3 changed files with 7 additions and 155 deletions
--- a/backport-0014-ps-Fix-possible-buffer-overflow-in-C-option.patch
+++ b/backport-0014-ps-Fix-possible-buffer-overflow-in-C-option.patch
@ -1,70 +0,0 @@
-From 2c933ecba3bb1d3041a5a7a53a7b4078a6003413 Mon Sep 17 00:00:00 2001
-From: Craig Small <csmall@dropbear.xyz>
-Date: Thu, 10 Aug 2023 21:18:38 +1000
-Subject: [PATCH] ps: Fix possible buffer overflow in -C option
-
-ps allocates memory using malloc(length of arg * len of struct).
-In certain strange circumstances, the arg length could be very large
-and the multiplecation will overflow, allocating a small amount of
-memory.
-
-Subsequent strncpy() will then write into unallocated memory.
-The fix is to use calloc. It's slower but this is a one-time
-allocation. Other malloc(x * y) calls have also been replaced
-by calloc(x, y)
-
-References:
- https://www.freelists.org/post/procps/ps-buffer-overflow-CVE-20234016
- https://nvd.nist.gov/vuln/detail/CVE-2023-4016
- https://gitlab.com/procps-ng/procps/-/issues/297
- https://bugs.debian.org/1042887
-
-Conflict: remove NEWS part
-
-Signed-off-by: Craig Small <csmall@dropbear.xyz>
---
- ps/parser.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/ps/parser.c b/ps/parser.c
-index 248aa741..15873dfa 100644
--- a/ps/parser.c
-+++ b/ps/parser.c
-@@ -189,7 +189,6 @@ static const char *parse_list(const char *arg, const char *(*parse_fn)(char *, s
-   const char *err;       /* error code that could or did happen */
-   /*** prepare to operate ***/
-   node = malloc(sizeof(selection_node));
-  node->u = malloc(strlen(arg)*sizeof(sel_union)); /* waste is insignificant */
-   node->n = 0;
-   buf = strdup(arg);
-   /*** sanity check and count items ***/
-@@ -210,6 +209,7 @@ static const char *parse_list(const char *arg, const char *(*parse_fn)(char *, s
-   } while (*++walk);
-   if(need_item) goto parse_error;
-   node->n = items;
-+  node->u = calloc(items, sizeof(sel_union));
-   /*** actually parse the list ***/
-   walk = buf;
-   while(items--){
-@@ -1050,15 +1050,15 @@ static const char *parse_trailing_pids(void){
-   thisarg = ps_argc - 1;   /* we must be at the end now */
- 
-   pidnode = malloc(sizeof(selection_node));
-  pidnode->u = malloc(i*sizeof(sel_union)); /* waste is insignificant */
-+  pidnode->u = calloc(i, sizeof(sel_union)); /* waste is insignificant */
-   pidnode->n = 0;
- 
-   grpnode = malloc(sizeof(selection_node));
-  grpnode->u = malloc(i*sizeof(sel_union)); /* waste is insignificant */
-+  grpnode->u = calloc(i,sizeof(sel_union)); /* waste is insignificant */
-   grpnode->n = 0;
- 
-   sidnode = malloc(sizeof(selection_node));
-  sidnode->u = malloc(i*sizeof(sel_union)); /* waste is insignificant */
-+  sidnode->u = calloc(i, sizeof(sel_union)); /* waste is insignificant */
-   sidnode->n = 0;
- 
-   while(i--){
-- 
-2.33.0
-
--- a/pgrep-uid-gid-overflow.patch
+++ b/pgrep-uid-gid-overflow.patch
@ -1,54 +0,0 @@
-From d279b2cff46efec314836f8bac88d742647bab4e Mon Sep 17 00:00:00 2001
-From: Todd Lewis <todd_lewis@unc.edu>
-Date: Thu, 21 Mar 2024 10:57:31 +0800
-Subject: [PATCH] fix uid/gid > 2^31
-
---
- pgrep.c         |  6 +++++-
- proc/readproc.h | 12 ++++++------
- 2 files changed, 11 insertions(+), 7 deletions(-)
-
-diff --git a/pgrep.c b/pgrep.c
-index 52264b7..b72e32d 100644
--- a/pgrep.c
-+++ b/pgrep.c
-@@ -204,8 +204,12 @@ static int strict_atol (const char *restrict str, long *restrict value)
- 
- 	for ( ; *str; ++str) {
- 		if (! isdigit (*str))
-			return (0);
-+                        return 0;
-+                if (res >= LONG_MAX / 10)
-+                        return 0;
- 		res *= 10;
-+                if (res >= LONG_MAX - (*str - '0'))
-+                        return 0;
- 		res += *str - '0';
- 	}
- 	*value = sign * res;
-diff --git a/proc/readproc.h b/proc/readproc.h
-index 7905ea9..7bdb37f 100644
--- a/proc/readproc.h
-+++ b/proc/readproc.h
-@@ -159,12 +159,12 @@ typedef struct proc_t {
- 	session,	// stat            session id
- 	nlwp,		// stat,status     number of threads, or 0 if no clue
- 	tgid,		// (special)       thread group ID, the POSIX PID (see also: tid)
-	tty,		// stat            full device number of controlling terminal
-	/* FIXME: int uids & gids should be uid_t or gid_t from pwd.h */
-        euid, egid,     // stat(),status   effective
-        ruid, rgid,     // status          real
-        suid, sgid,     // status          saved
-        fuid, fgid,     // status          fs (used for file access only)
-+	tty;            // stat            full device number of controlling terminal
-+    uid_t euid; gid_t egid; // stat(),status effective
-+    uid_t ruid; gid_t rgid; // status        real
-+    uid_t suid; gid_t sgid; // status        saved
-+    uid_t fuid; gid_t fgid; // status        fs (used for file access only)
-+    int
- 	tpgid,		// stat            terminal process group id
- 	exit_signal,	// stat            might not be SIGCHLD
- 	processor;      // stat            current (or most recent?) CPU
-- 
-2.27.0
-
--- a/procps-ng.spec
+++ b/procps-ng.spec
@ -1,6 +1,6 @@
 Name: 		procps-ng
 Version: 	3.3.16
-Release:	20
+Release:	14
 Summary: 	Utilities that provide system information.
 License: 	GPL+ and GPLv2 and GPLv2+ and GPLv3+ and LGPLv2+
 URL: 		https://sourceforge.net/projects/procps-ng/
@ -20,15 +20,12 @@ Patch0007: backport-0008-misc-eliminate-a-couple-of-miscellaneous-gcc-warning.pa
 Patch0008: backport-0009-top-fix-potential-SEGV-when-no-tasks-were-displayabl.patch
 Patch0009: backport-0010-top-fix-additional-SEGVs-if-no-tasks-were-displayabl.patch
 Patch0010: backport-0011-pgrep-Remove-memory-leak.patch
-Patch0011: backport-0012-Set-TZ-to-avoid-repeated-stat-etc-localtime.patch 
-Patch0012: backport-0013-kill-Fix-argument-handling-for-negative-PIDs.patch 
-Patch0013: backport-0014-ps-Fix-possible-buffer-overflow-in-C-option.patch
+Patch0011: backport-0012-Set-TZ-to-avoid-repeated-stat-etc-localtime.patch
+Patch0012: backport-0013-kill-Fix-argument-handling-for-negative-PIDs.patch

 Patch9000: 	feature-add-options-M-and-N-for-top.patch
 Patch9001: 	bugfix-top-exit-with-error-when-pid-overflow.patch
-Patch9002:	pgrep-uid-gid-overflow.patch

-Recommends:	%{name}-help = %{version}-%{release}
 BuildRequires: 	ncurses-devel libtool autoconf automake gcc gettext-devel systemd-devel

 Provides: 	procps = %{version}-%{release}
@ -72,9 +69,6 @@ autoreconf -ivf

 make CFLAGS="%{optflags}"

-%check
-make check
-
 %install
 %make_install

@ -113,28 +107,10 @@ ln -s %{_bindir}/pidof %{buildroot}%{_sbindir}/pidof
 %{_mandir}/translated

 %changelog
-* Thu Mar 21 2024 cenhuilin <cenhuilin@kylinos.cn> - 3.3.16-20
- fix uid gid overflow
+* Sat Feb 27 2021 hewenliang <hewenliang4@huawei.com> - 3.3.16-14
+- sync patches

-* Tue Aug 15 2023 Liu Chao <liuchao173@huawei.com> - 3.3.16-19
- ps: Fix possible buffer overflow in -C option
-
-* Fri Apr 21 2023 zhoujie <zhoujie133@huawei.com> - 3.3.16-18
- enable make check
-
-* Sat Feb 27 2021 hewenliang <314264452@qq.com> - 3.3.16-17
- Sync patches from upstream
-
-* Mon Feb 08 2021 xinghe <xinghe1@huawei.com> - 3.3.16-16
- rebuild package
-
-* Sun Feb 7 2021 xinghe <xinghe1@huawei.com> - 3.3.16-15
- rebuild package
-
-* Thu Nov 12 2020 xinghe <xinghe1@huawei.com> - 3.3.16-14
- add help for Recommends
-
-* Tue Nov 03 2020 xinghe <xinghe1@huawei.com> - 3.3.16-13
+* Thu Nov 03 2020 xinghe <xinghe1@huawei.com> - 3.3.16-13
 - sync patchs

 * Wed Sep 23 2020 MarsChan <chenmingmin@huawei.com> - 3.3.16-12
@ -199,5 +175,5 @@ ln -s %{_bindir}/pidof %{buildroot}%{_sbindir}/pidof
 - SUG:restart
 - DEC:add options -M and -N for top

-* Wed Jul 18 2018 openEuler Buildteam <buildteam@openeuler.org> - 3.3.15-4
+* Sat Jul 18 2018 openEuler Buildteam <buildteam@openeuler.org> - 3.3.15-4
 - Package init