From: Qualys Security Advisory Date: Thu, 1 Jan 1970 00:00:00 +0000 (+0000) Subject: 0041-proc/sig.c: Harden print_given_signals(). X-Git-Tag: v4.0.0~602 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d3ff255fa582ac5fbcb2d71cb96876def6f2a660;p=procps-ng 0041-proc/sig.c: Harden print_given_signals(). And signal_name_to_number(). ---------------------------- adapted for newlib branch . file has been moved to: lib/signals.c . only 'signal_name_to_number()' was impacted . function 'print_given_signals()' no longer exists . thus the bulk of original patch no longer applicable Signed-off-by: Jim Warner --- diff --git a/lib/signals.c b/lib/signals.c index 6074d6a3..caff420d 100644 --- a/lib/signals.c +++ b/lib/signals.c @@ -200,7 +200,7 @@ int signal_name_to_number(const char *restrict name){ if(*endp || endp==name) return -1; /* not valid */ } - if(val+SIGRTMIN>127) + if(val<0 || val+SIGRTMIN>127) return -1; /* not valid */ return val+offset; }