diff options
author | Evgenii Stepanov <eugenis@google.com> | 2016-10-31 12:26:11 -0700 |
---|---|---|
committer | Rob Landley <rob@landley.net> | 2016-11-02 09:16:18 -0500 |
commit | 45058fb2735dd5a81a6bd224e35bb34044a02ce5 (patch) | |
tree | d6dd07db7bcaefbb5b5feb9c0755182798050ba2 | |
parent | a583afc812cf7be74ebab72294c8df485908ff04 (diff) | |
download | toybox-45058fb2735dd5a81a6bd224e35bb34044a02ce5.tar.gz |
Fix control flow integrity check failure in ps.
This fixes an indirect function call through a pointer of an
incompatible type.
See http://clang.llvm.org/docs/ControlFlowIntegrity.html for more
details.
-rw-r--r-- | toys/posix/ps.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/toys/posix/ps.c b/toys/posix/ps.c index 15acc84f..77d777bd 100644 --- a/toys/posix/ps.c +++ b/toys/posix/ps.c @@ -544,8 +544,9 @@ static char *string_field(struct carveup *tb, struct strawberry *field) } // Display process data that get_ps() read from /proc, formatting with TT.fields -static void show_ps(struct carveup *tb) +static void show_ps(void *p) { + struct carveup *tb = p; struct strawberry *field; int pad, len, width = TT.width, abslen, sign, olen, extra = 0; @@ -1215,7 +1216,7 @@ void ps_main(void) // print headers now (for low memory/nommu systems). TT.bits = get_headers(TT.fields, toybuf, sizeof(toybuf)); if (!(toys.optflags&FLAG_M)) printf("%.*s\n", TT.width, toybuf); - if (!(toys.optflags&(FLAG_k|FLAG_M))) TT.show_process = (void *)show_ps; + if (!(toys.optflags&(FLAG_k|FLAG_M))) TT.show_process = show_ps; TT.match_process = ps_match_process; dt = dirtree_read("/proc", ((toys.optflags&FLAG_T) || (TT.bits&(_PS_TID|_PS_TCNT))) @@ -1671,8 +1672,9 @@ static void do_pgk(struct carveup *tb) } } -static void match_pgrep(struct carveup *tb) +static void match_pgrep(void *p) { + struct carveup *tb = p; regmatch_t match; struct regex_list *reg; char *name = tb->str+tb->offset[4]*!!(toys.optflags&FLAG_f);; @@ -1744,7 +1746,7 @@ void pgrep_main(void) TT.pgrep.regexes = reg; } TT.match_process = pgrep_match_process; - TT.show_process = (void *)match_pgrep; + TT.show_process = match_pgrep; // pgrep should return failure if there are no matches. toys.exitval = 1; |