• Qualys Security Advisory's avatar
    ps/output.c: Always null-terminate outbuf in show_one_proc(). · 7dd7bdb0
    Qualys Security Advisory authored
    Before "strlen(outbuf)", if one of the pr_*() functions forgot to do it.
    This prevents an out-of-bounds read in strlen(), and an out-of-bounds
    write in "outbuf[sz] = '\n'". Another solution would be to replace
    strlen() with strnlen(), but this is not used anywhere else in the
    code-base and may not exist in all libc's.
    7dd7bdb0
output.c 89.3 KB