top: check sortindx risk exposure (not treat symptoms)

Rather than validate the window's 'sortindx' each time
it was referenced (as was done in the patch below), we
now ensure the validity just once when the config file
is read. Thereafter, a running top will police bounds.

Reference(s):
. original qualys patch
0102-top-Check-sortindx.patch
commit d5b8ac7139093a5faf1f3c32d7d069728c471952

Signed-off-by: Jim Warner <james.warner@comcast.net>

diff --git a/top/top.c b/top/top.c
index 284b6a9ab533fd2387f449511c58031f0b928798..98400bd7759253176c7307f13105b63f5f408ba9 100644 (file)
--- a/top/top.c
+++ b/top/top.c
@@ -3699,6 +3699,8 @@ static int config_cvt (WIN_t *q) {
    // lastly, we must adjust the old sort field enum...
    x = q->rc.sortindx;
    q->rc.sortindx = fields_src[x] - FLD_OFFSET;
+   if (q->rc.sortindx < 0 || q->rc.sortindx >= EU_MAXPFLGS)
+      return 1;
 
    return 0;
 } // end: config_cvt
@@ -3746,6 +3748,8 @@ error Hey, fix the above fscanf 'PFLAGSSIZ' dependency !
       if (3 > fscanf(fp, "\twinflags=%d, sortindx=%d, maxtasks=%d, graph_cpus=%d, graph_mems=%d\n"
          , &w->rc.winflags, &w->rc.sortindx, &w->rc.maxtasks, &w->rc.graph_cpus, &w->rc.graph_mems))
             return p;
+      if (w->rc.sortindx < 0 || w->rc.sortindx >= EU_MAXPFLGS)
+         return p;
       if (w->rc.graph_cpus < 0 || w->rc.graph_cpus > 2)
          return p;
       if (w->rc.graph_mems < 0 || w->rc.graph_mems > 2)