[Toybox] [toybox] increase the size of progname to avoid buffer overflow in netstat (#14)

Rob Landley rob at landley.net
Tue Sep 8 03:37:39 PDT 2015


On 09/08/2015 03:00 AM, Lipi C.H. Lee wrote:
> [ERROR]
> root at generic_x86_64:/ # netstat -p
> netstat: '1425/com.android.systemui' > 21 bytes
> 
> ------------------------------------------------------------------------
> 
> 
>         You can view, comment on, or merge this pull request online at:
> 
>   https://github.com/landley/toybox/pull/14

Such a wonderful email interface, github has. Let's see...

> Subject: [PATCH] increase the size of progname to avoid buffer overflow
> 
> [ERROR]
> root at generic_x86_64:/ # netstat -p
> netstat: '1425/com.android.systemui' > 21 bytes
> ---
>  toys/pending/netstat.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/toys/pending/netstat.c b/toys/pending/netstat.c
> index fbb9eb1..63be39c 100644
> --- a/toys/pending/netstat.c
> +++ b/toys/pending/netstat.c
> @@ -58,7 +58,7 @@ enum {
>  #define SOCK_NOT_CONNECTED 1
>  //For PID/Progrma Name
>  #define PROGRAM_NAME "PID/Program Name"
> -#define PROGNAME_LEN 21
> +#define PROGNAME_LEN 50
>  
>  typedef struct _pidlist {
>    struct _pidlist *next;

This just replaces one constant with another. A filename can be up to
256 bytes in the vfs, so this doesn't fix the general problem of program
name being arbitrarily long. And increasing it to any constant value
wouldn't help if a _path_ is being stored, and netstat -a shows:

unix  3      [ ]         STREAM     CONNECTED      11544
/var/run/dbus/system_bus_socket

Sigh. This command is in pending for a reason.

I applied your patch because it doesn't make it _worse_, and presumably
fixes it for you, but I need to revisit this. However, $DAYJOB has just
scheduled another trip to Japan for next week, and I'm scrambling to get
the http://nommu.org/jcore stuff updated so Jeff and I can give a
tutorial about it at http://elinux.org/Japan_Technical_Jamboree_54 as
long as I'm in town anyway.

Thanks for the bug report, and I'll take this as an indication that
you're using this command so I'll bump it up the todo list. But it's
still after finishing ps and lsof.

Thanks,

Rob


More information about the Toybox mailing list