diff options
author | rpaulo <rpaulo@FreeBSD.org> | 2012-11-19 08:03:40 +0000 |
---|---|---|
committer | rpaulo <rpaulo@FreeBSD.org> | 2012-11-19 08:03:40 +0000 |
commit | d9a7cd2ca032129e1d49a7bc2ec40bcd984c23f4 (patch) | |
tree | 9fcf46018e8ca0dac85891389ce8fe21b4f308de /usr.bin | |
parent | 05b63755364750535dad838ddfce8b9e2bb7fb80 (diff) | |
download | FreeBSD-src-d9a7cd2ca032129e1d49a7bc2ec40bcd984c23f4.zip FreeBSD-src-d9a7cd2ca032129e1d49a7bc2ec40bcd984c23f4.tar.gz |
Use the correct size when allocating the cmdbuf string.
cmdlengthdelta is the size of the header and we were using it to
allocate a buffer to store the command line. This would mean that
the cmdbuf could be too short. In practice this was never noticed unless
you usually run top -a. On a stock FreeBSD system you can see the
problem by running sendmail and then running top -a on a big terminal
window. In practice this doubles to size available to cmdbuf since the
header is around 65-68 bytes.
Reviewed by: adrian
Diffstat (limited to 'usr.bin')
-rw-r--r-- | usr.bin/top/machine.c | 29 |
1 files changed, 15 insertions, 14 deletions
diff --git a/usr.bin/top/machine.c b/usr.bin/top/machine.c index 4284838..edfa43a 100644 --- a/usr.bin/top/machine.c +++ b/usr.bin/top/machine.c @@ -786,7 +786,7 @@ get_process_info(struct system_info *si, struct process_select *sel, return ((caddr_t)&handle); } -static char fmt[128]; /* static area where result is built */ +static char fmt[512]; /* static area where result is built */ char * format_next_process(caddr_t handle, char *(*get_userid)(int), int flags) @@ -803,6 +803,7 @@ format_next_process(caddr_t handle, char *(*get_userid)(int), int flags) char *proc_fmt, thr_buf[6], jid_buf[6]; char *cmdbuf = NULL; char **args; + const int cmdlen = 128; /* find and remember the next proc structure */ hp = (struct handle *)handle; @@ -865,31 +866,31 @@ format_next_process(caddr_t handle, char *(*get_userid)(int), int flags) break; } - cmdbuf = (char *)malloc(cmdlengthdelta + 1); + cmdbuf = (char *)malloc(cmdlen + 1); if (cmdbuf == NULL) { - warn("malloc(%d)", cmdlengthdelta + 1); + warn("malloc(%d)", cmdlen + 1); return NULL; } if (!(flags & FMT_SHOWARGS)) { if (ps.thread && pp->ki_flag & P_HADTHREADS && pp->ki_tdname[0]) { - snprintf(cmdbuf, cmdlengthdelta, "%s{%s}", pp->ki_comm, + snprintf(cmdbuf, cmdlen, "%s{%s}", pp->ki_comm, pp->ki_tdname); } else { - snprintf(cmdbuf, cmdlengthdelta, "%s", pp->ki_comm); + snprintf(cmdbuf, cmdlen, "%s", pp->ki_comm); } } else { if (pp->ki_flag & P_SYSTEM || pp->ki_args == NULL || - (args = kvm_getargv(kd, pp, cmdlengthdelta)) == NULL || + (args = kvm_getargv(kd, pp, cmdlen)) == NULL || !(*args)) { if (ps.thread && pp->ki_flag & P_HADTHREADS && pp->ki_tdname[0]) { - snprintf(cmdbuf, cmdlengthdelta, + snprintf(cmdbuf, cmdlen, "[%s{%s}]", pp->ki_comm, pp->ki_tdname); } else { - snprintf(cmdbuf, cmdlengthdelta, + snprintf(cmdbuf, cmdlen, "[%s]", pp->ki_comm); } } else { @@ -898,7 +899,7 @@ format_next_process(caddr_t handle, char *(*get_userid)(int), int flags) size_t argbuflen; size_t len; - argbuflen = cmdlengthdelta * 4; + argbuflen = cmdlen * 4; argbuf = (char *)malloc(argbuflen + 1); if (argbuf == NULL) { warn("malloc(%d)", argbuflen + 1); @@ -931,22 +932,22 @@ format_next_process(caddr_t handle, char *(*get_userid)(int), int flags) dst--; *dst = '\0'; - if (strcmp(cmd, pp->ki_comm) != 0 ) { + if (strcmp(cmd, pp->ki_comm) != 0) { if (ps.thread && pp->ki_flag & P_HADTHREADS && pp->ki_tdname[0]) - snprintf(cmdbuf, cmdlengthdelta, + snprintf(cmdbuf, cmdlen, "%s (%s){%s}", argbuf, pp->ki_comm, pp->ki_tdname); else - snprintf(cmdbuf, cmdlengthdelta, + snprintf(cmdbuf, cmdlen, "%s (%s)", argbuf, pp->ki_comm); } else { if (ps.thread && pp->ki_flag & P_HADTHREADS && pp->ki_tdname[0]) - snprintf(cmdbuf, cmdlengthdelta, + snprintf(cmdbuf, cmdlen, "%s{%s}", argbuf, pp->ki_tdname); else - strlcpy(cmdbuf, argbuf, cmdlengthdelta); + strlcpy(cmdbuf, argbuf, cmdlen); } free(argbuf); } |