]> granicus.if.org Git - procps-ng/commit
top: address 'show_special()' o-o-b read/write concern
authorJim Warner <james.warner@comcast.net>
Sat, 2 Jun 2018 05:00:00 +0000 (00:00 -0500)
committerCraig Small <csmall@enc.com.au>
Sat, 9 Jun 2018 11:35:20 +0000 (21:35 +1000)
commit8b94d115856968c6bf2a422ca9794c2744bce0a5
tree0a1c77e5a0f09a5340047115add38630f5ba3057
parent085351a0ee9e7abcaca499dbc1d6444cfa9c9da9
top: address 'show_special()' o-o-b read/write concern

This patch addresses a potential (but unlikely) buffer
overflow by reducing, if necessary, a memcpy length by
3 bytes to provide for an eol '\0' and 2 unused buffer
positions which also might receive the '\0' character.

[ note to future analysis tool: just because you see ]
[ binary data being manipulated in the routine, that ]
[ doesn't mean such function was passed binary data! ]

Reference(s):
. original qualys patch
0116-top-Fix-out-of-bounds-read-write-in-show_special.patch

Signed-off-by: Jim Warner <james.warner@comcast.net>
top/top.c