top: Do not default to the cwd in configs_r... Tweaked

While it's only documented (so far) in commit text and
an occasional email I've tried to maintain some coding
standards primarily for reference/navigation purposes.
They also served, I felt, as useful mental challenges.

Someday I will get around to formerly documenting them
but in the meantime here are the ones for this commit:

. functions are grouped into logical (i hope) sections
. functions & sections are ordered to avoid prototypes
. function names are alphabetical within every section
. all functions & sections must be referenced in top.h

This patch just attempts to honor the above standards,
while also covering this new behavior in the man page.

[ please note that the net result of these 2 patches ]
[ is simply to avoid pathname truncations should our ]
[ limit of 1024 be exceeded. they do not have a role ]
[ in solving the 'local privilege escalation' issue. ]

[ and we can never prevent a user from setting their ]
[ HOME var to a directory writable by some attacker! ]

[ the only real protection for that CVE-2018-1122 is ]
[ those soon to be enhanced rcfile integrity checks, ]
[ achieved through several of the following patches. ]

Reference(s):
. original qualys patch
0097-top-Do-not-default-to-the-cwd-in-configs_read.patch
commit b45c4803dd176f4e3f9d3d47421ddec9bbbe66cd

Signed-off-by: Jim Warner <james.warner@comcast.net>

diff --git a/top/top.1 b/top/top.1
index 810d881c0565f5ca1e678d9928c775c6bdd9e2f0..b8405e98717889a120a19d89d650fc6e797984df 100644 (file)
--- a/top/top.1
+++ b/top/top.1
@@ -67,7 +67,7 @@
 .
 .\" Document /////////////////////////////////////////////////////////////
 .\" ----------------------------------------------------------------------
-.TH TOP 1 "January 2018" "procps-ng" "User Commands"
+.TH TOP 1 "May 2018" "procps-ng" "User Commands"
 .\" ----------------------------------------------------------------------
 
 .\" ----------------------------------------------------------------------
@@ -2182,8 +2182,8 @@ While not intended to be edited manually, here is the general layout:
       "      # discussed below
 .fi
 
-If the $HOME and $XDG_CONFIG_HOME variables are not present, \*(We will try
-to write the personal \*(CF in the current directory, subject to permissions.
+If a valid absolute path to the rcfile cannot be established, customizations
+made to a running \*We will be impossible to preserve.
 
 .\" ......................................................................
 .SS 6b. ADDING INSPECT Entries

diff --git a/top/top.c b/top/top.c
index 7ff52e97e94d5657f042fdc38668eb0df61b0ae3..0bb10a0302175a106f8aaf97307032ce0df5a04c 100644 (file)
--- a/top/top.c
+++ b/top/top.c
@@ -3713,7 +3713,7 @@ static int config_cvt (WIN_t *q) {
 
 
         /*
-         * A configs_read *Helper* function responsible for processing
+         * A configs_reads *Helper* function responsible for processing
          * a configuration file (personal or system-wide default) */
 static const char *config_file (FILE *fp, const char *name, float *delay) {
    char fbuf[LRGBUFSIZ];
@@ -3861,19 +3861,24 @@ error Hey, fix the above fscanf 'PFLAGSSIZ' dependency !
 } // end: config_file
 
 
-static int snprintf_Rc_name (const char *const format, ...) __attribute__((format(printf,1,2)));
-static int snprintf_Rc_name (const char *const format, ...) {
+        /*
+         * A configs_reads *Helper* function responsible for ensuring the
+         * complete path was established, otherwise force the 'W' to fail */
+static int configs_path (const char *const fmts, ...) __attribute__((format(printf,1,2)));
+static int configs_path (const char *const fmts, ...) {
    int len;
    va_list ap;
-   va_start(ap, format);
-   len = vsnprintf(Rc_name, sizeof(Rc_name), format, ap);
+
+   va_start(ap, fmts);
+   len = vsnprintf(Rc_name, sizeof(Rc_name), fmts, ap);
    va_end(ap);
    if (len <= 0 || (size_t)len >= sizeof(Rc_name)) {
       Rc_name[0] = '\0';
-      return 0;
+      len = 0;
    }
    return len;
-}
+} // end: configs_path
+
 
         /*
          * Try reading up to 3 rcfiles
@@ -3891,7 +3896,7 @@ static int snprintf_Rc_name (const char *const format, ...) {
          *     Any remaining lines are devoted to the 'Inspect Other' feature
          * 3. 'SYS_RCDEFAULTS' system-wide defaults if 'Rc_name' absent
          *     format is identical to #2 above */
-static void configs_read (void) {
+static void configs_reads (void) {
    float tmp_delay = DEF_DELAY;
    const char *p, *p_home;
    FILE *fp;
@@ -3918,7 +3923,7 @@ static void configs_read (void) {
       }
    }
    if (p_home) {
-      snprintf_Rc_name("%s/.%src", p_home, Myname);
+      configs_path("%s/.%src", p_home, Myname);
    }
 
    if (!(fp = fopen(Rc_name, "r"))) {
@@ -3929,9 +3934,9 @@ static void configs_read (void) {
          p = fmtmk("%s/.config", p_home);
          (void)mkdir(p, 0700);
       }
-      if (!snprintf_Rc_name("%s/procps", p)) goto system_default;
+      if (!configs_path("%s/procps", p)) goto system_default;
       (void)mkdir(Rc_name, 0700);
-      if (!snprintf_Rc_name("%s/procps/%src", p, Myname)) goto system_default;
+      if (!configs_path("%s/procps/%src", p, Myname)) goto system_default;
       fp = fopen(Rc_name, "r");
    }
 
@@ -3965,7 +3970,7 @@ default_or_error:
 #else
    error_exit(p);
 #endif
-} // end: configs_read
+} // end: configs_reads
 
 
         /*
@@ -6111,7 +6116,7 @@ int main (int dont_care_argc, char **argv) {
    before(*argv);
                                         //                 +-------------+
    wins_stage_1();                      //                 top (sic) slice
-   configs_read();                      //                 > spread etc, <
+   configs_reads();                     //                 > spread etc, <
    parse_args(&argv[1]);                //                 > lean stuff, <
    whack_terminal();                    //                 > onions etc. <
    wins_stage_2();                      //                 as bottom slice

diff --git a/top/top.h b/top/top.h
index 046fc87906b89bfb2cf3aa29ae41239def362b6a..205b3d2815fea7729aed2f573d2016416274e91a 100644 (file)
--- a/top/top.h
+++ b/top/top.h
@@ -763,7 +763,8 @@ typedef struct WIN_t {
 //atic void          before (char *me);
 //atic int           config_cvt (WIN_t *q);
 //atic const char   *config_file (FILE *fp, const char *name, float *delay);
-//atic void          configs_read (void);
+//atic int           configs_path (const char *const fmts, ...);
+//atic void          configs_reads (void);
 //atic void          parse_args (char **args);
 //atic void          whack_terminal (void);
 /*------  Windows/Field Groups support  ----------------------------------*/