From 9fc72c1e9c07f06bc3ca33d538e06a894778992d Mon Sep 17 00:00:00 2001 From: Benny Baumann Date: Thu, 5 May 2022 20:02:08 +0200 Subject: [PATCH] Ensure buffer for environment is large enough on Solaris --- solaris/Platform.c | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/solaris/Platform.c b/solaris/Platform.c index 20b4d131..9c5acb5b 100644 --- a/solaris/Platform.c +++ b/solaris/Platform.c @@ -267,16 +267,21 @@ static int Platform_buildenv(void* accum, struct ps_prochandle* Phandle, uintptr envAccum* accump = accum; (void) Phandle; (void) addr; + size_t thissz = strlen(str); - if ((thissz + 2) > (accump->capacity - accump->size)) { - accump->env = xRealloc(accump->env, accump->capacity *= 2); + + while ((thissz + 2) > (accump->capacity - accump->size)) { + if (accump->capacity > (SIZE_MAX / 2)) + return 1; + + accump->capacity *= 2; + accump->env = xRealloc(accump->env, accump->capacity); } - if ((thissz + 2) > (accump->capacity - accump->size)) { - return 1; - } - strlcpy( accump->env + accump->size, str, (accump->capacity - accump->size)); + + strlcpy( accump->env + accump->size, str, accump->capacity - accump->size); strncpy( accump->env + accump->size + thissz + 1, "\n", 2); - accump->size = accump->size + thissz + 1; + + accump->size += thissz + 1; return 0; } @@ -299,7 +304,8 @@ char* Platform_getProcessEnv(pid_t pid) { Prelease(Phandle, 0); strncpy( envBuilder.env + envBuilder.size, "\0", 1); - return envBuilder.env; + + return xRealloc(envBuilder.env, envBuilder.size + 1); } char* Platform_getInodeFilename(pid_t pid, ino_t inode) {