Hi Craig, On Tue, Jul 17, 2018 at 09:49:15PM +1000, Craig Small wrote: > Thankyou for your bug report. git bisect analysis shows that upstream > commit 52673d2fc7e012f5134cdfafb6d319450b3a40a3 [1] is the cause of your > problem as reported; or is for at least the -p option.
Thank you for performing the bisect! > I must admit having an initial look at this commit, nothing stands out that > says "this is a problem", but here we are. It will need some further > checking to see why it is breaking skill. If you ask me, something does stand out. > https://gitlab.com/procps-ng/procps/commit/52673d2fc7e012f5134cdfafb6d319450b3a40a3 That thing is: -if (read(fd, buf, 128) <= 0) +if (len <= 0 || (size_t)len >= sizeof(buf)) The second condition (len >= sizeof(buf)) is new. So what actually is sizeof(buf)? Well, 128. What are we reading from? Well, /proc/$pid/stat. How big are such stat files in general? Well, let's ask wc -c /proc/*/stat. The smallest file has 147 bytes here. But they can go well beyond 300 bytes. The buffer is simply too small. Given that the thing you read is always big. I'm in favour of simply reverting qualys' patch and replacing it with buf[min(127, len)] = '\0'; Helmut
