From: Qualys Security Advisory <qsa@qualys.com>
Date: Thu, 1 Jan 1970 00:00:00 +0000 (+0000)
Subject: 0086-pmap: Prevent integer overflow in main().
X-Git-Tag: v4.0.0~502
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=bf409f92fdb680decafee1f2db49574ac6a3d133;p=procps-ng

0086-pmap: Prevent integer overflow in main().

Unlikely to ever happen, but just in case.

Signed-off-by: Craig Small <csmall@enc.com.au>
---

diff --git a/pmap.c b/pmap.c
index 77e363e0..6c1abc42 100644
--- a/pmap.c
+++ b/pmap.c
@@ -30,6 +30,7 @@
 #include <sys/types.h>
 #include <unistd.h>
 #include <assert.h>
+#include <limits.h>
 
 #include "c.h"
 #include "fileutils.h"
@@ -1136,6 +1137,8 @@ int main(int argc, char **argv)
 			}
 		}
 	}
+	if ((size_t)argc >= INT_MAX / sizeof(pid_t))
+		xerrx(EXIT_FAILURE, _("too many arguments"));
 	if (procps_pids_new(&Pids_info, Pid_items, 4))
 		xerrx(EXIT_FAILURE, _("library failed pids statistics"));
 	pidlist = xmalloc(sizeof(pid_t) * argc);