Date: Fri, 27 Jul 2018 07:05:50 +0000 (UTC) From: Daichi GOTO <daichi@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r336756 - head/usr.bin/top Message-ID: <201807270705.w6R75oRd064164@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: daichi Date: Fri Jul 27 07:05:50 2018 New Revision: 336756 URL: https://svnweb.freebsd.org/changeset/base/336756 Log: top(1): fix a buffer overflow copying states to display while they were incremented - fix an AddressSanitizer error Submitted by: devnexen@gmail.com Reviewed by: eadler Approved by: gnn (mentor) Differential Revision: https://reviews.freebsd.org/D16183 Modified: head/usr.bin/top/display.c Modified: head/usr.bin/top/display.c ============================================================================== --- head/usr.bin/top/display.c Fri Jul 27 05:40:03 2018 (r336755) +++ head/usr.bin/top/display.c Fri Jul 27 07:05:50 2018 (r336756) @@ -420,6 +420,7 @@ i_cpustates(int *states) int value; const char * const *names; const char *thisname; + int *hstates = states; int cpu; for (cpu = 0; cpu < num_cpus; cpu++) { @@ -453,6 +454,7 @@ for (cpu = 0; cpu < num_cpus; cpu++) { } /* copy over values into "last" array */ + states = hstates; memcpy(lcpustates, states, num_cpustates * sizeof(int) * num_cpus); } @@ -462,6 +464,7 @@ u_cpustates(int *states) int value; const char * const *names; const char *thisname; + int *hstates = states; int *lp; int *colp; int cpu; @@ -504,6 +507,8 @@ for (cpu = 0; cpu < num_cpus; cpu++) { colp++; } } + + states = hstates; } void
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201807270705.w6R75oRd064164>