148e5771946568817326 Mon Sep 17 00:00:00 2001
From: Qualys Security Advisory <qsa@qualys.com>
Date: Thu, 1 Jan 1970 00:00:00 +0000
Subject: [PATCH 17/65] vmstat: Prevent out-of-bounds writes in new_header()
and diskheader().
This does not happen with the default string (" -----timestamp-----"),
but this string is translated (to unknown lengths).
---
vmstat.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/vmstat.c b/vmstat.c
index 837244a..e0fe5f6 100644
--- a/vmstat.c
+++ b/vmstat.c
@@ -256,7 +256,10 @@ static void new_header(void)
(void) time( &the_time );
tm_ptr = localtime( &the_time );
if (tm_ptr && strftime(timebuf, sizeof(timebuf), "%Z", tm_ptr)) {
- timebuf[strlen(timestamp_header) - 1] = '\0';
+ const size_t len = strlen(timestamp_header);
+ if (len >= 1 && len - 1 < sizeof(timebuf)) {
+ timebuf[len - 1] = '\0';
+ }
} else {
timebuf[0] = '\0';
}
@@ -566,7 +569,10 @@ static void diskheader(void)
(void) time( &the_time );
tm_ptr = localtime( &the_time );
if (tm_ptr && strftime(timebuf, sizeof(timebuf), "%Z", tm_ptr)) {
- timebuf[strlen(timestamp_header) - 1] = '\0';
+ const size_t len = strlen(timestamp_header);
+ if (len >= 1 && len - 1 < sizeof(timebuf)) {
+ timebuf[len - 1] = '\0';
+ }
} else {
timebuf[0] = '\0';
}
--
2.6.4.windows.1

27
vmstat-Replace-memcmp-with-strncmp.patch Normal file
View File

@ -0,0 +1,27 @@
From b4f471848111948d6edd9132b3619869cf89971a Mon Sep 17 00:00:00 2001
From: Qualys Security Advisory <qsa@qualys.com>
Date: Thu, 1 Jan 1970 00:00:00 +0000
Subject: [PATCH 15/65] vmstat: Replace memcmp() with strncmp().
Otherwise this may read out-of-bounds (there is no guarantee that 5
bytes are actually available at partition/optarg).
---
vmstat.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/vmstat.c b/vmstat.c
index 6eca2c4..c5f6d62 100644
--- a/vmstat.c
+++ b/vmstat.c
@@ -909,7 +909,7 @@ int main(int argc, char *argv[])
case 'p':
statMode |= PARTITIONSTAT;
partition = optarg;
- if (memcmp(partition, "/dev/", 5) == 0)
+ if (strncmp(partition, "/dev/", 5) == 0)
partition += 5;
break;
case 'S':
--
2.6.4.windows.1

26
vmstat-getopt-returns-1-when-done-not-EOF.patch Normal file
View File

@ -0,0 +1,26 @@
From 4ce81d4dccbf74bc20e049b08cf4fc712168fdf4 Mon Sep 17 00:00:00 2001
From: Qualys Security Advisory <qsa@qualys.com>
Date: Thu, 1 Jan 1970 00:00:00 +0000
Subject: [PATCH 14/65] vmstat: getopt*() returns -1 when done, not EOF.
Luckily, EOF is usually -1, but this is not guaranteed by the standard.
---
vmstat.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/vmstat.c b/vmstat.c
index f2aa2f4..6eca2c4 100644
--- a/vmstat.c
+++ b/vmstat.c
@@ -878,7 +878,7 @@ int main(int argc, char *argv[])
while ((c =
getopt_long(argc, argv, "afmnsdDp:S:wthV", longopts,
- NULL)) != EOF)
+ NULL)) != -1)
switch (c) {
case 'V':
printf(PROCPS_NG_VERSION);
--
2.6.4.windows.1

39
w-Clamp-maxcmd-to-the-MIN-MAX_CMD_WIDTH-range.patch Normal file
View File

@ -0,0 +1,39 @@
From 2503ec36304d961fb7b8eebb5f6a38ba58247bb1 Mon Sep 17 00:00:00 2001
From: Qualys Security Advisory <qsa@qualys.com>
Date: Thu, 1 Jan 1970 00:00:00 +0000
Subject: [PATCH 13/65] w: Clamp maxcmd to the MIN/MAX_CMD_WIDTH range.
The current checks allow out-of-range values (for example, if
getenv/atoi returns ~-2GB, maxcmd becomes ~+2GB after the subtraction).
This is not a security problem, none of this is under an attacker's
control.
---
w.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/w.c b/w.c
index b3c0644..35710a3 100644
--- a/w.c
+++ b/w.c
@@ -579,11 +579,14 @@ int main(int argc, char **argv)
maxcmd = atoi(p);
else
maxcmd = MAX_CMD_WIDTH;
- if (MAX_CMD_WIDTH < maxcmd)
- maxcmd = MAX_CMD_WIDTH;
+#define CLAMP_CMD_WIDTH(cw) do { \
+ if ((cw) < MIN_CMD_WIDTH) (cw) = MIN_CMD_WIDTH; \
+ if ((cw) > MAX_CMD_WIDTH) (cw) = MAX_CMD_WIDTH; \
+} while (0)
+ CLAMP_CMD_WIDTH(maxcmd);
maxcmd -= 21 + userlen + (from ? fromlen : 0) + (longform ? 20 : 0);
- if (maxcmd < MIN_CMD_WIDTH)
- maxcmd = MIN_CMD_WIDTH;
+ CLAMP_CMD_WIDTH(maxcmd);
+#undef CLAMP_CMD_WIDTH
procs = readproctab(PROC_FILLCOM | PROC_FILLUSR | PROC_FILLSTAT);
--
2.6.4.windows.1

68
w-Prevent-out-of-bounds-reads-in-print_display_or_in.patch Normal file
View File

@ -0,0 +1,68 @@
From 3a437012f0e4041c2c1e9cbf0f08ad4b880fe80f Mon Sep 17 00:00:00 2001
From: Qualys Security Advisory <qsa@qualys.com>
Date: Thu, 1 Jan 1970 00:00:00 +0000
Subject: [PATCH 12/65] w: Prevent out-of-bounds reads in
print_display_or_interface().
They occur if disp or tmp reaches host + len: add checks. Also, constify
everything.
---
w.c | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/w.c b/w.c
index 2bee396..b3c0644 100644
--- a/w.c
+++ b/w.c
@@ -113,21 +113,22 @@ static void print_host(const char *restrict host, int len, const int fromlen)
/* This routine prints the display part of the host or IPv6 link address interface */
static void print_display_or_interface(const char *restrict host, int len, int restlen)
{
- char *disp,*tmp;
+ const char *const end = host + (len > 0 ? len : 0);
+ const char *disp, *tmp;
if (restlen <= 0) return; /* not enough space for printing anything */
/* search for a collon (might be a display) */
- disp = (char *)host;
- while ( (disp < (host + len)) && (*disp != ':') && isprint(*disp) ) disp++;
+ disp = host;
+ while ( (disp < end) && (*disp != ':') && isprint(*disp) ) disp++;
/* colon found */
- if (*disp == ':') {
+ if (disp < end && *disp == ':') {
/* detect multiple colons -> IPv6 in the host (not a display) */
tmp = disp+1;
- while ( (tmp < (host + len)) && (*tmp != ':') && isprint(*tmp) ) tmp++;
+ while ( (tmp < end) && (*tmp != ':') && isprint(*tmp) ) tmp++;
- if (*tmp != ':') { /* multiple colons not found - it's a display */
+ if (tmp >= end || *tmp != ':') { /* multiple colons not found - it's a display */
/* number of chars till the end of the input field */
len -= (disp - host);
@@ -149,9 +150,9 @@ static void print_display_or_interface(const char *restrict host, int len, int r
} else { /* multiple colons found - it's an IPv6 address */
/* search for % (interface separator in case of IPv6 link address) */
- while ( (tmp < (host + len)) && (*tmp != '%') && isprint(*tmp) ) tmp++;
+ while ( (tmp < end) && (*tmp != '%') && isprint(*tmp) ) tmp++;
- if (*tmp == '%') { /* interface separator found */
+ if (tmp < end && *tmp == '%') { /* interface separator found */
/* number of chars till the end of the input field */
len -= (tmp - host);
@@ -170,7 +171,6 @@ static void print_display_or_interface(const char *restrict host, int len, int r
fputc('-', stdout);
}
}
-
}
}
--
2.6.4.windows.1