From: Jim Warner <james.warner@comcast.net>
Date: Sat, 2 Jun 2018 05:00:00 +0000 (-0500)
Subject: top: prevent buffer overflow potential in all routines
X-Git-Tag: v4.0.0~562
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=085351a0ee9e7abcaca499dbc1d6444cfa9c9da9;p=procps-ng

top: prevent buffer overflow potential in all routines

Whereas an original patch (referenced below) addressed
some symptoms related to manually edited config files,
this solution deals with root causes. And it goes much
beyond any single top field by protecting all of top's
fields. Henceforth, a duplicated field is not allowed.

Reference(s):
. original qualys patch
0114-top-Prevent-buffer-overflow-in-calibrate_fields.patch

Signed-off-by: Jim Warner <james.warner@comcast.net>
---

diff --git a/top/top.c b/top/top.c
index d05fb34e..648a4567 100644
--- a/top/top.c
+++ b/top/top.c
@@ -3246,7 +3246,7 @@ static const char *config_file (FILE *fp, const char *name, float *delay) {
    *delay = (float)tmp_whole + (float)tmp_fract / 1000;
 
    for (i = 0 ; i < GROUPSMAX; i++) {
-      int x;
+      int n, x;
       WIN_t *w = &Winstk[i];
       p = fmtmk(N_fmt(RC_bad_entry_fmt), i+1, name);
 
@@ -3258,6 +3258,11 @@ static const char *config_file (FILE *fp, const char *name, float *delay) {
  too bad fscanf is not as flexible with his format string as snprintf
 error Hey, fix the above fscanf 'PFLAGSSIZ' dependency !
 #endif
+      // ensure there's been no manual alteration of fieldscur
+      for (n = 0 ; n < EU_MAXPFLGS; n++) {
+         if (strchr(w->rc.fieldscur, w->rc.fieldscur[n]) != strrchr(w->rc.fieldscur, w->rc.fieldscur[n]))
+            return p;
+      }
       // be tolerant of missing release 3.3.10 graph modes additions
       if (3 > fscanf(fp, "\twinflags=%d, sortindx=%d, maxtasks=%d, graph_cpus=%d, graph_mems=%d\n"
          , &w->rc.winflags, &w->rc.sortindx, &w->rc.maxtasks, &w->rc.graph_cpus, &w->rc.graph_mems))