New upstream version 2.7 upstream upstream/2.7
authorgregor herrmann <gregoa@debian.org>
Thu, 6 May 2021 17:34:33 +0000 (19:34 +0200)
committergregor herrmann <gregoa@debian.org>
Thu, 6 May 2021 17:34:33 +0000 (19:34 +0200)
CHANGELOG
Makefile
cpulimit.c

index a88ef9b..8da4099 100644 (file)
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,4 +1,11 @@
-========== Changes in 2.6 (unreleased) ====
+========== Changes in 2.7 ================
+
+* Fixed compiler warnings regarding string lengths.
+  Avoid potential buffer overflow when /proc includes
+  process IDs that are very long.
+
+
+========== Changes in 2.6 ================
 
 * Fixed indentation to avoid compiler warnings. No functional change.
 
index cf8b06a..e1ae9a8 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -1,4 +1,4 @@
-VERSION?=2.6
+VERSION?=2.7
 PREFIX?=/usr
 CFLAGS?=-Wall -O2 -DVERSION=$(VERSION)
 CC?=gcc
index 5f5cc86..89a73f4 100644 (file)
@@ -58,7 +58,7 @@
 
 #ifdef LINUX
 #include <dirent.h>
-#define PROC_FILENAME 64
+#define PROC_FILENAME 512
 #define LINE_LENGTH 256
 #endif
 
@@ -74,6 +74,9 @@
 #ifndef PATH_MAX
 #define PATH_MAX 4096
 #endif
+#ifndef EXEC_PATH
+#define EXEC_PATH 32
+#endif
 
 #define BEST_PRIORITY -10
 
@@ -261,7 +264,7 @@ int getpidof(const char *process) {
                printf("Warning: cannot renice\n");
        }
         */
-       char exelink[20];
+       char exelink[EXEC_PATH + 1];
        char exepath[PATH_MAX+1];
        int pid=0;
        int i=0;
@@ -282,7 +285,7 @@ int getpidof(const char *process) {
                        //get pid
                        pid=atoi(dit->d_name);
                        if (pid>0) {
-                               sprintf(exelink,"/proc/%d/exe",pid);
+                               snprintf(exelink, EXEC_PATH, "/proc/%d/exe",pid);
                                int size=readlink(exelink,exepath,sizeof(exepath));
                                if (size>0) {
                                        int found=0;
@@ -661,7 +664,7 @@ CHILD *Find_Child_PIDs(CHILD *all_children, pid_t parent_pid)
     int found = FALSE;
     DIR *proc;
     struct dirent *proc_entry;
-    char filename[PROC_FILENAME];
+    char filename[PROC_FILENAME + 1];
     FILE *status_file;
     char *reading_file;
     char line[256];
@@ -733,7 +736,7 @@ void *Monitor_Children(void *all_data)
          // we can remote its node.
          if (current->child)
          {
-             char filename[PROC_FILENAME];
+             char filename[PROC_FILENAME + 1];
              DIR *child_directory;
              snprintf(filename, PROC_FILENAME, "/proc/%d", current->child);
              child_directory = opendir(filename);