Merge branch 'uaf' of cgzones/htop

Daniel Lange · Daniel Lange · commit a94e7661ba7d · 2024-05-17T14:36:38.000+02:00
diff --git a/linux/LinuxProcessTable.c b/linux/LinuxProcessTable.c
@@ -1571,6 +1571,32 @@ static bool LinuxProcessTable_recurseProcTree(LinuxProcessTable* this, openat_ar
       if (!LinuxProcessTable_updateUser(host, proc, procFd, mainTask))
          goto errorReadingProcess;
 
+      /* Check if the process is inside a different PID namespace. */
+      if (proc->isRunningInContainer == TRI_INITIAL && rootPidNs != (ino_t)-1) {
+         struct stat sb;
+#if defined(HAVE_OPENAT) && defined(HAVE_FSTATAT)
+         int res = fstatat(procFd, "ns/pid", &sb, 0);
+#else
+         char path[PATH_MAX];
+         xSnprintf(path, sizeof(path), "%s/ns/pid", procFd);
+         int res = stat(path, &sb);
+#endif
+         if (res == 0) {
+            proc->isRunningInContainer = (sb.st_ino != rootPidNs) ? TRI_ON : TRI_OFF;
+         }
+      }
+
+      if (ss->flags & PROCESS_FLAG_LINUX_CTXT
+         || ((hideRunningInContainer || ss->flags & PROCESS_FLAG_LINUX_CONTAINER) && proc->isRunningInContainer == TRI_INITIAL)
+#ifdef HAVE_VSERVER
+         || ss->flags & PROCESS_FLAG_LINUX_VSERVER
+#endif
+      ) {
+         proc->isRunningInContainer = TRI_OFF;
+         if (!LinuxProcessTable_readStatusFile(proc, procFd))
+            goto errorReadingProcess;
+      }
+
       if (!preExisting) {
 
          #ifdef HAVE_OPENVZ
@@ -1604,32 +1630,6 @@ static bool LinuxProcessTable_recurseProcTree(LinuxProcessTable* this, openat_ar
          }
       }
 
-      /* Check if the process in inside a different PID namespace. */
-      if (proc->isRunningInContainer == TRI_INITIAL && rootPidNs != (ino_t)-1) {
-         struct stat sb;
-#if defined(HAVE_OPENAT) && defined(HAVE_FSTATAT)
-         int res = fstatat(procFd, "ns/pid", &sb, 0);
-#else
-         char path[4096];
-         xSnprintf(path, sizeof(path), "%s/ns/pid", procFd);
-         int res = stat(path, &sb);
-#endif
-         if (res == 0) {
-            proc->isRunningInContainer = (sb.st_ino != rootPidNs) ? TRI_ON : TRI_OFF;
-         }
-      }
-
-      if (ss->flags & PROCESS_FLAG_LINUX_CTXT
-         || ((hideRunningInContainer || ss->flags & PROCESS_FLAG_LINUX_CONTAINER) && proc->isRunningInContainer == TRI_INITIAL)
-#ifdef HAVE_VSERVER
-         || ss->flags & PROCESS_FLAG_LINUX_VSERVER
-#endif
-      ) {
-         proc->isRunningInContainer = TRI_OFF;
-         if (!LinuxProcessTable_readStatusFile(proc, procFd))
-            goto errorReadingProcess;
-      }
-
       /*
        * Section gathering non-critical information that is independent from
        * each other.
@@ -1759,6 +1759,7 @@ static bool LinuxProcessTable_recurseProcTree(LinuxProcessTable* this, openat_ar
              */
          } else {
             /* A really short-lived process that we don't have full info about */
+            assert(ProcessTable_findProcess(pt, Process_getPid(proc)) == NULL);
             Process_delete((Object*)proc);
          }
       }
