[Nagiosplug-devel] [ nagiosplug-Patches-1455619 ] check_procs segfaults with zombies

[SourceForge.net]

Patches item #1455619, was opened at 2006-03-21 21:03
Message generated for change (Tracker Item Submitted) made by Item Submitter
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397599&aid=1455619&group_id=29880

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Bugfix
Group: None
Status: Open
Resolution: None
Priority: 5
Submitted By: gerhard lausser (lausser)
Assigned to: Nobody/Anonymous (nobody)
Summary: check_procs segfaults with zombies

Initial Comment:
Hi,
under solaris, ps produces output like this for 
zombie processes:
Z 55618 28898 15263    0    0  0.0 

The statement 
cols = sscanf (input_line, PS_FORMAT, PS_VARLIST);
which is actually this one:
...sscanf (input_line, "%s %d %d %d %d %d %f %s%n", 
procstat,&procuid,&procpid,&procpid,&procvsz,&procrss,
&procpcpu,procprog,&pos);

does not fill the pos variable with a value because 
there is no match for the last %s. pos keeps the 
value it got when the last time a non-zombie process 
was found.

pos points to the arguments following procprog which 
is senseless in this case anyway. but later it is 
used to initialize the procargs array.
asprintf (&procargs, "%s", input_line + pos);
In the case of a zombie pos has a value related to 
the last input_line but not the current one, so an 
illegal byte beyond the strings end may be accessed.

I made a patch which takes this into account.

Greetings from Munich,
Gerhard


----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397599&aid=1455619&group_id=29880