OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/pcp?expand=0&rev=6

pcp-2.5.0-buffer-overflow.diff

@@ -0,0 +1,11 @@
+--- src/pmdas/linux/proc_pid.c
++++ src/pmdas/linux/proc_pid.c	2008/10/07 14:37:46
+@@ -153,7 +153,7 @@
+ 	    sprintf(buf, "/proc/%d/cmdline", pidlist[i]);
+ 	    if ((fd = open(buf, O_RDONLY)) >= 0) {
+ 		sprintf(buf, "%06d ", pidlist[i]);
+-		if ((k = read(fd, buf+7, sizeof(buf))) > 0) {
++		if ((k = read(fd, buf+7, sizeof(buf)-7)) > 0) {
+ 			/* Remove NULL terminators from cmdline string array */
+ 			/* Added by Mike Mason <mmlnx@us.ibm.com> */
+ 			for (n = 7; n < k + 6; n++) {

pcp.changes

@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Tue Oct  7 16:42:23 CEST 2008 - kukuk@suse.de
+
+- Fix possible buffer overflow
+
 -------------------------------------------------------------------
 Thu Aug 28 23:28:57 CEST 2008 - cthiel@suse.de
 

pcp.spec

@@ -21,7 +21,7 @@
 Name:           pcp
 BuildRequires:  bison flex gcc-c++ ncurses-devel procps
 Version:        2.5.0
-Release:        116
+Release:        125
 Summary:        Performance Co-Pilot (system-level performance monitoring)
 License:        GPL v2 or later
 Url:            http://oss.sgi.com/projects/pcp
@@ -32,6 +32,7 @@ Patch1:         pcp-%{version}-ndbm.diff
 Patch2:         pcp-%{version}-rpmlint.diff
 Patch3:         pcp-gcc43.patch
 Patch4:         pcp-init.patch
+Patch5:         pcp-2.5.0-buffer-overflow.diff
 PreReq:         %insserv_prereq  %fillup_prereq permissions
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
@@ -68,6 +69,7 @@ Authors:
 %patch2 -p1
 %patch3
 %patch4
+%patch5
 
 %build
 %{suse_update_config -f}
@@ -257,6 +259,8 @@ fi
 exit 0
 
 %changelog
+* Tue Oct 07 2008 kukuk@suse.de
+- Fix possible buffer overflow
 * Fri Aug 29 2008 cthiel@suse.de
 - fix init scripts
 * Wed Dec 05 2007 ro@suse.de