1 files changed, 14 insertions, 7 deletions
diff --git a/libbb/procps.c b/libbb/procps.c
index 3256fafc5..fc31c075d 100644
--- a/libbb/procps.c
+++ b/libbb/procps.c
@@ -558,22 +558,29 @@ int FAST_FUNC read_cmdline(char *buf, int col, unsigned pid, const char *comm)
        if (sz < 0)
                return sz;
        if (sz > 0) {
-                const char *base;
+                const char *program_basename;
                int comm_len;
                buf[sz] = '\0';
                while (--sz >= 0 && buf[sz] == '\0')
                        continue;
-                /* Prevent basename("process foo/bar") = "bar" */
-                strchrnul(buf, ' ')[0] = '\0';
+                /* Find "program" in "[-][/PATH/TO/]program" */
-                base = bb_basename(buf); /* before we replace argv0's NUL with space */
+                strchrnul(buf, ' ')[0] = '\0'; /* prevent basename("program foo/bar") = "bar" */
+                program_basename = bb_basename(buf[0] == '-' ? buf + 1 : buf);
+                /* ^^^ note: must do it *before* replacing argv0's NUL with space */
+                /* Prevent stuff like this:
+                 *  echo 'sleep 999; exit' >`printf '\ec'`; sh ?c
+                 * messing up top and ps output (or worse).
+                 * This also replaces NULs with spaces, converting
+                 * list of NUL-strings into one string.
+                 */
                while (sz >= 0) {
                        if ((unsigned char)(buf[sz]) < ' ')
                                buf[sz] = ' ';
                        sz--;
                }
-                if (base[0] == '-') /* "-sh" (login shell)? */
-                        base++;
                /* If comm differs from argv0, prepend "{comm} ".
                 * It allows to see thread names set by prctl(PR_SET_NAME).
@@ -587,7 +594,7 @@ int FAST_FUNC read_cmdline(char *buf, int col, unsigned pid, const char *comm)
                 * I prefer to still treat argv0 "process foo bar"
                 * as 'equal' to comm "process".
                 */
-                if (strncmp(base, comm, comm_len) != 0) {
+                if (strncmp(program_basename, comm, comm_len) != 0) {
                        comm_len += 3;
                        if (col > comm_len)
                                memmove(buf + comm_len, buf, col - comm_len);

diff --git a/libbb/procps.c b/libbb/procps.c index 3256fafc5..fc31c075d 100644 --- a/libbb/procps.c +++ b/libbb/procps.c
@@ -558,22 +558,29 @@ int FAST_FUNC read_cmdline(char buf, int col, unsigned pid, const char comm)
558	if (sz < 0)	558	if (sz < 0)
559	return sz;	559	return sz;
560	if (sz > 0) {	560	if (sz > 0) {
561	const char *base;	561	const char *program_basename;
562	int comm_len;	562	int comm_len;
563		563
564	buf[sz] = '\0';	564	buf[sz] = '\0';
565	while (--sz >= 0 && buf[sz] == '\0')	565	while (--sz >= 0 && buf[sz] == '\0')
566	continue;	566	continue;
567	/* Prevent basename("process foo/bar") = "bar" */	567
568	strchrnul(buf, ' ')[0] = '\0';	568	/* Find "program" in "[-][/PATH/TO/]program" */
569	base = bb_basename(buf); /* before we replace argv0's NUL with space */	569	strchrnul(buf, ' ')[0] = '\0'; /* prevent basename("program foo/bar") = "bar" */
		570	program_basename = bb_basename(buf[0] == '-' ? buf + 1 : buf);
		571	/* ^^^ note: must do it before replacing argv0's NUL with space */
		572
		573	/* Prevent stuff like this:
		574	* echo 'sleep 999; exit' >`printf '\ec'`; sh ?c
		575	* messing up top and ps output (or worse).
		576	* This also replaces NULs with spaces, converting
		577	* list of NUL-strings into one string.
		578	*/
570	while (sz >= 0) {	579	while (sz >= 0) {
571	if ((unsigned char)(buf[sz]) < ' ')	580	if ((unsigned char)(buf[sz]) < ' ')
572	buf[sz] = ' ';	581	buf[sz] = ' ';
573	sz--;	582	sz--;
574	}	583	}
575	if (base[0] == '-') /* "-sh" (login shell)? */
576	base++;
577		584
578	/* If comm differs from argv0, prepend "{comm} ".	585	/* If comm differs from argv0, prepend "{comm} ".
579	* It allows to see thread names set by prctl(PR_SET_NAME).	586	* It allows to see thread names set by prctl(PR_SET_NAME).
@@ -587,7 +594,7 @@ int FAST_FUNC read_cmdline(char buf, int col, unsigned pid, const char comm)
587	* I prefer to still treat argv0 "process foo bar"	594	* I prefer to still treat argv0 "process foo bar"
588	* as 'equal' to comm "process".	595	* as 'equal' to comm "process".
589	*/	596	*/
590	if (strncmp(base, comm, comm_len) != 0) {	597	if (strncmp(program_basename, comm, comm_len) != 0) {
591	comm_len += 3;	598	comm_len += 3;
592	if (col > comm_len)	599	if (col > comm_len)
593	memmove(buf + comm_len, buf, col - comm_len);	600	memmove(buf + comm_len, buf, col - comm_len);