Hi,
I was playing around with procfs today, and when I did "cat /proc/*/
cmdline" procfs crashed with a segmentation fault. I re-ran procfs in
gdb and saw that the crash was caused by the while loop in
getproccmdline trying to read past the end of target_argv. This was
when it was getting the command-line for a postgresql process that had
changed its argc, so the command-line reported by ps was "postgres:
writer process
".
I added a check for the end of the target_argv buffer and re-rand
"cat /proc/*/cmdline", which now works without a crash. The patch is
below.
Regards,
Francis
P.S. this is with procfs from subversion r1273, and MacFuse 1.9.23.
Index: procfs.cc
===================================================================
--- procfs.cc (revision 1273)
+++ procfs.cc (working copy)
@@ -1816,7 +1816,7 @@
{
int i, mib[4], rlen, tlen, thislen;
int argmax, target_argc;
- char *target_argv;
+ char *target_argv, *target_argv_end;
char *cp;
size_t size;
@@ -1837,6 +1837,8 @@
return -1;
}
+ target_argv_end = target_argv + argmax;
+
mib[0] = CTL_KERN;
mib[1] = KERN_PROCARGS2;
mib[2] = pid;
@@ -1853,8 +1855,14 @@
rlen = len;
tlen = 0;
for (i = 1; i < target_argc + 1; i++) {
- while (*cp == '\0')
+ while (cp < target_argv_end && *cp == '\0')
cp++;
+ if (cp == target_argv_end) {
+ // We have reached the end of target_argv without finding
+ // target_argc arguments. This can happen when a process
has
+ // changed its argv (for example, postgresql does this).
+ break;
+ }
thislen = snprintf(cmdlinebuf + tlen, rlen, "%s ", cp);
tlen += thislen;
rlen -= thislen;
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"MacFUSE" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/macfuse?hl=en
-~----------~----~----~----~------~----~------~--~---
