htop icon indicating copy to clipboard operation
htop copied to clipboard

Published 20 hours ago verified publisher icon hishamhm

Fix numbers larger than 100 terabytes

Open adrien1018 opened this issue 6 years ago • 3 comments

This is an issue similar to #733. If a process has RD_CHAR or WR_CHAR larger than 100 TB, and the columns are displayed, htop will terminate and print htop: Success.

The situation can be reproduced by running something that calls read/write a lot for a few hours, such as cat /dev/zero > /dev/null.

adrien1018 avatar Dec 18 '18 13:12 adrien1018

Can we have a solution that's more future-proof? Even if we fix the 100 TB problem now, there is still a potential of snprintf() overflow on larger integers, e.g. petabytes or exabytes (2^64 = 16 exa).

And according to the reproduce case, this should a local denial-of-service vulnerability (a local user A can attempt to crash user B's htop monitor through this).

Explorer09 avatar Dec 30 '18 07:12 Explorer09

OK, now it can deal with any RD_CHAR inside 64-bit range. It can also deal with I/O rate up to 10PB/sec now.

(There are still some theoretical situations that can make snprintf() overflow, e.g. memory larger than 10PB or jobs running more than 1140 years. Should we also deal with these extreme cases?)

adrien1018 avatar Dec 30 '18 12:12 adrien1018

Merged here: htop-dev/htop@00d333c

natoscott avatar Aug 19 '20 08:08 natoscott