unix: fix format string vulnerability in freebsd.c

uv_set_process_title() was susceptible to a format string vulnerability:

  $ node -e 'process.title = Array(42).join("%s")'
  Segmentation fault: 11 (core dumped)

The fix is trivial - call setproctitle("%s", s) instead of setproctitle(s) -
but valgrind complains loudly about reads from and writes to uninitialized
memory in libc. It's not a libuv bug because the test case below triggers the
same warnings:

  #include <stdio.h>
  #include <stdlib.h>
  #include <sys/types.h>
  #include <unistd.h>

  int main(void)
  {
    setproctitle("%s", "test");
    return 0;
  }

That's why this commit replaces setproctitle() with sysctl(KERN_PROC_ARGS).

src/unix/freebsd.c

@@ -139,9 +139,23 @@ char** uv_setup_args(int argc, char** argv) {
 
 
 uv_err_t uv_set_process_title(const char* title) {
+  int oid[4];
+
   if (process_title) free(process_title);
   process_title = strdup(title);
-  setproctitle(title);
+
+  oid[0] = CTL_KERN;
+  oid[1] = KERN_PROC;
+  oid[2] = KERN_PROC_ARGS;
+  oid[3] = getpid();
+
+  sysctl(oid,
+         ARRAY_SIZE(oid),
+         NULL,
+         NULL,
+         process_title,
+         strlen(process_title) + 1);
+
   return uv_ok_;
 }
 

test/test-process-title.c

@@ -23,20 +23,27 @@
 #include "task.h"
 #include <string.h>
 
-TEST_IMPL(process_title) {
+
+static void set_title(const char* title) {
   char buffer[512];
   uv_err_t err;
 
   err = uv_get_process_title(buffer, sizeof(buffer));
   ASSERT(UV_OK == err.code);
 
-  err = uv_set_process_title("new title");
+  err = uv_set_process_title(title);
   ASSERT(UV_OK == err.code);
 
   err = uv_get_process_title(buffer, sizeof(buffer));
   ASSERT(UV_OK == err.code);
 
-  ASSERT(strcmp(buffer, "new title") == 0);
+  ASSERT(strcmp(buffer, title) == 0);
+}
 
+
+TEST_IMPL(process_title) {
+  /* Check for format string vulnerabilities. */
+  set_title("%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s");
+  set_title("new title");
   return 0;
 }