subject:"\[OE\-core\] \[PATCH\] procps\:Fix CVE\-2018\-1122\-1123"

Re: [OE-core] [PATCH] procps:Fix CVE-2018-1122-1123

2018-06-26 Thread akuster808




On 06/26/2018 12:35 AM, Hong Liu wrote:
> 1.0001-top-Do-not-default-to-the-cwd-in-configs_read.patch fixed CVE-2018-1122
>
> 2.0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch fixed 
> CVE-2018-1123
> ---
>  ...put.c-Fix-outbuf-overflows-in-pr_args-etc.patch |  84 +
>  ...Do-not-default-to-the-cwd-in-configs_read.patch | 101 
> +
>  meta/recipes-extended/procps/procps_3.3.14.bb  |   2 +
>  3 files changed, 187 insertions(+)
>  create mode 100644 
> meta/recipes-extended/procps/procps/0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch
>  create mode 100644 
> meta/recipes-extended/procps/procps/0001-top-Do-not-default-to-the-cwd-in-configs_read.patch
>
> diff --git 
> a/meta/recipes-extended/procps/procps/0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch
>  
> b/meta/recipes-extended/procps/procps/0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch
> new file mode 100644
> index 000..ab4fc23
> --- /dev/null
> +++ 
> b/meta/recipes-extended/procps/procps/0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch
> @@ -0,0 +1,84 @@
> +From 136e3724952827bbae8887a42d9d2b6f658a48ab Mon Sep 17 00:00:00 2001
> +From: Qualys Security Advisory 
> +Date: Thu, 1 Jan 1970 00:00:00 +
> +Subject: [PATCH] ps/output.c: Fix outbuf overflows in pr_args() etc.
> +
> +Because there is usually less than OUTBUF_SIZE available at endp.
> +
> +Upstream-Status: Backport
Patch missing signed-off-by


> +---
> + ps/output.c | 23 ++-
> + 1 file changed, 14 insertions(+), 9 deletions(-)
> +
> +diff --git a/ps/output.c b/ps/output.c
> +index 0c63bb6..4456f28 100644
> +--- a/ps/output.c
>  b/ps/output.c
> +@@ -389,6 +389,9 @@ Modifications to the arguments are not shown.
> + 
> + // FIXME: some of these may hit the guard page in forest mode
> + 
> ++#define OUTBUF_SIZE_AT(endp) \
> ++  (((endp) >= outbuf && (endp) < outbuf + OUTBUF_SIZE) ? (outbuf + 
> OUTBUF_SIZE) - (endp) : 0)
> ++
> + /*
> +  * "args", "cmd", "command" are all the same:  long  unless  c
> +  * "comm", "ucmd", "ucomm"  are all the same:  short unless -f
> +@@ -402,15 +405,15 @@ static int pr_args(char *restrict const outbuf, const 
> proc_t *restrict const pp)
> +   rightward -= fh;
> + 
> +   if(pp->cmdline && !bsd_c_option)
> +-endp += escaped_copy(endp, *pp->cmdline, OUTBUF_SIZE, );
> ++endp += escaped_copy(endp, *pp->cmdline, OUTBUF_SIZE_AT(endp), 
> );
> +   else
> +-endp += escape_command(endp, pp, OUTBUF_SIZE, , ESC_DEFUNCT);
> ++endp += escape_command(endp, pp, OUTBUF_SIZE_AT(endp), , 
> ESC_DEFUNCT);
> + 
> +-  if(bsd_e_option && rightward>1) {
> ++  if(bsd_e_option && rightward>1 && OUTBUF_SIZE_AT(endp)>1) {
> + if(pp->environ && *pp->environ) {
> +   *endp++ = ' ';
> +   rightward--;
> +-  endp += escape_strlist(endp, pp->environ, OUTBUF_SIZE, );
> ++  endp += escape_strlist(endp, pp->environ, OUTBUF_SIZE_AT(endp), 
> );
> + }
> +   }
> +   return max_rightward-rightward;
> +@@ -429,15 +432,15 @@ static int pr_comm(char *restrict const outbuf, const 
> proc_t *restrict const pp)
> +   rightward -= fh;
> + 
> +   if(pp->cmdline && unix_f_option)
> +-endp += escaped_copy(endp, *pp->cmdline, OUTBUF_SIZE, );
> ++endp += escaped_copy(endp, *pp->cmdline, OUTBUF_SIZE_AT(endp), 
> );
> +   else
> +-endp += escape_command(endp, pp, OUTBUF_SIZE, , ESC_DEFUNCT);
> ++endp += escape_command(endp, pp, OUTBUF_SIZE_AT(endp), , 
> ESC_DEFUNCT);
> + 
> +-  if(bsd_e_option && rightward>1) {
> ++  if(bsd_e_option && rightward>1 && OUTBUF_SIZE_AT(endp)>1) {
> + if(pp->environ && *pp->environ) {
> +   *endp++ = ' ';
> +   rightward--;
> +-  endp += escape_strlist(endp, pp->environ, OUTBUF_SIZE, );
> ++  endp += escape_strlist(endp, pp->environ, OUTBUF_SIZE_AT(endp), 
> );
> + }
> +   }
> +   return max_rightward-rightward;
> +@@ -469,11 +472,13 @@ static int pr_fname(char *restrict const outbuf, const 
> proc_t *restrict const pp
> +   if (rightward>8)  /* 8=default, but forest maybe feeds more */
> + rightward = 8;
> + 
> +-  endp += escape_str(endp, pp->cmd, OUTBUF_SIZE, );
> ++  endp += escape_str(endp, pp->cmd, OUTBUF_SIZE_AT(endp), );
> +   //return endp - outbuf;
> +   return max_rightward-rightward;
> + }
> + 
> ++#undef OUTBUF_SIZE_AT
> ++
> + /* elapsed wall clock time, [[dd-]hh:]mm:ss format (not same as "time") */
> + static int pr_etime(char *restrict const outbuf, const proc_t *restrict 
> const pp){
> +   unsigned long t;
> +-- 
> +2.14.3
> +
> diff --git 
> a/meta/recipes-extended/procps/procps/0001-top-Do-not-default-to-the-cwd-in-configs_read.patch
>  
> b/meta/recipes-extended/procps/procps/0001-top-Do-not-default-to-the-cwd-in-configs_read.patch
> new file mode 100644
> index 000..8b1b904
> --- /dev/null
> +++ 
> b/meta/recipes-extended/procps/procps/0001-top-Do-not-default-to-the-cwd-in-configs_read.patch
> @@ -0,0 +1,101 @@
> +From

Re: [OE-core] [PATCH] procps:Fix CVE-2018-1122-1123

2018-06-26 Thread akuster808




On 06/26/2018 04:27 AM, Burton, Ross wrote:
> It appears that these are fixed in 3.3.15, so let's just upgrade to
> that and get all the other security fixes too.
But I can take this for Sumo if I don't update too.

- armin
> Ross
>
> On 26 June 2018 at 08:35, Hong Liu  wrote:
>> 1.0001-top-Do-not-default-to-the-cwd-in-configs_read.patch fixed 
>> CVE-2018-1122
>>
>> 2.0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch fixed 
>> CVE-2018-1123
>> ---
>>  ...put.c-Fix-outbuf-overflows-in-pr_args-etc.patch |  84 +
>>  ...Do-not-default-to-the-cwd-in-configs_read.patch | 101 
>> +
>>  meta/recipes-extended/procps/procps_3.3.14.bb  |   2 +
>>  3 files changed, 187 insertions(+)
>>  create mode 100644 
>> meta/recipes-extended/procps/procps/0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch
>>  create mode 100644 
>> meta/recipes-extended/procps/procps/0001-top-Do-not-default-to-the-cwd-in-configs_read.patch
>>
>> diff --git 
>> a/meta/recipes-extended/procps/procps/0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch
>>  
>> b/meta/recipes-extended/procps/procps/0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch
>> new file mode 100644
>> index 000..ab4fc23
>> --- /dev/null
>> +++ 
>> b/meta/recipes-extended/procps/procps/0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch
>> @@ -0,0 +1,84 @@
>> +From 136e3724952827bbae8887a42d9d2b6f658a48ab Mon Sep 17 00:00:00 2001
>> +From: Qualys Security Advisory 
>> +Date: Thu, 1 Jan 1970 00:00:00 +
>> +Subject: [PATCH] ps/output.c: Fix outbuf overflows in pr_args() etc.
>> +
>> +Because there is usually less than OUTBUF_SIZE available at endp.
>> +
>> +Upstream-Status: Backport
>> +---
>> + ps/output.c | 23 ++-
>> + 1 file changed, 14 insertions(+), 9 deletions(-)
>> +
>> +diff --git a/ps/output.c b/ps/output.c
>> +index 0c63bb6..4456f28 100644
>> +--- a/ps/output.c
>>  b/ps/output.c
>> +@@ -389,6 +389,9 @@ Modifications to the arguments are not shown.
>> +
>> + // FIXME: some of these may hit the guard page in forest mode
>> +
>> ++#define OUTBUF_SIZE_AT(endp) \
>> ++  (((endp) >= outbuf && (endp) < outbuf + OUTBUF_SIZE) ? (outbuf + 
>> OUTBUF_SIZE) - (endp) : 0)
>> ++
>> + /*
>> +  * "args", "cmd", "command" are all the same:  long  unless  c
>> +  * "comm", "ucmd", "ucomm"  are all the same:  short unless -f
>> +@@ -402,15 +405,15 @@ static int pr_args(char *restrict const outbuf, const 
>> proc_t *restrict const pp)
>> +   rightward -= fh;
>> +
>> +   if(pp->cmdline && !bsd_c_option)
>> +-endp += escaped_copy(endp, *pp->cmdline, OUTBUF_SIZE, );
>> ++endp += escaped_copy(endp, *pp->cmdline, OUTBUF_SIZE_AT(endp), 
>> );
>> +   else
>> +-endp += escape_command(endp, pp, OUTBUF_SIZE, , ESC_DEFUNCT);
>> ++endp += escape_command(endp, pp, OUTBUF_SIZE_AT(endp), , 
>> ESC_DEFUNCT);
>> +
>> +-  if(bsd_e_option && rightward>1) {
>> ++  if(bsd_e_option && rightward>1 && OUTBUF_SIZE_AT(endp)>1) {
>> + if(pp->environ && *pp->environ) {
>> +   *endp++ = ' ';
>> +   rightward--;
>> +-  endp += escape_strlist(endp, pp->environ, OUTBUF_SIZE, );
>> ++  endp += escape_strlist(endp, pp->environ, OUTBUF_SIZE_AT(endp), 
>> );
>> + }
>> +   }
>> +   return max_rightward-rightward;
>> +@@ -429,15 +432,15 @@ static int pr_comm(char *restrict const outbuf, const 
>> proc_t *restrict const pp)
>> +   rightward -= fh;
>> +
>> +   if(pp->cmdline && unix_f_option)
>> +-endp += escaped_copy(endp, *pp->cmdline, OUTBUF_SIZE, );
>> ++endp += escaped_copy(endp, *pp->cmdline, OUTBUF_SIZE_AT(endp), 
>> );
>> +   else
>> +-endp += escape_command(endp, pp, OUTBUF_SIZE, , ESC_DEFUNCT);
>> ++endp += escape_command(endp, pp, OUTBUF_SIZE_AT(endp), , 
>> ESC_DEFUNCT);
>> +
>> +-  if(bsd_e_option && rightward>1) {
>> ++  if(bsd_e_option && rightward>1 && OUTBUF_SIZE_AT(endp)>1) {
>> + if(pp->environ && *pp->environ) {
>> +   *endp++ = ' ';
>> +   rightward--;
>> +-  endp += escape_strlist(endp, pp->environ, OUTBUF_SIZE, );
>> ++  endp += escape_strlist(endp, pp->environ, OUTBUF_SIZE_AT(endp), 
>> );
>> + }
>> +   }
>> +   return max_rightward-rightward;
>> +@@ -469,11 +472,13 @@ static int pr_fname(char *restrict const outbuf, 
>> const proc_t *restrict const pp
>> +   if (rightward>8)  /* 8=default, but forest maybe feeds more */
>> + rightward = 8;
>> +
>> +-  endp += escape_str(endp, pp->cmd, OUTBUF_SIZE, );
>> ++  endp += escape_str(endp, pp->cmd, OUTBUF_SIZE_AT(endp), );
>> +   //return endp - outbuf;
>> +   return max_rightward-rightward;
>> + }
>> +
>> ++#undef OUTBUF_SIZE_AT
>> ++
>> + /* elapsed wall clock time, [[dd-]hh:]mm:ss format (not same as "time") */
>> + static int pr_etime(char *restrict const outbuf, const proc_t *restrict 
>> const pp){
>> +   unsigned long t;
>> +--
>> +2.14.3
>> +
>> diff --git 
>> a/meta/recipes-extended/procps/procps/0001-top-Do-not-default-to-the-cwd-in-configs_read.patch
>>

Re: [OE-core] [PATCH] procps:Fix CVE-2018-1122-1123

2018-06-26 Thread Burton, Ross

It appears that these are fixed in 3.3.15, so let's just upgrade to
that and get all the other security fixes too.

Ross

On 26 June 2018 at 08:35, Hong Liu  wrote:
> 1.0001-top-Do-not-default-to-the-cwd-in-configs_read.patch fixed CVE-2018-1122
>
> 2.0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch fixed 
> CVE-2018-1123
> ---
>  ...put.c-Fix-outbuf-overflows-in-pr_args-etc.patch |  84 +
>  ...Do-not-default-to-the-cwd-in-configs_read.patch | 101 
> +
>  meta/recipes-extended/procps/procps_3.3.14.bb  |   2 +
>  3 files changed, 187 insertions(+)
>  create mode 100644 
> meta/recipes-extended/procps/procps/0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch
>  create mode 100644 
> meta/recipes-extended/procps/procps/0001-top-Do-not-default-to-the-cwd-in-configs_read.patch
>
> diff --git 
> a/meta/recipes-extended/procps/procps/0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch
>  
> b/meta/recipes-extended/procps/procps/0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch
> new file mode 100644
> index 000..ab4fc23
> --- /dev/null
> +++ 
> b/meta/recipes-extended/procps/procps/0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch
> @@ -0,0 +1,84 @@
> +From 136e3724952827bbae8887a42d9d2b6f658a48ab Mon Sep 17 00:00:00 2001
> +From: Qualys Security Advisory 
> +Date: Thu, 1 Jan 1970 00:00:00 +
> +Subject: [PATCH] ps/output.c: Fix outbuf overflows in pr_args() etc.
> +
> +Because there is usually less than OUTBUF_SIZE available at endp.
> +
> +Upstream-Status: Backport
> +---
> + ps/output.c | 23 ++-
> + 1 file changed, 14 insertions(+), 9 deletions(-)
> +
> +diff --git a/ps/output.c b/ps/output.c
> +index 0c63bb6..4456f28 100644
> +--- a/ps/output.c
>  b/ps/output.c
> +@@ -389,6 +389,9 @@ Modifications to the arguments are not shown.
> +
> + // FIXME: some of these may hit the guard page in forest mode
> +
> ++#define OUTBUF_SIZE_AT(endp) \
> ++  (((endp) >= outbuf && (endp) < outbuf + OUTBUF_SIZE) ? (outbuf + 
> OUTBUF_SIZE) - (endp) : 0)
> ++
> + /*
> +  * "args", "cmd", "command" are all the same:  long  unless  c
> +  * "comm", "ucmd", "ucomm"  are all the same:  short unless -f
> +@@ -402,15 +405,15 @@ static int pr_args(char *restrict const outbuf, const 
> proc_t *restrict const pp)
> +   rightward -= fh;
> +
> +   if(pp->cmdline && !bsd_c_option)
> +-endp += escaped_copy(endp, *pp->cmdline, OUTBUF_SIZE, );
> ++endp += escaped_copy(endp, *pp->cmdline, OUTBUF_SIZE_AT(endp), 
> );
> +   else
> +-endp += escape_command(endp, pp, OUTBUF_SIZE, , ESC_DEFUNCT);
> ++endp += escape_command(endp, pp, OUTBUF_SIZE_AT(endp), , 
> ESC_DEFUNCT);
> +
> +-  if(bsd_e_option && rightward>1) {
> ++  if(bsd_e_option && rightward>1 && OUTBUF_SIZE_AT(endp)>1) {
> + if(pp->environ && *pp->environ) {
> +   *endp++ = ' ';
> +   rightward--;
> +-  endp += escape_strlist(endp, pp->environ, OUTBUF_SIZE, );
> ++  endp += escape_strlist(endp, pp->environ, OUTBUF_SIZE_AT(endp), 
> );
> + }
> +   }
> +   return max_rightward-rightward;
> +@@ -429,15 +432,15 @@ static int pr_comm(char *restrict const outbuf, const 
> proc_t *restrict const pp)
> +   rightward -= fh;
> +
> +   if(pp->cmdline && unix_f_option)
> +-endp += escaped_copy(endp, *pp->cmdline, OUTBUF_SIZE, );
> ++endp += escaped_copy(endp, *pp->cmdline, OUTBUF_SIZE_AT(endp), 
> );
> +   else
> +-endp += escape_command(endp, pp, OUTBUF_SIZE, , ESC_DEFUNCT);
> ++endp += escape_command(endp, pp, OUTBUF_SIZE_AT(endp), , 
> ESC_DEFUNCT);
> +
> +-  if(bsd_e_option && rightward>1) {
> ++  if(bsd_e_option && rightward>1 && OUTBUF_SIZE_AT(endp)>1) {
> + if(pp->environ && *pp->environ) {
> +   *endp++ = ' ';
> +   rightward--;
> +-  endp += escape_strlist(endp, pp->environ, OUTBUF_SIZE, );
> ++  endp += escape_strlist(endp, pp->environ, OUTBUF_SIZE_AT(endp), 
> );
> + }
> +   }
> +   return max_rightward-rightward;
> +@@ -469,11 +472,13 @@ static int pr_fname(char *restrict const outbuf, const 
> proc_t *restrict const pp
> +   if (rightward>8)  /* 8=default, but forest maybe feeds more */
> + rightward = 8;
> +
> +-  endp += escape_str(endp, pp->cmd, OUTBUF_SIZE, );
> ++  endp += escape_str(endp, pp->cmd, OUTBUF_SIZE_AT(endp), );
> +   //return endp - outbuf;
> +   return max_rightward-rightward;
> + }
> +
> ++#undef OUTBUF_SIZE_AT
> ++
> + /* elapsed wall clock time, [[dd-]hh:]mm:ss format (not same as "time") */
> + static int pr_etime(char *restrict const outbuf, const proc_t *restrict 
> const pp){
> +   unsigned long t;
> +--
> +2.14.3
> +
> diff --git 
> a/meta/recipes-extended/procps/procps/0001-top-Do-not-default-to-the-cwd-in-configs_read.patch
>  
> b/meta/recipes-extended/procps/procps/0001-top-Do-not-default-to-the-cwd-in-configs_read.patch
> new file mode 100644
> index 000..8b1b904
> --- /dev/null
> +++ 
>

[OE-core] [PATCH] procps:Fix CVE-2018-1122-1123

2018-06-26 Thread Hong Liu

1.0001-top-Do-not-default-to-the-cwd-in-configs_read.patch fixed CVE-2018-1122

2.0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch fixed CVE-2018-1123
---
 ...put.c-Fix-outbuf-overflows-in-pr_args-etc.patch |  84 +
 ...Do-not-default-to-the-cwd-in-configs_read.patch | 101 +
 meta/recipes-extended/procps/procps_3.3.14.bb  |   2 +
 3 files changed, 187 insertions(+)
 create mode 100644 
meta/recipes-extended/procps/procps/0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch
 create mode 100644 
meta/recipes-extended/procps/procps/0001-top-Do-not-default-to-the-cwd-in-configs_read.patch

diff --git 
a/meta/recipes-extended/procps/procps/0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch
 
b/meta/recipes-extended/procps/procps/0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch
new file mode 100644
index 000..ab4fc23
--- /dev/null
+++ 
b/meta/recipes-extended/procps/procps/0001-ps-output.c-Fix-outbuf-overflows-in-pr_args-etc.patch
@@ -0,0 +1,84 @@
+From 136e3724952827bbae8887a42d9d2b6f658a48ab Mon Sep 17 00:00:00 2001
+From: Qualys Security Advisory 
+Date: Thu, 1 Jan 1970 00:00:00 +
+Subject: [PATCH] ps/output.c: Fix outbuf overflows in pr_args() etc.
+
+Because there is usually less than OUTBUF_SIZE available at endp.
+
+Upstream-Status: Backport
+---
+ ps/output.c | 23 ++-
+ 1 file changed, 14 insertions(+), 9 deletions(-)
+
+diff --git a/ps/output.c b/ps/output.c
+index 0c63bb6..4456f28 100644
+--- a/ps/output.c
 b/ps/output.c
+@@ -389,6 +389,9 @@ Modifications to the arguments are not shown.
+ 
+ // FIXME: some of these may hit the guard page in forest mode
+ 
++#define OUTBUF_SIZE_AT(endp) \
++  (((endp) >= outbuf && (endp) < outbuf + OUTBUF_SIZE) ? (outbuf + 
OUTBUF_SIZE) - (endp) : 0)
++
+ /*
+  * "args", "cmd", "command" are all the same:  long  unless  c
+  * "comm", "ucmd", "ucomm"  are all the same:  short unless -f
+@@ -402,15 +405,15 @@ static int pr_args(char *restrict const outbuf, const 
proc_t *restrict const pp)
+   rightward -= fh;
+ 
+   if(pp->cmdline && !bsd_c_option)
+-endp += escaped_copy(endp, *pp->cmdline, OUTBUF_SIZE, );
++endp += escaped_copy(endp, *pp->cmdline, OUTBUF_SIZE_AT(endp), 
);
+   else
+-endp += escape_command(endp, pp, OUTBUF_SIZE, , ESC_DEFUNCT);
++endp += escape_command(endp, pp, OUTBUF_SIZE_AT(endp), , 
ESC_DEFUNCT);
+ 
+-  if(bsd_e_option && rightward>1) {
++  if(bsd_e_option && rightward>1 && OUTBUF_SIZE_AT(endp)>1) {
+ if(pp->environ && *pp->environ) {
+   *endp++ = ' ';
+   rightward--;
+-  endp += escape_strlist(endp, pp->environ, OUTBUF_SIZE, );
++  endp += escape_strlist(endp, pp->environ, OUTBUF_SIZE_AT(endp), 
);
+ }
+   }
+   return max_rightward-rightward;
+@@ -429,15 +432,15 @@ static int pr_comm(char *restrict const outbuf, const 
proc_t *restrict const pp)
+   rightward -= fh;
+ 
+   if(pp->cmdline && unix_f_option)
+-endp += escaped_copy(endp, *pp->cmdline, OUTBUF_SIZE, );
++endp += escaped_copy(endp, *pp->cmdline, OUTBUF_SIZE_AT(endp), 
);
+   else
+-endp += escape_command(endp, pp, OUTBUF_SIZE, , ESC_DEFUNCT);
++endp += escape_command(endp, pp, OUTBUF_SIZE_AT(endp), , 
ESC_DEFUNCT);
+ 
+-  if(bsd_e_option && rightward>1) {
++  if(bsd_e_option && rightward>1 && OUTBUF_SIZE_AT(endp)>1) {
+ if(pp->environ && *pp->environ) {
+   *endp++ = ' ';
+   rightward--;
+-  endp += escape_strlist(endp, pp->environ, OUTBUF_SIZE, );
++  endp += escape_strlist(endp, pp->environ, OUTBUF_SIZE_AT(endp), 
);
+ }
+   }
+   return max_rightward-rightward;
+@@ -469,11 +472,13 @@ static int pr_fname(char *restrict const outbuf, const 
proc_t *restrict const pp
+   if (rightward>8)  /* 8=default, but forest maybe feeds more */
+ rightward = 8;
+ 
+-  endp += escape_str(endp, pp->cmd, OUTBUF_SIZE, );
++  endp += escape_str(endp, pp->cmd, OUTBUF_SIZE_AT(endp), );
+   //return endp - outbuf;
+   return max_rightward-rightward;
+ }
+ 
++#undef OUTBUF_SIZE_AT
++
+ /* elapsed wall clock time, [[dd-]hh:]mm:ss format (not same as "time") */
+ static int pr_etime(char *restrict const outbuf, const proc_t *restrict const 
pp){
+   unsigned long t;
+-- 
+2.14.3
+
diff --git 
a/meta/recipes-extended/procps/procps/0001-top-Do-not-default-to-the-cwd-in-configs_read.patch
 
b/meta/recipes-extended/procps/procps/0001-top-Do-not-default-to-the-cwd-in-configs_read.patch
new file mode 100644
index 000..8b1b904
--- /dev/null
+++ 
b/meta/recipes-extended/procps/procps/0001-top-Do-not-default-to-the-cwd-in-configs_read.patch
@@ -0,0 +1,101 @@
+From b45c4803dd176f4e3f9d3d47421ddec9bbbe66cd Mon Sep 17 00:00:00 2001
+From: Qualys Security Advisory 
+Date: Thu, 1 Jan 1970 00:00:00 +
+Subject: [PATCH] top: Do not default to the cwd in configs_read().
+
+If the HOME environment variable is not set, or not absolute, use the
+home directory returned by getpwuid(getuid()), if set and absolute
+(instead of the cwd

Re: [OE-core] [PATCH] procps:Fix CVE-2018-1122-1123

Re: [OE-core] [PATCH] procps:Fix CVE-2018-1122-1123

Re: [OE-core] [PATCH] procps:Fix CVE-2018-1122-1123

[OE-core] [PATCH] procps:Fix CVE-2018-1122-1123

4 matches

Site Navigation

Mail list logo

Footer information