Check that length of data returned by sysctl is non-zero

The length of the data returned by sysctl can be zero, which was not checked for. This could cause crashes, e.g. when querying non-existent processes. (Bug#36279) * src/sysdep.c (list_system_processes) [DARWIN_OS || __FreeBSD__]: (system_process_attributes) [__FreeBSD__]: (system_process_attributes) [DARWIN_OS]: * src/filelock.c (get_boot_time) [CTL_KERN && KERN_BOOTTIME]: Check for zero length data returned by sysctl.
2019-06-19 08:52:50 +02:00 · 2019-06-19 08:52:50 +02:00 · 04477adedc
commit 04477adedc
parent 81535eeadb
2 changed files with 6 additions and 6 deletions
--- a/src/filelock.c
+++ b/src/filelock.c
@ -152,7 +152,7 @@ get_boot_time (void)
    mib[1] = KERN_BOOTTIME;
    size = sizeof (boottime_val);

-    if (sysctl (mib, 2, &boottime_val, &size, NULL, 0) >= 0)
+    if (sysctl (mib, 2, &boottime_val, &size, NULL, 0) >= 0 && size != 0)
      {
 	boot_time = boottime_val.tv_sec;
 	return boot_time;
--- a/src/sysdep.c
+++ b/src/sysdep.c
@ -3014,11 +3014,11 @@ list_system_processes (void)

  Lisp_Object proclist = Qnil;

-  if (sysctl (mib, 3, NULL, &len, NULL, 0) != 0)
+  if (sysctl (mib, 3, NULL, &len, NULL, 0) != 0 || len == 0)
    return proclist;

  procs = xmalloc (len);
-  if (sysctl (mib, 3, procs, &len, NULL, 0) != 0)
+  if (sysctl (mib, 3, procs, &len, NULL, 0) != 0 || len == 0)
    {
      xfree (procs);
      return proclist;
@ -3618,7 +3618,7 @@ system_process_attributes (Lisp_Object pid)
  CONS_TO_INTEGER (pid, int, proc_id);
  mib[3] = proc_id;

-  if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0)
+  if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0 || proclen == 0)
    return attrs;

  attrs = Fcons (Fcons (Qeuid, make_fixnum_or_float (proc.ki_uid)), attrs);
@ -3740,7 +3740,7 @@ system_process_attributes (Lisp_Object pid)

  mib[2] = KERN_PROC_ARGS;
  len = MAXPATHLEN;
-  if (sysctl (mib, 4, args, &len, NULL, 0) == 0)
+  if (sysctl (mib, 4, args, &len, NULL, 0) == 0 && len != 0)
    {
      int i;
      for (i = 0; i < len; i++)
@ -3798,7 +3798,7 @@ system_process_attributes (Lisp_Object pid)
  CONS_TO_INTEGER (pid, int, proc_id);
  mib[3] = proc_id;

-  if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0)
+  if (sysctl (mib, 4, &proc, &proclen, NULL, 0) != 0 || proclen == 0)
    return attrs;

  uid = proc.kp_eproc.e_ucred.cr_uid;