Sync from SUSE:ALP:Source:Standard:1.0 procps revision 725fa2aed67725f77ae9c1184f1896bb
This commit is contained in:
46
CVE-2023-4016-part2.patch
Normal file
46
CVE-2023-4016-part2.patch
Normal file
@@ -0,0 +1,46 @@
|
||||
of uninit. ptr
|
||||
free(node->u) when reached before node->u=xcalloc().
|
||||
2c933ecb handles the multiplication issue, but there is still the possibility
|
||||
of int overflow when incrementing "items".
|
||||
---
|
||||
include/xalloc.h | 2 +-
|
||||
ps/parser.c | 4 +++-
|
||||
2 files changed, 4 insertions(+), 2 deletions(-)
|
||||
--- include/xalloc.h
|
||||
+++ include/xalloc.h
|
||||
@@ -42,7 +42,7 @@ void *xcalloc(const size_t nelems, const
|
||||
{
|
||||
void *ret = calloc(nelems, size);
|
||||
if (!ret && size && nelems)
|
||||
- xerrx(XALLOC_EXIT_CODE, "cannot allocate %zu bytes", size);
|
||||
+ xerrx(XALLOC_EXIT_CODE, "cannot allocate %zu bytes", nelems*size);
|
||||
return ret;
|
||||
}
|
||||
|
||||
--- ps/parser.c
|
||||
+++ ps/parser.c
|
||||
@@ -23,6 +23,7 @@
|
||||
|
||||
#include <grp.h>
|
||||
#include <pwd.h>
|
||||
+#include <limits.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
@@ -182,6 +183,7 @@ static const char *parse_list(const char
|
||||
/*** prepare to operate ***/
|
||||
node = xmalloc(sizeof(selection_node));
|
||||
node->n = 0;
|
||||
+ node->u = NULL;
|
||||
buf = strdup(arg);
|
||||
/*** sanity check and count items ***/
|
||||
need_item = 1; /* true */
|
||||
@@ -195,7 +197,7 @@ static const char *parse_list(const char
|
||||
need_item=1;
|
||||
break;
|
||||
default:
|
||||
- if(need_item) items++;
|
||||
+ if(need_item && items<INT_MAX) items++;
|
||||
need_item=0;
|
||||
}
|
||||
} while (*++walk);
|
||||
@@ -1,3 +1,9 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Feb 21 12:09:57 UTC 2025 - Dr. Werner Fink <werner@suse.de>
|
||||
|
||||
- Add patch CVE-2023-4016-part2.patch
|
||||
* Fix the ps command segfaults when pid argument has a leading space (bsc#1236842)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Dec 14 13:26:05 UTC 2023 - Thorsten Kukuk <kukuk@suse.com>
|
||||
|
||||
|
||||
@@ -66,6 +66,8 @@ Patch34: procps-3.3.17-bsc1181976.patch
|
||||
Patch35: bsc1195468-23da4f40.patch
|
||||
# PATCH-FIX-UPSTREAM -- bsc#1214290
|
||||
Patch36: CVE-2023-4016.patch
|
||||
# PATCH-FIX-SUSE -- bsc#1236842 - ps command segfaults when pid argument has a leading space
|
||||
Patch37: CVE-2023-4016-part2.patch
|
||||
# PATCH-BACKPORT-FROM-UPSTREAM -- bsc#1181475: 'free' command reports misleading "used" value
|
||||
Patch42: procps-3.3.17-library-bsc1181475.patch
|
||||
Patch43: procps-3.3.17-top-bsc1181475.patch
|
||||
@@ -154,6 +156,7 @@ the process information pseudo-file system.
|
||||
%patch34
|
||||
%patch35 -p1
|
||||
%patch36 -p0
|
||||
%patch37 -p0
|
||||
%patch42
|
||||
%patch43
|
||||
%patch44 -p1
|
||||
|
||||
Reference in New Issue
Block a user