Auto sync2gitlab import of procps-ng-3.3.15-13.el8.src.rpm

2023-02-02 20:10:57 +00:00 · 2023-02-02 20:10:57 +00:00 · e17596bd99
commit e17596bd99
parent e404016675
2 changed files with 33 additions and 1 deletions
--- a/procps-ng-3.3.15-ps-out-of-bonds-read.patch
+++ b/procps-ng-3.3.15-ps-out-of-bonds-read.patch
@ -0,0 +1,23 @@
+diff --git a/ps/display.c b/ps/display.c
+index 1927fd6..e7ab351 100644
+--- a/ps/display.c
+++ b/ps/display.c
+@@ -357,7 +357,7 @@ static void simple_spew(void){
+   if (selection_list && selection_list->typecode == SEL_PID_QUICK) {
+     flags |= PROC_PID;
+ 
+-    pidlist = (pid_t*) malloc(selection_list->n * sizeof(pid_t));
+    pidlist = (pid_t*) malloc((selection_list->n + 1) * sizeof(pid_t));
+     if (!pidlist) {
+       fprintf(stderr, _("error: not enough memory\n"));
+       exit(1);
+@@ -366,6 +366,9 @@ static void simple_spew(void){
+     for (i = 0; i < selection_list->n; i++) {
+       pidlist[i] = selection_list->u[selection_list->n-i-1].pid;
+     }
+
+    // delimit the array with nul object (0); RHBZ#2153813
+    pidlist[selection_list->n] = (pid_t)0;
+   }
+ 
+   ptp = openproc(flags, pidlist);
--- a/procps-ng.spec
+++ b/procps-ng.spec
@ -4,7 +4,7 @@
 Summary: System and process monitoring utilities
 Name: procps-ng
 Version: 3.3.15
-Release: 11%{?dist}
+Release: 13%{?dist}
 License: GPL+ and GPLv2 and GPLv2+ and GPLv3+ and LGPLv2+
 Group: Applications/System
 URL: https://sourceforge.net/projects/procps-ng/
@ -27,6 +27,7 @@ Patch8: procps-ng-3.3.15-sysctl-config-dir-order.patch
 Patch9: procps-ng-3.3.15-pgrep-uid-gid-overflow.patch
 Patch10: procps-ng-3.3.15-display-sig-unsafe.patch
 Patch11: procps-ng-3.3.15-ps-select.patch
+Patch12: procps-ng-3.3.15-ps-out-of-bonds-read.patch

 BuildRequires: ncurses-devel
 BuildRequires: libtool
@ -169,6 +170,14 @@ ln -s %{_bindir}/pidof %{buildroot}%{_sbindir}/pidof
 %files i18n -f %{name}.lang

 %changelog
+* Tue Jan 17 2023 Jan Rybar <jrybar@redhat.com> - 3.3.15-13
+- version bump requested to create -devel subpkg for CRB inclusion
+- Resolves: rhbz#2164781
+
+* Tue Jan 17 2023 Jan Rybar <jrybar@redhat.com> - 3.3.15-12
+- ps: out-of-bonds read in quick mode
+- Resolves: rhbz#2153813
+
 * Tue Dec 13 2022 Kyle Walker <kwalker@redhat.com> - 3.3.15-11
 - ps: revert increase command name length to 64 ____ (catch up)
 - Resolves: rhbz#2144978