From owner-freebsd-hackers  Fri Mar 16 20:24: 0 2001
Delivered-To: freebsd-hackers@freebsd.org
Received: from bazooka.unixfreak.org (bazooka.unixfreak.org [63.198.170.138])
	by hub.freebsd.org (Postfix) with ESMTP id AE10937B719
	for <hackers@freebsd.org>; Fri, 16 Mar 2001 20:23:56 -0800 (PST)
	(envelope-from dima@unixfreak.org)
Received: from spike.unixfreak.org (spike [192.168.2.4])
	by bazooka.unixfreak.org (Postfix) with ESMTP id C1B283E23
	for <hackers@freebsd.org>; Fri, 16 Mar 2001 20:23:51 -0800 (PST)
To: hackers@freebsd.org
Subject: sysctl_kern_proc doesn't handle the case when no procs match given criteria
Date: Fri, 16 Mar 2001 20:23:51 -0800
From: Dima Dorfman <dima@unixfreak.org>
Message-Id: <20010317042351.C1B283E23@bazooka.unixfreak.org>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Hello -hackers

The sysctl_kern_proc routine in kern_proc.c doesn't handle the case
when no processes match the given criteria.  I.e., if no processes
match, it will return 0 even though it never called SYSCTL_OUT; thus,
the output data is junk.  This can be demonstrated by giving ps(1)
arguments such that no processes match.  In this example, the user
`nobody' isn't running anything:

	dd@ref5% ps U nobody
	ps: kinfo_proc size mismatch (expected 648, got -791621424)

Obviously, this isn't the desired mode of failure.  Attached is a
patch that will make sysctl_kern_proc return ESRCH if it didn't find
any processes.  AFAIK, without the patch, the only way to detect this
condition (no processes match search criteria) is to check that a call
into this routine via sysctl didn't modify whatever is pointed at by
the oldp pointer (see sysctl(3)).

Comments?  Suggestions?

Thanks

					Dima Dorfman
					dima@unixfreak.org

P.S.  libkvm and/or ps(1) should probably be taught to check for this
condition and react more gently (on -stable, ps just prints the column
labels when this happens).  I'll probably do this later.

Index: kern_proc.c
===================================================================
RCS file: /st/src/FreeBSD/src/sys/kern/kern_proc.c,v
retrieving revision 1.89
diff -u -r1.89 kern_proc.c
--- kern_proc.c	2001/03/07 06:52:12	1.89
+++ kern_proc.c	2001/03/17 04:20:49
@@ -555,6 +555,7 @@
 	struct proc *p;
 	int doingzomb;
 	int error = 0;
+	int match = 0;
 
 	if (oidp->oid_number == KERN_PROC_PID) {
 		if (namelen != 1) 
@@ -640,9 +641,12 @@
 				ALLPROC_LOCK(AP_RELEASE);
 				return (error);
 			}
+			match = 1;
 		}
 	}
 	ALLPROC_LOCK(AP_RELEASE);
+	if (!match)
+		return (ESRCH);
 	return (0);
 }
 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message