[PATCH] sysctl: avoid crash when -p file has unexpected input

  • From: Sami Kerola <kerolasa@xxxxxx>
  • Date: Thu, 3 May 2012 20:08:27 +0200

Commit e01765d30b7c4767868d5379fbfb36d1dc15eba4 added is_deprecated(), whic=
h
crashed when user had input without without /proc/sys/ subdirectory.  The b=
elow
should illustrate how exactly the bug got to be trickered.

$ cat ~/foo
cause =3D crash
$ ./sysctl -p ~/foo
Segmentation fault

Signed-off-by: Sami Kerola <kerolasa@xxxxxx>
---
 sysctl.c |    5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/sysctl.c b/sysctl.c
index 9235170..cfe1398 100644
--- a/sysctl.c
+++ b/sysctl.c
@@ -359,6 +359,8 @@ static int WriteSetting(const char *setting)
        const char *equals;
        char *tmpname;
        char *outname;
+       char *last_dot;
+
        FILE *fp;
        struct stat ts;

@@ -396,7 +398,8 @@ static int WriteSetting(const char *setting)
        outname[equals - name] =3D 0;
        /* change / to . */
        slashdot(outname, '/', '.');
-       if(is_deprecated(strrchr(outname, '.') + 1)) {
+       last_dot =3D strrchr(outname, '.');
+       if (last_dot !=3D NULL && is_deprecated(last_dot + 1)) {
                xwarnx(_("%s is deprecated, value not set"), outname);
                goto out;
         }
--=20
1.7.10



The following changes since commit 71aa1e78a2801e6fd150b88a81a1cc5ad9045253=
:

  docs: correct libprocps name in FAQ (2012-05-01 22:47:12 +1000)

are available in the git repository at:

  git://gitorious.org/~kerolasa/procps/sami-procps-ng.git mike

for you to fetch changes up to 77214bbac8df3c69dd88ffd1e78b3b0a64ece3ab:

  sysctl: avoid crash when -p file has unexpected input (2012-05-03
20:08:27 +0200)

----------------------------------------------------------------
Mike Frysinger (3):
      sysctl: use stdbool.h
      sysctl: fix broken .conf suffix matching
      sysctl: restore old -p handling

Sami Kerola (1):
      sysctl: avoid crash when -p file has unexpected input

 sysctl.8 |    6 ++++
 sysctl.c |  118 +++++++++++++++++++++++++++++++++++++---------------------=
----
 2 files changed, 76 insertions(+), 48 deletions(-)

--=20
=A0=A0 Sami Kerola
=A0=A0 http://www.iki.fi/kerolasa/

Other related posts:

  • » [PATCH] sysctl: avoid crash when -p file has unexpected input - Sami Kerola
  1. Home
  2. procps
  3. Archive
  4. 05-2012