aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichał Łyszczek <michal.lyszczek@bofc.pl>2019-06-08 14:42:46 +0200
committerMichał Łyszczek <michal.lyszczek@bofc.pl>2019-06-08 14:53:56 +0200
commitcd195e9bafd6d31807e6b187039996f541982d48 (patch)
tree957c0977c8bfe8217454a8fa4896b65f32e1b9dd
parent42dc8ffb8c11d2e960e20b1c508e8e522e16453b (diff)
downloadembedlog-cd195e9bafd6d31807e6b187039996f541982d48.tar.gz
embedlog-cd195e9bafd6d31807e6b187039996f541982d48.tar.bz2
embedlog-cd195e9bafd6d31807e6b187039996f541982d48.zip
src/el-print.c: fix possible buffer overflow in el_print()
In case when message, finfo and colors are enabled and are full (their text is as long as defined max values) it was possible to overflow buffer. Very rare situation but surely it will happend, to someone one day. Not anymore, it won't. Signed-off-by: Michał Łyszczek <michal.lyszczek@bofc.pl>
-rw-r--r--src/el-print.c11
-rw-r--r--src/el-private.h10
-rw-r--r--tst/test-el-print.c13
3 files changed, 29 insertions, 5 deletions
diff --git a/src/el-print.c b/src/el-print.c
index 255d3b0..530ae60 100644
--- a/src/el-print.c
+++ b/src/el-print.c
@@ -229,11 +229,20 @@ static size_t el_finfo
return 0;
}
+ if (num > EL_PRE_FINFO_LINE_MAX_NUM)
+ {
+ /* line number is too large and may overflow buffer, limit
+ * it to max value
+ */
+
+ num = EL_PRE_FINFO_LINE_MAX_NUM;
+ }
+
base = el_basename(file);
buf[0] = '[';
buf[1] = '\0';
- strncat(buf, base, EL_PRE_FINFO_LEN);
+ strncat(buf, base, EL_FLEN_MAX);
fl = strlen(buf);
fl += sprintf(buf + fl, ":%d", num);
diff --git a/src/el-private.h b/src/el-private.h
index a336c2c..21d10ba 100644
--- a/src/el-private.h
+++ b/src/el-private.h
@@ -174,6 +174,16 @@ extern struct el g_el;
/* ==========================================================================
+ Numerical limit of line max, its stringified strlen() should not exceed
+ EL_PRE_FINFO_LINE_MAX_LEN. So if EL_PRE_FINFO_LINE_MAX_LEN is 2, best to
+ define it to 99, when 5 -> 99999.
+ ========================================================================== */
+
+
+#define EL_PRE_FINFO_LINE_MAX_NUM 9999999l
+
+
+/* ==========================================================================
maximum file info length. File info is a part with file name and line
number, it looks like this
diff --git a/tst/test-el-print.c b/tst/test-el-print.c
index 37aa33f..e5abe62 100644
--- a/tst/test-el-print.c
+++ b/tst/test-el-print.c
@@ -383,7 +383,7 @@ static int print_check(void)
tmp[i] = '\0';
strcpy(expected_file, expected.file);
- if (strcmp(tmp, basename(expected_file)) != 0)
+ if (strncmp(tmp, basename(expected_file), EL_FLEN_MAX) != 0)
{
/*
* file name in printed log is different than what we set
@@ -427,6 +427,11 @@ static int print_check(void)
msg++; /* skip ']' or ':' character */
tmp[i] = '\0';
+ if (expected.line > EL_PRE_FINFO_LINE_MAX_NUM)
+ {
+ expected.line = EL_PRE_FINFO_LINE_MAX_NUM;
+ }
+
if ((size_t)atoi(tmp) != expected.line)
{
/* line number in printed log is different than
@@ -1230,8 +1235,8 @@ static void print_truncate_with_date(void)
static void print_truncate_with_all_options(void)
{
char msg[EL_LOG_MAX + 3];
- char finfo[EL_FLEN_MAX + 1];
- char prefix[EL_PREFIX_MAX + 1];
+ char finfo[EL_FLEN_MAX + 3];
+ char prefix[EL_PREFIX_MAX + 3];
size_t fline;
/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
@@ -1248,7 +1253,7 @@ static void print_truncate_with_all_options(void)
memset(prefix, 'c', sizeof(prefix));
finfo[sizeof(finfo) - 1] = '\0';
prefix[sizeof(prefix) - 1] = '\0';
- fline = (size_t)pow(10, EL_PRE_FINFO_LINE_MAX_LEN) - 1;
+ fline = (size_t)pow(10, EL_PRE_FINFO_LINE_MAX_LEN + 2) - 1;
msg[sizeof(msg) - 1] = '\0';
msg[sizeof(msg) - 2] = '3';
msg[sizeof(msg) - 3] = '2';