From eba58ec17a319e5e6af93df8fe71c0e62aa70388 Mon Sep 17 00:00:00 2001 From: Jim Warner Date: Sun, 30 Aug 2015 00:00:00 -0500 Subject: [PATCH] library: beef up 'enum pids_item' parameter validation I was surprised to find that ol' gcc silently converts a single (different) enum into an address where one or more enums were expected to be dereferenced. Of course this was just yet another way to generate an old SEGV. So this commit will strengthen those parameter checks. [ we will *not* blame Craig for a failure to consult ] [ the documentation, since it doesn't even exist yet ] Reference(s): http://www.freelists.org/post/procps/newlib-ps-fix,8 Signed-off-by: Jim Warner --- proc/pids.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/proc/pids.c b/proc/pids.c index 7972c795..592b3414 100644 --- a/proc/pids.c +++ b/proc/pids.c @@ -793,6 +793,17 @@ static inline int items_check_failed ( { int i; + /* if an enum is passed instead of an address of one or more enums, ol' gcc + * will silently convert it to an address (possibly NULL). only clang will + * offer any sort of warning like the following: + * + * warning: incompatible integer to pointer conversion passing 'int' to parameter of type 'enum pids_item *' + * if (procps_pids_new(&info, 3, PROCPS_PIDS_noop) < 0) + * ^~~~~~~~~~~~~~~~ + */ + if (maxitems < 1 + || (void *)items < (void *)PROCPS_PIDS_physical_end) + return -1; for (i = 0; i < maxitems; i++) { // a pids_item is currently unsigned, but we'll protect our future if (items[i] < 0) -- 2.40.0