diff options
author | Daniel Lange <DLange@git.local> | 2021-02-02 06:45:23 +0100 |
---|---|---|
committer | Daniel Lange <DLange@git.local> | 2021-02-02 06:45:23 +0100 |
commit | c41f79d4da85e7156d0fb1e6fc979ffc038328f3 (patch) | |
tree | 3976b5c032b57b7ecf2fe7f3e336cf05153fe9c5 /debian/patches | |
parent | 3dd4a25d33277d99595b8f5ce51c025bf5106f28 (diff) | |
download | debian_htop-c41f79d4da85e7156d0fb1e6fc979ffc038328f3.tar.gz debian_htop-c41f79d4da85e7156d0fb1e6fc979ffc038328f3.tar.bz2 debian_htop-c41f79d4da85e7156d0fb1e6fc979ffc038328f3.zip |
Add (first) hardening patch for makeCommandStr string handling
Upstream refactors the functions around string handling significantly.
This is a significant effort and not will likely introduce new issues at first.
Thus trying to apply just some hardening patches from that effort to htop in
preparation of the Bullseye release.
Diffstat (limited to 'debian/patches')
-rw-r--r-- | debian/patches/0009-hardening.patch | 18 | ||||
-rw-r--r-- | debian/patches/series | 1 |
2 files changed, 19 insertions, 0 deletions
diff --git a/debian/patches/0009-hardening.patch b/debian/patches/0009-hardening.patch new file mode 100644 index 0000000..e2b4638 --- /dev/null +++ b/debian/patches/0009-hardening.patch @@ -0,0 +1,18 @@ +Backport of commit 12208af7773775bf637ee2f8a07fdd6300238fc1 +Author: Benny Baumann <BenBE@geshi.org> +Date: Mon Feb 1 22:09:39 2021 +0100 + + DiD: Avoid negative cmdlineBasenameOffset + +--- a/linux/LinuxProcess.c ++++ b/linux/LinuxProcess.c +@@ -202,6 +202,9 @@ + size_t tokenLen; + const size_t commLen = strlen(comm); + ++ if (cmdlineBasenameOffset < 0) ++ return false; ++ + for (const char *token = cmdline + cmdlineBasenameOffset; *token; ) { + for (tokenBase = token; *token && *token != '\n'; ++token) { + if (*token == '/') { diff --git a/debian/patches/series b/debian/patches/series index fbb892e..f8c651e 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -6,3 +6,4 @@ 0006-fix-infoscreen-mouse.patch 0007-fix-exit-in-signal-handler.patch 0008-add-qterm-keyboard-code.patch +0009-hardening.patch |