[PATCH] 2.4.21 /proc/<pid>/cmdline overflow

[PATCH] 2.4.21 /proc/<pid>/cmdline overflow

[Ross Biro]

[-- Attachment #1: Type: text/plain, Size: 491 bytes --]


Currently when a process has a command line that is more than 4k long, 
the internal buffer does not end up being null terminated and the kernel 
assumes that the process has called setproctitle.  The net effect is 
that for processes with >4k command lines, the commnad line available 
via proc is terminated after argv[0].

This patch terminates >4k command lines with ... at the 4k mark.

It has been only minimal tested in 2.4.21, but has been used quite a bit 
in 2.4.18.

    Ross




[-- Attachment #2: 4kcmdline.patch --]
[-- Type: text/plain, Size: 1285 bytes --]

diff -urbBd linux-2.4.21-1/fs/proc/base.c linux-2.4.21-2/fs/proc/base.c
--- linux-2.4.21-1/fs/proc/base.c	Fri Jun 13 07:51:37 2003
+++ linux-2.4.21-2/fs/proc/base.c	Mon Jun 16 11:08:09 2003
@@ -26,6 +26,15 @@
 #include <linux/seq_file.h>
 #include <linux/namespace.h>
 
+ /*
+ * What to put in the command line when we truncat them.
+ *
+ */
+#define DOTS "..."
+// includes the trailing null.
+#define DOTLEN 4 
+
+
 /*
  * For hysterical raisins we keep the same inumbers as in the old procfs.
  * Feel free to change the macro below - just keep the range distinct from
@@ -154,11 +163,23 @@
 	task_unlock(task);
 	if (mm) {
 		int len = mm->arg_end - mm->arg_start;
-		if (len > PAGE_SIZE)
+		if (len > PAGE_SIZE) {
 			len = PAGE_SIZE;
-		res = access_process_vm(task, mm->arg_start, buffer, len, 0);
+			res = access_process_vm(task, mm->arg_start,
+						buffer, len, 0);
+			if (res > 0) {
+				memcpy(buffer + PAGE_SIZE - DOTLEN, 
+				       DOTS, DOTLEN);
+				res = PAGE_SIZE;
+			}
+		} else {
+			res = access_process_vm(task, mm->arg_start, 
+						buffer, len, 0);
+		}
+
 		// If the nul at the end of args has been overwritten, then
 		// assume application is using setproctitle(3).
+
 		if ( res > 0 && buffer[res-1] != '\0' )
 		{
 			len = strnlen( buffer, res );