openkylin
/
platform_system_core
mirror of https://gitee.com/openkylin/platform_system_core.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix Heap Corruption from too long of a TAG 

snprintf has a weird return value.   It returns what would have been written given a large enough buffer.
In the case that the prefix is longer then our buffer(128), it messes up the calculations below possibly causing heap corruption.
To avoid this we double check and set the length at the maximum (size minus null byte
This commit is contained in:
Keith Preston 2010-02-11 15:12:53 -06:00 committed by preston
parent 91a54c11cb
commit b45b5c9f22
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
liblog/logprint.c
View File

@ -753,6 +753,16 @@ char *android_log_formatLogLine (
suffixLen = 1;
break;
}
/* snprintf has a weird return value. It returns what would have been
* written given a large enough buffer. In the case that the prefix is
* longer then our buffer(128), it messes up the calculations below
* possibly causing heap corruption. To avoid this we double check and
* set the length at the maximum (size minus null byte)
*/
if(prefixLen >= sizeof(prefixBuf))
prefixLen = sizeof(prefixBuf) - 1;
if(suffixLen >= sizeof(suffixBuf))
suffixLen = sizeof(suffixBuf) - 1;
/* the following code is tragically unreadable */