pgrep: Always null-terminate the cmd*[] buffers.

author Qualys Security Advisory <qsa@qualys.com>

Thu, 1 Jan 1970 00:00:00 +0000 (00:00 +0000)

committer Craig Small <csmall@enc.com.au>

Fri, 18 May 2018 21:32:21 +0000 (07:32 +1000)
author Qualys Security Advisory <qsa@qualys.com>
Thu, 1 Jan 1970 00:00:00 +0000 (00:00 +0000)
committer Craig Small <csmall@enc.com.au>
Fri, 18 May 2018 21:32:21 +0000 (07:32 +1000)
diff --git a/pgrep.c b/pgrep.c

index 4199ac44d5226e010032a3d962638f39b2a07374..91ab14147883c1ba74e10cf8e9b4e9be7eb752eb 100644 (file)
--- a/pgrep.c
+++ b/pgrep.c
@@ -573,16 +573,18 @@ static struct el * select_procs (int *num)
  
                 if (opt_long || opt_longlong || (match && opt_pattern)) {
                         if (opt_longlong && task.cmdline)
-                               strncpy (cmdoutput, cmdline, CMDSTRSIZE);
+                               strncpy (cmdoutput, cmdline, sizeof cmdoutput - 1);
                         else
-                               strncpy (cmdoutput, task.cmd, CMDSTRSIZE);
+                               strncpy (cmdoutput, task.cmd, sizeof cmdoutput - 1);
+                       cmdoutput[sizeof cmdoutput - 1] = '\0';
                 }
  
                 if (match && opt_pattern) {
                         if (opt_full && task.cmdline)
-                               strncpy (cmdsearch, cmdline, CMDSTRSIZE);
+                               strncpy (cmdsearch, cmdline, sizeof cmdsearch - 1);
                         else
-                               strncpy (cmdsearch, task.cmd, CMDSTRSIZE);
+                               strncpy (cmdsearch, task.cmd, sizeof cmdsearch - 1);
+                       cmdsearch[sizeof cmdsearch - 1] = '\0';
  
                         if (regexec (preg, cmdsearch, 0, NULL, 0) != 0)
                                 match = 0;
author	Qualys Security Advisory <qsa@qualys.com>
	Thu, 1 Jan 1970 00:00:00 +0000 (00:00 +0000)
committer	Craig Small <csmall@enc.com.au>
	Fri, 18 May 2018 21:32:21 +0000 (07:32 +1000)