Your message dated Thu, 28 May 2009 09:17:20 +0000
with message-id <[email protected]>
and subject line Bug#519331: fixed in procps 1:3.2.8-1
has caused the Debian Bug report #519331,
regarding procps: pwdx outputs data from uninitialized pointer
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
519331: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=519331
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: procps
Version: 1:3.2.7-11
Severity: normal
Tags: patch
35_path_max.dpatch is broken: If the path is shorter than
128 characters char* s remains uninitialized and the command
displays garbage characters instead of the working directory.
Additionally due to incorrect parentheses the terminating 0
is always added to buf[0] (which is the wrong string anyway).
A corrected patch is attached.
-- System Information:
Debian Release: 5.0
APT prefers stable
APT policy: (600, 'stable'), (500, 'unstable'), (1, 'experimental')
Architecture: i386 (x86_64)
Kernel: Linux 2.6.28-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages procps depends on:
ii libc6 2.7-18 GNU C Library: Shared libraries
ii libncurses5 5.7+20081213-1 shared libraries for terminal hand
ii lsb-base 3.2-20 Linux Standard Base 3.2 init scrip
Versions of packages procps recommends:
ii psmisc 22.6-1 Utilities that use the proc filesy
procps suggests no packages.
-- no debconf information
#! /bin/sh /usr/share/dpatch/dpatch-run
## 35_path_max.dpatch by Madhusudan.C.S <[email protected]>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Uses alloc instead of fixed PATH_MAX value #496274
@DPATCH@
diff -urNad procps-3.2.7~/proc/readproc.c procps-3.2.7/proc/readproc.c
--- procps-3.2.7~/proc/readproc.c 2008-09-09 15:01:09.000000000 +1000
+++ procps-3.2.7/proc/readproc.c 2008-09-09 15:01:36.000000000 +1000
@@ -1034,7 +1034,7 @@
* and filled out proc_t structure.
*/
proc_t * get_proc_stats(pid_t pid, proc_t *p) {
- static char path[PATH_MAX], sbuf[1024];
+ static char path[32], sbuf[1024];
struct stat statbuf;
sprintf(path, "/proc/%d", pid);
diff -urNad procps-3.2.7~/pwdx.c procps-3.2.7/pwdx.c
--- procps-3.2.7~/pwdx.c 2006-06-17 19:29:06.000000000 +1000
+++ procps-3.2.7/pwdx.c 2009-03-11 19:56:58.466099226 +0100
@@ -35,7 +35,6 @@
int main(int argc, char* argv[])
{
- char buf[PATH_MAX+1];
regex_t re;
int i;
@@ -59,6 +58,7 @@
for (i = 1; i < argc; i++) {
if (regexec(&re, argv[i], 0, NULL, 0) != 0) {
+ char buf[27 + strlen (argv[i]) + 1]; // Constant 27 is the length of the error string "pwdx: ... "
snprintf(buf, sizeof buf, "pwdx: invalid process id: %s\n", argv[i]);
die(buf);
}
@@ -68,9 +68,13 @@
regfree(&re);
+ int alloclen = 128;
+ char *pathbuf = malloc(alloclen);
+
for (i = 1; i < argc; i++) {
- char * s = buf;
+ char * s;
int len;
+ char buf[10 + strlen(argv[i]) + 1]; // Constant 10 is the length of strings "/proc/" + "/cwd" + 1
// At this point, all arguments are in the form /proc/nnnn
// or nnnn, so a simple check based on the first char is
@@ -83,13 +87,21 @@
// buf contains /proc/nnnn/cwd symlink name on entry, the
// target of that symlink on return
- if ((len = readlink(buf, buf, PATH_MAX)) < 0) {
+ while ((len = readlink(buf, pathbuf, alloclen)) == alloclen) {
+ alloclen *= 2;
+ pathbuf = realloc(pathbuf, alloclen);
+ }
+
+ if (len < 0) {
s = strerror(errno == ENOENT ? ESRCH : errno);
} else {
- buf[len] = 0;
+ pathbuf[len] = 0;
+ s = pathbuf;
}
printf("%s: %s\n", argv[i], s);
}
+ free(pathbuf);
+
return 0;
}
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: procps
Source-Version: 1:3.2.8-1
We believe that the bug you reported is fixed in the latest version of
procps, which is due to be installed in the Debian FTP archive:
libproc-dev_3.2.8-1_i386.deb
to pool/main/p/procps/libproc-dev_3.2.8-1_i386.deb
procps_3.2.8-1.diff.gz
to pool/main/p/procps/procps_3.2.8-1.diff.gz
procps_3.2.8-1.dsc
to pool/main/p/procps/procps_3.2.8-1.dsc
procps_3.2.8-1_i386.deb
to pool/main/p/procps/procps_3.2.8-1_i386.deb
procps_3.2.8.orig.tar.gz
to pool/main/p/procps/procps_3.2.8.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Craig Small <[email protected]> (supplier of updated procps package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 28 May 2009 17:34:22 +1000
Source: procps
Binary: procps libproc-dev
Architecture: source i386
Version: 1:3.2.8-1
Distribution: unstable
Urgency: low
Maintainer: Craig Small <[email protected]>
Changed-By: Craig Small <[email protected]>
Description:
libproc-dev - library for accessing process information from /proc
procps - /proc file system utilities
Closes: 508435 519331 526360 527193
Changes:
procps (1:3.2.8-1) unstable; urgency=low
.
* New upstream release
* Actually apply sort time patch Closes: #508435
* Corrected 35_path_max patch Closes: #519331
* fixed cumulative parameter in watch.1 Closes: #527193
* Applied vmstat -p fix patch Closes: #526360
Checksums-Sha1:
1ca57c5ecd9d6c1432c37c13b9fec16c1b09f73b 986 procps_3.2.8-1.dsc
a0c86790569dec26b5d9037e8868ca907acc9829 285758 procps_3.2.8.orig.tar.gz
7b38f7354f4b2aa32c3229aab2c4ae5e91cf8e5f 60682 procps_3.2.8-1.diff.gz
f426294fb423e514167efb800a8e071d182d38aa 227314 procps_3.2.8-1_i386.deb
bd79bdfdfa3f6b1cd1c28f60990719d876ba15e2 58656 libproc-dev_3.2.8-1_i386.deb
Checksums-Sha256:
2822ee91d9fed8fc62cce25097864b79f6302bbdaae1df60ed1f5fffc04010d0 986
procps_3.2.8-1.dsc
11ed68d8a4433b91cd833deb714a3aa849c02aea738c42e6b4557982419c1535 285758
procps_3.2.8.orig.tar.gz
91b2d3e2f55e989ad2740810b000433ba0a9330fe8aa9ea6773670c48b121b21 60682
procps_3.2.8-1.diff.gz
bd94af9410751169dc78b879f903515840ebff8c0fa233948159567722862dc5 227314
procps_3.2.8-1_i386.deb
c141a1eabceb329d529bd09f10f1352ff53edebc88c144af075643d1ff569220 58656
libproc-dev_3.2.8-1_i386.deb
Files:
84b96ca487a713a27a86a8feeab049a3 986 admin required procps_3.2.8-1.dsc
9532714b6846013ca9898984ba4cd7e0 285758 admin required procps_3.2.8.orig.tar.gz
c73a49dd0e5f30e435ce256be30e894a 60682 admin required procps_3.2.8-1.diff.gz
c30bd3c4937adaa534bb0029a7d0ab61 227314 admin required procps_3.2.8-1_i386.deb
fb93c7112a056ebf3f0ca77de4f6acbd 58656 libdevel optional
libproc-dev_3.2.8-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFKHkfOx2zlrBLK36URAvomAKCTT9Iitm4A7J2hW0Eu1Tus1OJWGwCfQLIn
MG5LuLWrlc5C1bfZvMXBctk=
=0M6h
-----END PGP SIGNATURE-----
--- End Message ---
