diff options
author | William Hubbs <w.d.hubbs@gmail.com> | 2019-02-23 15:42:09 -0600 |
---|---|---|
committer | William Hubbs <w.d.hubbs@gmail.com> | 2019-02-23 16:24:55 -0600 |
commit | d8dbb890aaca34fc9b342772de0f23a7ea3efaaa (patch) | |
tree | 255aa61d97b6c6074718ff08963fb879a1cc5c4b | |
parent | 56c006ebd68d572e303c01c38291a1f5f4fc1c30 (diff) |
Revert "src/librc/librc-daemon.c: fix buffer overrun in pid_is_argv"
This reverts commit 084877eb52971faf8f52c780ddd08ed9af140eb6.
The mentioned commit caused some systems to have some services reported
as crashed.
This fixes #297.
This fixes #298.
-rw-r--r-- | src/librc/librc-daemon.c | 34 |
1 files changed, 14 insertions, 20 deletions
diff --git a/src/librc/librc-daemon.c b/src/librc/librc-daemon.c index 5a76c880..1bd91eb4 100644 --- a/src/librc/librc-daemon.c +++ b/src/librc/librc-daemon.c @@ -48,40 +48,34 @@ pid_is_exec(pid_t pid, const char *exec) static bool pid_is_argv(pid_t pid, const char *const *argv) { - char *buffer = NULL; char *cmdline = NULL; + int fd; + char buffer[PATH_MAX]; char *p; - size_t bytes; - bool rc; + ssize_t bytes; xasprintf(&cmdline, "/proc/%u/cmdline", pid); - if (!rc_getfile(cmdline, &buffer, &bytes)) { + if ((fd = open(cmdline, O_RDONLY)) < 0) { free(cmdline); return false; } + bytes = read(fd, buffer, sizeof(buffer)); + close(fd); free(cmdline); - if (bytes <= 0) { - if (buffer) - free(buffer); + if (bytes == -1) return false; - } + + buffer[bytes] = '\0'; p = buffer; - rc = true; while (*argv) { - if (strcmp(*argv, p) != 0) { - rc = false; - break; - } - + if (strcmp(*argv, p) != 0) + return false; argv++; p += strlen(p) + 1; - if ((unsigned)(p - buffer) >= bytes) { - rc = false; - break; - } + if ((unsigned)(p - buffer) > sizeof(buffer)) + return false; } - free(buffer); - return rc; + return true; } RC_PIDLIST * |