diff --git a/bugfix-add-check-to-avoid-invalid-ptr-for-strcmp.patch b/bugfix-add-check-to-avoid-invalid-ptr-for-strcmp.patch new file mode 100644 index 0000000000000000000000000000000000000000..215019c2284d25333427b2776413bb2d90a763cd --- /dev/null +++ b/bugfix-add-check-to-avoid-invalid-ptr-for-strcmp.patch @@ -0,0 +1,29 @@ +From 360a23478dda391daa056c08a7c564f5b350e43a Mon Sep 17 00:00:00 2001 +From: nocjj <1250062498@qq.com> +Date: Thu, 21 Jan 2021 10:57:09 +0800 +Subject: [PATCH 16/16] bugfix: add check to avoid invalid ptr for strcmp + +If len of d_name is less than "pid", it will pass a invalid ptr +to strcmp, which will cause crash. +--- + src/domain.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/domain.c b/src/domain.c +index 7f9173d..f8dea48 100644 +--- a/src/domain.c ++++ b/src/domain.c +@@ -253,6 +253,10 @@ static int check_pid_file(const char *d_name) + int extern_len = strlen(extern_name); + int len = strlen(d_name); + ++ if (len <= extern_len) { ++ return -1; ++ } ++ + return strcmp(d_name + len - extern_len, extern_name); + } + +-- +2.27.0 + diff --git a/vmtop.spec b/vmtop.spec index 5b5a155d4a54a89c8734860cd1adb8581a7b3ffd..377bde97fafad52b41c3b5f760b3c6a999d94347 100644 --- a/vmtop.spec +++ b/vmtop.spec @@ -1,6 +1,6 @@ Name: vmtop Version: 1.1 -Release: 3 +Release: 4 Summary: A tool for collecting and analyzing data of virtual machine License: Mulan PSL V2 Group: Application/System @@ -27,6 +27,7 @@ Patch0015: vcpu_stat-get-vcpu-stat-list-once-per-display-instea.patch Patch0016: proc-del-prc-pid-comm-read.patch Patch0017: display-del-screen-clear-after-key-response.patch Patch0018: codestyle-del-unused-var.patch +Patch0019: bugfix-add-check-to-avoid-invalid-ptr-for-strcmp.patch Requires: libvirt, ncurses @@ -67,6 +68,9 @@ install -m 550 vmtop ${RPM_BUILD_ROOT}/usr/bin/%{name} %{_bindir}/vmtop %changelog +* Wed 27 Jan 2021 Jiajun Chen <1250062498@qq.com> -1.1-4 +- bugfix: add check to avoid invalid ptr for strcmp + * Mon Dec 07 2020 Jiajun Chen <1250062498@qq.com> -1.1-3 - vcpu_stat: add remaining kvm exits items to display - display: modify filter display to support more display fields items