diff options
| author | Michał Łyszczek <michal.lyszczek@bofc.pl> | 2019-06-08 14:42:46 +0200 |
|---|---|---|
| committer | Michał Łyszczek <michal.lyszczek@bofc.pl> | 2019-06-08 14:53:56 +0200 |
| commit | cd195e9bafd6d31807e6b187039996f541982d48 (patch) | |
| tree | 957c0977c8bfe8217454a8fa4896b65f32e1b9dd | |
| parent | 42dc8ffb8c11d2e960e20b1c508e8e522e16453b (diff) | |
| download | embedlog-cd195e9bafd6d31807e6b187039996f541982d48.tar.gz embedlog-cd195e9bafd6d31807e6b187039996f541982d48.tar.bz2 embedlog-cd195e9bafd6d31807e6b187039996f541982d48.zip | |
src/el-print.c: fix possible buffer overflow in el_print()
In case when message, finfo and colors are enabled and are full
(their text is as long as defined max values) it was possible to
overflow buffer. Very rare situation but surely it will happend,
to someone one day. Not anymore, it won't.
Signed-off-by: Michał Łyszczek <michal.lyszczek@bofc.pl>
| -rw-r--r-- | src/el-print.c | 11 | ||||
| -rw-r--r-- | src/el-private.h | 10 | ||||
| -rw-r--r-- | tst/test-el-print.c | 13 |
3 files changed, 29 insertions, 5 deletions
diff --git a/src/el-print.c b/src/el-print.c index 255d3b0..530ae60 100644 --- a/src/el-print.c +++ b/src/el-print.c @@ -229,11 +229,20 @@ static size_t el_finfo return 0; } + if (num > EL_PRE_FINFO_LINE_MAX_NUM) + { + /* line number is too large and may overflow buffer, limit + * it to max value + */ + + num = EL_PRE_FINFO_LINE_MAX_NUM; + } + base = el_basename(file); buf[0] = '['; buf[1] = '\0'; - strncat(buf, base, EL_PRE_FINFO_LEN); + strncat(buf, base, EL_FLEN_MAX); fl = strlen(buf); fl += sprintf(buf + fl, ":%d", num); diff --git a/src/el-private.h b/src/el-private.h index a336c2c..21d10ba 100644 --- a/src/el-private.h +++ b/src/el-private.h @@ -174,6 +174,16 @@ extern struct el g_el; /* ========================================================================== + Numerical limit of line max, its stringified strlen() should not exceed + EL_PRE_FINFO_LINE_MAX_LEN. So if EL_PRE_FINFO_LINE_MAX_LEN is 2, best to + define it to 99, when 5 -> 99999. + ========================================================================== */ + + +#define EL_PRE_FINFO_LINE_MAX_NUM 9999999l + + +/* ========================================================================== maximum file info length. File info is a part with file name and line number, it looks like this diff --git a/tst/test-el-print.c b/tst/test-el-print.c index 37aa33f..e5abe62 100644 --- a/tst/test-el-print.c +++ b/tst/test-el-print.c @@ -383,7 +383,7 @@ static int print_check(void) tmp[i] = '\0'; strcpy(expected_file, expected.file); - if (strcmp(tmp, basename(expected_file)) != 0) + if (strncmp(tmp, basename(expected_file), EL_FLEN_MAX) != 0) { /* * file name in printed log is different than what we set @@ -427,6 +427,11 @@ static int print_check(void) msg++; /* skip ']' or ':' character */ tmp[i] = '\0'; + if (expected.line > EL_PRE_FINFO_LINE_MAX_NUM) + { + expected.line = EL_PRE_FINFO_LINE_MAX_NUM; + } + if ((size_t)atoi(tmp) != expected.line) { /* line number in printed log is different than @@ -1230,8 +1235,8 @@ static void print_truncate_with_date(void) static void print_truncate_with_all_options(void) { char msg[EL_LOG_MAX + 3]; - char finfo[EL_FLEN_MAX + 1]; - char prefix[EL_PREFIX_MAX + 1]; + char finfo[EL_FLEN_MAX + 3]; + char prefix[EL_PREFIX_MAX + 3]; size_t fline; /*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/ @@ -1248,7 +1253,7 @@ static void print_truncate_with_all_options(void) memset(prefix, 'c', sizeof(prefix)); finfo[sizeof(finfo) - 1] = '\0'; prefix[sizeof(prefix) - 1] = '\0'; - fline = (size_t)pow(10, EL_PRE_FINFO_LINE_MAX_LEN) - 1; + fline = (size_t)pow(10, EL_PRE_FINFO_LINE_MAX_LEN + 2) - 1; msg[sizeof(msg) - 1] = '\0'; msg[sizeof(msg) - 2] = '3'; msg[sizeof(msg) - 3] = '2'; |