enoch/armbian-build
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #2778 from armbian/htop-fix-uncheched-buffer-writes

Browse Source 
Fix unchecked buffer writes in custom htop code
This commit is contained in:
lanefu 2021-05-01 22:20:21 -04:00 committed by GitHub
commit 903bf67973
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 138 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
packages/extras-buildpkgs/htop/debian/patches/avafinger-cpu-monitor.patch
View File

@ -1,3 +1,11 @@
This patch file contains code from @avafinger's htop_2.2.2 repository.
It is the result of diff between:
https://github.com/avafinger/htop_2.2.2/commit/dc21e5f6
and:
https://github.com/hishamhm/htop/tree/2.2.0
---
diff --git a/Armbian_Meter.c b/Armbian_Meter.c
new file mode 100644
index 0000000..183032b

129
packages/extras-buildpkgs/htop/debian/patches/fix-unchecked-buffer-writes-in-avafinger-cpu-monitor.patch Normal file
View File

@ -0,0 +1,129 @@
diff --git a/Settings.c b/Settings.c
index 912ad7d..94503f6 100644
--- a/Settings.c
+++ b/Settings.c
@@ -273,37 +273,37 @@ static bool Settings_read(Settings* this, const char* fileName) {
Settings_readMeterModes(this, option[1], 1);
didReadMeters = true;
} else if (String_eq(option[0], "BoardName")) {
- strcpy(this->BoardName,option[1]);
+ String_safeStrncpy(this->BoardName, option[1], sizeof(this->BoardName));
didReadMeters = true;
} else if (String_eq(option[0], "CpuFreq_handler")) {
- strcpy(this->CpuFreq_handler,option[1]);
+ String_safeStrncpy(this->CpuFreq_handler, option[1], sizeof(this->CpuFreq_handler));
didReadMeters = true;
} else if (String_eq(option[0], "CpuTemp_handler")) {
- strcpy(this->CpuTemp_handler,option[1]);
+ String_safeStrncpy(this->CpuTemp_handler, option[1], sizeof(this->CpuTemp_handler));
didReadMeters = true;
} else if (String_eq(option[0], "CpuVCore_l_handler")) {
- strcpy(this->CpuVCore_l_handler,option[1]);
+ String_safeStrncpy(this->CpuVCore_l_handler, option[1], sizeof(this->CpuVCore_l_handler));
didReadMeters = true;
} else if (String_eq(option[0], "CpuVCore_b_handler")) {
- strcpy(this->CpuVCore_b_handler,option[1]);
+ String_safeStrncpy(this->CpuVCore_b_handler, option[1], sizeof(this->CpuVCore_b_handler));
didReadMeters = true;
} else if (String_eq(option[0], "GpuVCore_handler")) {
- strcpy(this->GpuVCore_handler,option[1]);
+ String_safeStrncpy(this->GpuVCore_handler, option[1], sizeof(this->GpuVCore_handler));
didReadMeters = true;
} else if (String_eq(option[0], "GpuTemp_handler")) {
- strcpy(this->GpuTemp_handler,option[1]);
+ String_safeStrncpy(this->GpuTemp_handler, option[1], sizeof(this->GpuTemp_handler));
didReadMeters = true;
} else if (String_eq(option[0], "eth0_alias")) {
- strcpy(this->eth0_alias,option[1]);
+ String_safeStrncpy(this->eth0_alias, option[1], sizeof(this->eth0_alias));
didReadMeters = true;
} else if (String_eq(option[0], "eth1_alias")) {
- strcpy(this->eth1_alias,option[1]);
+ String_safeStrncpy(this->eth1_alias, option[1], sizeof(this->eth1_alias));
didReadMeters = true;
} else if (String_eq(option[0], "wlan0_alias")) {
- strcpy(this->wlan0_alias,option[1]);
+ String_safeStrncpy(this->wlan0_alias, option[1], sizeof(this->wlan0_alias));
didReadMeters = true;
} else if (String_eq(option[0], "wlan1_alias")) {
- strcpy(this->wlan1_alias,option[1]);
+ String_safeStrncpy(this->wlan1_alias, option[1], sizeof(this->wlan1_alias));
didReadMeters = true;
}
diff --git a/StringUtils.c b/StringUtils.c
index 0578cde..fd1c3db 100644
--- a/StringUtils.c
+++ b/StringUtils.c
@@ -154,3 +154,17 @@ char* String_readLine(FILE* fd) {
at = buffer + bufSize - step;
}
}
+
+// Function borowed from upstream htop, see:
+// https://github.com/htop-dev/htop/blob/feec16cbb53dabc6a52ef2f69a6a13798be82617/XUtils.c#L196-L206
+size_t String_safeStrncpy(char *restrict dest, const char *restrict src, size_t size) {
+ assert(size > 0);
+
+ size_t i = 0;
+ for (; i < size - 1 && src[i]; i++)
+ dest[i] = src[i];
+
+ dest[i] = '\0';
+
+ return i;
+}
diff --git a/StringUtils.h b/StringUtils.h
index d3378b3..22d0bd5 100644
--- a/StringUtils.h
+++ b/StringUtils.h
@@ -33,4 +33,6 @@ char* String_getToken(const char* line, const unsigned short int numMatch);
char* String_readLine(FILE* fd);
+size_t String_safeStrncpy(char *restrict dest, const char *restrict src, size_t size);
+
#endif
diff --git a/interfaces.c b/interfaces.c
index aa41d2a..312851b 100644
--- a/interfaces.c
+++ b/interfaces.c
@@ -22,6 +22,7 @@
#include "interfaces.h"
#include "Settings.h"
+#include "StringUtils.h"
#define BLEN 256
/*
@@ -72,10 +73,10 @@ int ReadKeyValue( char *fname, char *key, char *value) {
break;
}
*str_end = 0;
- strcpy(value, str);
+ String_safeStrncpy(value, str, sizeof(value));
fd = 1;
} else {
- strcpy(value, str);
+ String_safeStrncpy(value, str, sizeof(value));
fd = 1;
}
}
@@ -107,7 +108,7 @@ int ReadTokenValue( char *fname, char *key, char *value) {
str_end++;
}
*str_end = 0;
- strcpy(value, str);
+ String_safeStrncpy(value, str, sizeof(value));
fd = 1;
}
}
@@ -154,7 +155,7 @@ int FindDataValueFromKey( char *fname, char *key, char *value) {
if (strcasecmp(str_start, key) == 0) {
str = str_end + 1;
str = trim(str);
- strcpy(value, str);
+ String_safeStrncpy(value, str, sizeof(value));
printf("key: %s, value: %s\n", str_start, str);
fd = 1;
break;

2
packages/extras-buildpkgs/htop/debian/patches/series
View File

@ -1,8 +1,8 @@
780-fix-option-string.patch
fix-linux-process.patch
avafinger-cpu-monitor.patch
fix-unchecked-buffer-writes-in-avafinger-cpu-monitor.patch
remove-fancy-flashing.patch
fix-cpufreq-meter-on-biglittle.patch
fix-cpufreq-meter-for-non-root.patch
cpu-temperatute-from-hwmon.patch