From: Jim Warner <james.warner@comcast.net>
Date: Fri, 18 May 2018 05:00:00 +0000 (-0500)
Subject: top: Prevent buffer overflow in calibrate_... REVERTED
X-Git-Tag: v3.3.15~11
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=72ddc1c33d225791673c6a34c7da44e1db253641;p=procps-ng

top: Prevent buffer overflow in calibrate_... REVERTED

Here, again, we have an example of attacking a problem
by addressing the symptoms. And that assertion made in
the original commit message is true if only if someone
had manually (maliciously) edited the top config file.

So let's reverse the original patch & thus prepare for
a proper solution addressing the cause, not a symptom.

Reference(s):
. original qualys patch
0114-top-Prevent-buffer-overflow-in-calibrate_fields.patch
commit c424a643318abfb534a692bd86c6a5e411ed2ebb

Signed-off-by: Jim Warner <james.warner@comcast.net>
---

diff --git a/top/top.c b/top/top.c
index 308378db..80040f00 100644
--- a/top/top.c
+++ b/top/top.c
@@ -2130,13 +2130,12 @@ static void calibrate_fields (void) {
          w->hdrcaplen = 0;   // really only used with USE_X_COLHDR
          // build window's pflgsall array, establish upper bounds for maxpflgs
          for (i = 0, w->totpflgs = 0; i < EU_MAXPFLGS; i++) {
-            if (FLDviz(w, i) && w->totpflgs < PFLAGSSIZ) {
+            if (FLDviz(w, i)) {
                f = FLDget(w, i);
 #ifdef USE_X_COLHDR
                w->pflgsall[w->totpflgs++] = f;
 #else
-               if (CHKw(w, Show_HICOLS) && f == w->rc.sortindx &&
-                  w->totpflgs <= PFLAGSSIZ - 3) {
+               if (CHKw(w, Show_HICOLS) && f == w->rc.sortindx) {
                   w->pflgsall[w->totpflgs++] = EU_XON;
                   w->pflgsall[w->totpflgs++] = f;
                   w->pflgsall[w->totpflgs++] = EU_XOF;