From 8d49457e858c3330f79bb045eb7e9ed07b30b4ff Mon Sep 17 00:00:00 2001
From: eabdullin <eabdullin@almalinux.org>
Date: Tue, 7 Nov 2023 11:34:59 +0000
Subject: [PATCH] import UBI procps-ng-3.3.17-13.el9

---
 SOURCES/cve-2023-4016.patch               | 60 +++++++++++++++++++++++
 SOURCES/sysctl-nameonly-shows-value.patch | 12 +++++
 SPECS/procps-ng.spec                      | 15 ++++--
 3 files changed, 84 insertions(+), 3 deletions(-)
 create mode 100644 SOURCES/cve-2023-4016.patch
 create mode 100644 SOURCES/sysctl-nameonly-shows-value.patch

diff --git a/SOURCES/cve-2023-4016.patch b/SOURCES/cve-2023-4016.patch
new file mode 100644
index 0000000..5887368
--- /dev/null
+++ b/SOURCES/cve-2023-4016.patch
@@ -0,0 +1,60 @@
+diff --git a/ps/parser.c b/ps/parser.c
+index 4263a1f..b33f319 100644
+--- a/ps/parser.c
++++ b/ps/parser.c
+@@ -31,7 +31,7 @@
+ #include <sys/stat.h>
+ #include <sys/types.h>
+ 
+-#include "../proc/alloc.h"
++#include "xalloc.h"
+ 
+ #include "common.h"
+ #include "c.h"
+@@ -184,8 +184,8 @@ static const char *parse_list(const char *arg, const char *(*parse_fn)(char *, s
+   const char *err;       /* error code that could or did happen */
+   /*** prepare to operate ***/
+   node = malloc(sizeof(selection_node));
+-  node->u = malloc(strlen(arg)*sizeof(sel_union)); /* waste is insignificant */
+   node->n = 0;
++  node->u = NULL;
+   buf = strdup(arg);
+   /*** sanity check and count items ***/
+   need_item = 1; /* true */
+@@ -199,12 +199,13 @@ static const char *parse_list(const char *arg, const char *(*parse_fn)(char *, s
+       need_item=1;
+       break;
+     default:
+-      if(need_item) items++;
++      if(need_item && items<INT_MAX) items++;
+       need_item=0;
+     }
+   } while (*++walk);
+   if(need_item) goto parse_error;
+   node->n = items;
++  node->u = xcalloc(items, sizeof(sel_union));
+   /*** actually parse the list ***/
+   walk = buf;
+   while(items--){
+@@ -1031,15 +1032,15 @@ static const char *parse_trailing_pids(void){
+   thisarg = ps_argc - 1;   /* we must be at the end now */
+ 
+   pidnode = malloc(sizeof(selection_node));
+-  pidnode->u = malloc(i*sizeof(sel_union)); /* waste is insignificant */
++  pidnode->u = xcalloc(i, sizeof(sel_union)); /* waste is insignificant */
+   pidnode->n = 0;
+ 
+   grpnode = malloc(sizeof(selection_node));
+-  grpnode->u = malloc(i*sizeof(sel_union)); /* waste is insignificant */
++  grpnode->u = xcalloc(i, sizeof(sel_union)); /* waste is insignificant */
+   grpnode->n = 0;
+ 
+   sidnode = malloc(sizeof(selection_node));
+-  sidnode->u = malloc(i*sizeof(sel_union)); /* waste is insignificant */
++  sidnode->u = xcalloc(i, sizeof(sel_union)); /* waste is insignificant */
+   sidnode->n = 0;
+ 
+   while(i--){
+-- 
+2.40.1
+
diff --git a/SOURCES/sysctl-nameonly-shows-value.patch b/SOURCES/sysctl-nameonly-shows-value.patch
new file mode 100644
index 0000000..bc26482
--- /dev/null
+++ b/SOURCES/sysctl-nameonly-shows-value.patch
@@ -0,0 +1,12 @@
+diff -up ./sysctl.c.old ./sysctl.c
+--- ./sysctl.c.old	2023-07-20 14:43:10.271856721 +0200
++++ ./sysctl.c	2023-07-21 14:50:39.792368077 +0200
+@@ -578,7 +578,7 @@ static int WriteSetting(
+     }
+     if ((rc == EXIT_SUCCESS && !Quiet) || DryRun) {
+         if (NameOnly) {
+-            printf("%s\n", value);
++            printf("%s\n", dotted_key);
+         } else {
+             if (PrintName) {
+                 printf("%s = %s\n", dotted_key, value);
diff --git a/SPECS/procps-ng.spec b/SPECS/procps-ng.spec
index 26f5efd..3109487 100644
--- a/SPECS/procps-ng.spec
+++ b/SPECS/procps-ng.spec
@@ -4,7 +4,7 @@
 Summary: System and process monitoring utilities
 Name: procps-ng
 Version: 3.3.17
-Release: 11%{?dist}
+Release: 13%{?dist}
 License: GPL+ and GPLv2 and GPLv2+ and GPLv3+ and LGPLv2+
 URL: https://sourceforge.net/projects/procps-ng/
 
@@ -24,6 +24,8 @@ Patch6: sysctl-print-dotted-keys-again.patch
 Patch7: pgrep-uid-gid-overflow-backport.patch
 Patch8: display-sig-unsafe.patch
 Patch9: ps-out-of-bonds-read.patch
+Patch10: sysctl-nameonly-shows-value.patch
+Patch11: cve-2023-4016.patch
 
 
 BuildRequires: make
@@ -95,8 +97,7 @@ Conflicts: man-pages-pl < 0.7-5
 Internationalization pack for procps-ng
 
 %prep
-%setup -q -n procps-%{version}
-%autopatch -p1
+%autosetup -S git -n procps-%{version}
 
 cp -p %{SOURCE1} .
 cp -p %{SOURCE2} top/
@@ -167,6 +168,14 @@ ln -s %{_bindir}/pidof %{buildroot}%{_sbindir}/pidof
 %files i18n -f %{name}.lang
 
 %changelog
+* Fri Aug 11 2023 Jan Rybar <jrybar@redhat.com> - 3.3.17-13
+- ps: mitigation of possible buffer overflow
+- Resolves: rhbz#2228504
+
+* Tue Jul 25 2023 Jan Rybar <jrybar@redhat.com> - 3.3.17-12
+- sysctl: '-N' option shows values instead of names if '-p'
+- Resolves: rhbz#2222056
+
 * Thu Jan 26 2023 Jan Rybar <jrybar@redhat.com> - 3.3.17-11
 - version bump requested to create -devel subpkg for CRB inclusion
 - Resolves: rhbz#2158253