From 04477adedcee0d023dabc46a652f1673a2e9bd95 Mon Sep 17 00:00:00 2001 From: Robert Pluim Date: Wed, 19 Jun 2019 08:52:50 +0200 Subject: [PATCH] Check that length of data returned by sysctl is non-zero The length of the data returned by sysctl can be zero, which was not checked for. This could cause crashes, e.g. when querying non-existent processes. (Bug#36279) * src/sysdep.c (list_system_processes) [DARWIN_OS || __FreeBSD__]: (system_process_attributes) [__FreeBSD__]: (system_process_attributes) [DARWIN_OS]: * src/filelock.c (get_boot_time) [CTL_KERN && KERN_BOOTTIME]: Check for zero length data returned by sysctl. --- src/filelock.c | 2 +- src/sysdep.c | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/filelock.c b/src/filelock.c index 81d98f36fa4..bcd5bff563d 100644 --- a/src/filelock.c +++ b/src/filelock.c @@ -152,7 +152,7 @@ get_boot_time (void) mib[1] = KERN_BOOTTIME; size = sizeof (boottime_val); - if (sysctl (mib, 2, &boottime_val, &size, NULL, 0) >= 0) + if (sysctl (mib, 2, &boottime_val, &size, NULL, 0) >= 0 && size != 0) { boot_time = boottime_val.tv_sec; return boot_time; diff --git a/src/sysdep.c b/src/sysdep.c index 1e35e06b633..b2aecc0ddac 100644 --- a/src/sysdep.c +++ b/src/sysdep.c @@ -3014,11 +3014,11 @@ list_system_processes (void) Lisp_Object proclist = Qnil; - if (sysctl (mib, 3, NULL, &len, NULL, 0) != 0) + if (sysctl (mib, 3, NULL, &len, NULL, 0) != 0 || len == 0) return proclist; procs = xmalloc (len); - if (sysctl (mib, 3, procs, &len, NULL, 0) != 0) + if (sysctl (mib, 3, procs, &len, NULL, 0) != 0 || len == 0) { xfree (procs); return proclist; @@ -3618,7 +3618,7 @@ system_process_attributes (Lisp_Object pid) CONS_TO_INTEGER (pid, int, proc_id); mib[3] = proc_id; - if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0) + if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0 || proclen == 0) return attrs; attrs = Fcons (Fcons (Qeuid, make_fixnum_or_float (proc.ki_uid)), attrs); @@ -3740,7 +3740,7 @@ system_process_attributes (Lisp_Object pid) mib[2] = KERN_PROC_ARGS; len = MAXPATHLEN; - if (sysctl (mib, 4, args, &len, NULL, 0) == 0) + if (sysctl (mib, 4, args, &len, NULL, 0) == 0 && len != 0) { int i; for (i = 0; i < len; i++) @@ -3798,7 +3798,7 @@ system_process_attributes (Lisp_Object pid) CONS_TO_INTEGER (pid, int, proc_id); mib[3] = proc_id; - if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0) + if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0 || proclen == 0) return attrs; uid = proc.kp_eproc.e_ucred.cr_uid; -- 2.39.5