mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2025-11-01 22:58:50 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

logger: switch snprintf to spa_snprintf

Browse source 
The two are functionally equivalent, but spa_snprintf never returns a value
higher than the size, preventing memory corruption where our input string
exceeds the target buffer size (see c851349f1).

Niche case: we can no longer differ between real overflow and fitting an
N-byte string into an N+1 sized buffer, we now get a "...truncated" message
now for log messages of exactly 999 bytes long.
This commit is contained in:
Peter Hutterer 2021-05-31 09:56:27 +10:00
parent 47c173c83f
commit 48eadac1f1
1 changed files with 8 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

16
spa/plugins/support/logger.c
View file

@ -101,28 +101,28 @@ impl_log_logv(void *object,
p = location;
len = sizeof(location) - RESERVED_LENGTH;
size = snprintf(p, len, "%s[%s]", prefix, levels[level]);
size = spa_scnprintf(p, len, "%s[%s]", prefix, levels[level]);
if (impl->timestamp) {
struct timespec now;
clock_gettime(CLOCK_MONOTONIC_RAW, &now);
size += snprintf(p + size, len - size, "[%09lu.%06lu]",
size += spa_scnprintf(p + size, len - size, "[%09lu.%06lu]",
now.tv_sec & 0x1FFFFFFF, now.tv_nsec / 1000);
}
if (impl->line && line != 0) {
s = strrchr(file, '/');
size += snprintf(p + size, len - size, "[%s:%i %s()]",
size += spa_scnprintf(p + size, len - size, "[%s:%i %s()]",
s ? s + 1 : file, line, func);
}
size += snprintf(p + size, len - size, " ");
size += spa_scnprintf(p + size, len - size, " ");
/*
* it is assumed that at this point `size` <= `len`,
* which is reasonable as long as file names and function names
* don't become very long
*/
size += vsnprintf(p + size, len - size, fmt, args);
size += spa_vscnprintf(p + size, len - size, fmt, args);
/*
* `RESERVED_LENGTH` bytes are reserved for printing the suffix
@ -132,16 +132,16 @@ impl_log_logv(void *object,
*/
/* if the message could not fit entirely... */
if (size >= len) {
if (size >= len - 1) {
size = len - 1; /* index of the null byte */
len = sizeof(location);
size += snprintf(p + size, len - size, "... (truncated)");
size += spa_scnprintf(p + size, len - size, "... (truncated)");
}
else {
len = sizeof(location);
}
size += snprintf(p + size, len - size, "%s\n", suffix);
size += spa_scnprintf(p + size, len - size, "%s\n", suffix);
if (SPA_UNLIKELY(do_trace)) {
uint32_t index;