From 3ffbc0b611c66b8f45f24091fa0456673fe6d967 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 16 May 2023 06:16:05 +0000 Subject: [PATCH] import procps-ng-3.3.15-13.el8 --- .../procps-ng-3.3.15-display-sig-unsafe.patch | 43 +++++++++++++++++++ ...rocps-ng-3.3.15-ps-out-of-bonds-read.patch | 23 ++++++++++ SOURCES/procps-ng-3.3.15-ps-select.patch | 39 +++++++++++++++++ SPECS/procps-ng.spec | 21 ++++++++- 4 files changed, 125 insertions(+), 1 deletion(-) create mode 100644 SOURCES/procps-ng-3.3.15-display-sig-unsafe.patch create mode 100644 SOURCES/procps-ng-3.3.15-ps-out-of-bonds-read.patch create mode 100644 SOURCES/procps-ng-3.3.15-ps-select.patch diff --git a/SOURCES/procps-ng-3.3.15-display-sig-unsafe.patch b/SOURCES/procps-ng-3.3.15-display-sig-unsafe.patch new file mode 100644 index 0000000..1ab4632 --- /dev/null +++ b/SOURCES/procps-ng-3.3.15-display-sig-unsafe.patch @@ -0,0 +1,43 @@ +diff -up ./ps/display.c.ori ./ps/display.c +--- ./ps/display.c.ori 2018-05-18 23:32:21.998979977 +0200 ++++ ./ps/display.c 2022-11-24 15:11:26.678314866 +0100 +@@ -44,26 +44,31 @@ + #define SIGCHLD SIGCLD + #endif + ++#define SIG_IS_TERM_OR_HUP(signo) (((signo) == SIGTERM) || (signo) == SIGHUP) ++ + char *myname; + + /* just reports a crash */ + static void signal_handler(int signo){ + if(signo==SIGPIPE) _exit(0); /* "ps | head" will cause this */ + /* fprintf() is not reentrant, but we _exit() anyway */ +- fprintf(stderr, +- _("Signal %d (%s) caught by %s (%s).\n"), +- signo, +- signal_number_to_name(signo), +- myname, +- PACKAGE_VERSION +- ); ++ if (!SIG_IS_TERM_OR_HUP(signo)) { ++ fprintf(stderr, ++ _("Signal %d (%s) caught by %s (%s).\n"), ++ signo, ++ signal_number_to_name(signo), ++ myname, ++ PACKAGE_VERSION ++ ); ++ } + switch (signo) { + case SIGHUP: + case SIGUSR1: + case SIGUSR2: + exit(EXIT_FAILURE); + default: +- error_at_line(0, 0, __FILE__, __LINE__, "%s", _("please report this bug")); ++ if (!SIG_IS_TERM_OR_HUP(signo)) ++ error_at_line(0, 0, __FILE__, __LINE__, "%s", _("please report this bug")); + signal(signo, SIG_DFL); /* allow core file creation */ + kill(getpid(), signo); + _exit(EXIT_FAILURE); diff --git a/SOURCES/procps-ng-3.3.15-ps-out-of-bonds-read.patch b/SOURCES/procps-ng-3.3.15-ps-out-of-bonds-read.patch new file mode 100644 index 0000000..a0030cb --- /dev/null +++ b/SOURCES/procps-ng-3.3.15-ps-out-of-bonds-read.patch @@ -0,0 +1,23 @@ +diff --git a/ps/display.c b/ps/display.c +index 1927fd6..e7ab351 100644 +--- a/ps/display.c ++++ b/ps/display.c +@@ -357,7 +357,7 @@ static void simple_spew(void){ + if (selection_list && selection_list->typecode == SEL_PID_QUICK) { + flags |= PROC_PID; + +- pidlist = (pid_t*) malloc(selection_list->n * sizeof(pid_t)); ++ pidlist = (pid_t*) malloc((selection_list->n + 1) * sizeof(pid_t)); + if (!pidlist) { + fprintf(stderr, _("error: not enough memory\n")); + exit(1); +@@ -366,6 +366,9 @@ static void simple_spew(void){ + for (i = 0; i < selection_list->n; i++) { + pidlist[i] = selection_list->u[selection_list->n-i-1].pid; + } ++ ++ // delimit the array with nul object (0); RHBZ#2153813 ++ pidlist[selection_list->n] = (pid_t)0; + } + + ptp = openproc(flags, pidlist); diff --git a/SOURCES/procps-ng-3.3.15-ps-select.patch b/SOURCES/procps-ng-3.3.15-ps-select.patch new file mode 100644 index 0000000..f48d13b --- /dev/null +++ b/SOURCES/procps-ng-3.3.15-ps-select.patch @@ -0,0 +1,39 @@ +From 06995518605fed7a1a29551be0eff01b2f9e89b7 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Tue, 13 Dec 2022 16:02:50 -0500 +Subject: [PATCH] + +--- + ps/common.h | 2 +- + ps/select.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/ps/common.h b/ps/common.h +index 905d320..fc4d3a8 100644 +--- a/ps/common.h ++++ b/ps/common.h +@@ -189,7 +189,7 @@ typedef union sel_union { + uid_t uid; + gid_t gid; + dev_t tty; +- char cmd[64]; /* this is _not_ \0 terminated */ ++ char cmd[16]; /* this is _not_ \0 terminated */ + } sel_union; + + typedef struct selection_node { +diff --git a/ps/select.c b/ps/select.c +index f58ca25..e12982d 100644 +--- a/ps/select.c ++++ b/ps/select.c +@@ -117,7 +117,7 @@ static int proc_was_listed(proc_t *buf){ + break; case SEL_SESS: return_if_match(session,pid); + + break; case SEL_COMM: i=sn->n; while(i--) +- if(!strncmp( buf->cmd, (*(sn->u+i)).cmd, 63 )) return 1; ++ if(!strncmp( buf->cmd, (*(sn->u+i)).cmd, 15 )) return 1; + + + +-- +2.31.1 + diff --git a/SPECS/procps-ng.spec b/SPECS/procps-ng.spec index a7caab6..fc85699 100644 --- a/SPECS/procps-ng.spec +++ b/SPECS/procps-ng.spec @@ -4,7 +4,7 @@ Summary: System and process monitoring utilities Name: procps-ng Version: 3.3.15 -Release: 9%{?dist} +Release: 13%{?dist} License: GPL+ and GPLv2 and GPLv2+ and GPLv3+ and LGPLv2+ Group: Applications/System URL: https://sourceforge.net/projects/procps-ng/ @@ -25,6 +25,9 @@ Patch6: procps-ng-3.3.15-uptime-pretty-mod.patch Patch7: procps-ng-3.3.15-vmstat-omit-first-report.patch Patch8: procps-ng-3.3.15-sysctl-config-dir-order.patch Patch9: procps-ng-3.3.15-pgrep-uid-gid-overflow.patch +Patch10: procps-ng-3.3.15-display-sig-unsafe.patch +Patch11: procps-ng-3.3.15-ps-select.patch +Patch12: procps-ng-3.3.15-ps-out-of-bonds-read.patch BuildRequires: ncurses-devel BuildRequires: libtool @@ -167,6 +170,22 @@ ln -s %{_bindir}/pidof %{buildroot}%{_sbindir}/pidof %files i18n -f %{name}.lang %changelog +* Tue Jan 17 2023 Jan Rybar - 3.3.15-13 +- version bump requested to create -devel subpkg for CRB inclusion +- Resolves: rhbz#2164781 + +* Tue Jan 17 2023 Jan Rybar - 3.3.15-12 +- ps: out-of-bonds read in quick mode +- Resolves: rhbz#2153813 + +* Tue Dec 13 2022 Kyle Walker - 3.3.15-11 +- ps: revert increase command name length to 64 ____ (catch up) +- Resolves: rhbz#2144978 + +* Wed Nov 23 2022 Jan Rybar - 3.3.15-10 +- display.c: backport: async-signal-unsafe handler deadlocks on SIGHUP +- Resolves: rhbz#2141696 + * Wed Aug 17 2022 Jan Rybar - 3.3.15-9 - pgrep: backport uid/gid overflow fix - Resolves: rhbz#1827731