Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:GA
procps
CVE-2018-1125.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2018-1125.patch of Package procps
--- pgrep.c | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) --- pgrep.c +++ pgrep.c 2018-06-05 13:08:02.076109650 +0000 @@ -547,19 +547,24 @@ static struct el * select_procs (int *nu } if (task.cmdline && (opt_longlong || opt_full) ) { int i = 0; - int bytes = sizeof (cmdline) - 1; + int bytes = sizeof (cmdline); + char *str = cmdline; /* make sure it is always NUL-terminated */ - cmdline[bytes] = 0; - /* make room for SPC in loop below */ - --bytes; + *str = '\0'; - strncpy (cmdline, task.cmdline[i], bytes); - bytes -= strlen (task.cmdline[i++]); - while (task.cmdline[i] && bytes > 0) { - strncat (cmdline, " ", bytes); - strncat (cmdline, task.cmdline[i], bytes); - bytes -= strlen (task.cmdline[i++]) + 1; + while (task.cmdline[i] && bytes > 1) { + const int len = snprintf(str, bytes, "%s%s", i ? " " : "", task.cmdline[i]); + if (len < 0) { + *str = '\0'; + break; + } + if (len >= bytes) { + break; + } + str += len; + bytes -= len; + i++; } }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor