From: Craig Small Date: Sun, 1 May 2016 07:14:48 +0000 (+1000) Subject: library: protect against large version numbers. X-Git-Tag: v4.0.0~928 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=9abf7d879d07c140a265b9f8efb642fdb5bd06b3;p=procps-ng library: protect against large version numbers. Linux release numbers are x.y.z we assumed but never protected against x> 0x7fff and y,z > 0xff before. Linux release in 1991, 1 major release per 6 years so we're fine until 7452, unless they do way too many minor rels (max being 39) --- diff --git a/doc/procps_linux_version.3 b/doc/procps_linux_version.3 index 838854bf..b284d13e 100644 --- a/doc/procps_linux_version.3 +++ b/doc/procps_linux_version.3 @@ -16,7 +16,7 @@ .\" Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA .\" %%%LICENSE_END .\" -.TH PROCPS_LINUX_VERSION 3 2016-04-14 "libproc-2" +.TH PROCPS_LINUX_VERSION 3 2016-05-01 "libproc-2" .\" Please adjust this date whenever revising the manpage. .\" .SH NAME @@ -79,6 +79,15 @@ Contains the release version of the Linux kernel or proc filesystem. .B procps_linux_version() first appeared in libproc-2 version 0.0. +.SH BUGS +Due to the way the three numbers are encoded into a single integer, +.BR procps_linux_version () +and the associated macros assume 255 for the maximum value for the +minor and patch level and 32767 (hex 0x7fff) for the maximum value +for the major version. In other words, when Linux v 32768.0.0 comes +out, this function will break. +.\" Maj/6yr - In 7452 we'll think of something + .SH SEE ALSO .BR fopen (3), .BR proc (5). diff --git a/proc/version.h b/proc/version.h index ba86250b..611b4a7f 100644 --- a/proc/version.h +++ b/proc/version.h @@ -29,7 +29,7 @@ __BEGIN_DECLS int procps_linux_version(void); /* Convenience macros for composing/decomposing version codes */ -#define LINUX_VERSION(x,y,z) (0x10000*(x) + 0x100*(y) + z) +#define LINUX_VERSION(x,y,z) (0x10000*((x)&0x7fff) + 0x100*((y)&0xff) + (z)&0xff) #define LINUX_VERSION_MAJOR(x) (((x)>>16) & 0xFF) #define LINUX_VERSION_MINOR(x) (((x)>> 8) & 0xFF) #define LINUX_VERSION_PATCH(x) ( (x) & 0xFF)