mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2025-11-03 09:01:54 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

logger: switch snprintf to spa_snprintf

Browse source 
The two are functionally equivalent, but spa_snprintf never returns a value
higher than the size, preventing memory corruption where our input string
exceeds the target buffer size (see c851349f1).

Niche case: we can no longer differ between real overflow and fitting an
N-byte string into an N+1 sized buffer, we now get a "...truncated" message
now for log messages of exactly 999 bytes long.
This commit is contained in:
Peter Hutterer 2021-05-31 09:56:27 +10:00
parent 47c173c83f
commit 48eadac1f1
1 changed files with 8 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

16
spa/plugins/support/logger.c
View file

@ -101,28 +101,28 @@ impl_log_logv(void *object,
p = location; p = location;
len = sizeof(location) - RESERVED_LENGTH; len = sizeof(location) - RESERVED_LENGTH;
size = snprintf(p, len, "%s[%s]", prefix, levels[level]); size = spa_scnprintf(p, len, "%s[%s]", prefix, levels[level]);
if (impl->timestamp) { if (impl->timestamp) {
struct timespec now; struct timespec now;
clock_gettime(CLOCK_MONOTONIC_RAW, &now); clock_gettime(CLOCK_MONOTONIC_RAW, &now);
size += snprintf(p + size, len - size, "[%09lu.%06lu]", size += spa_scnprintf(p + size, len - size, "[%09lu.%06lu]",
now.tv_sec & 0x1FFFFFFF, now.tv_nsec / 1000); now.tv_sec & 0x1FFFFFFF, now.tv_nsec / 1000);
} }
if (impl->line && line != 0) { if (impl->line && line != 0) {
s = strrchr(file, '/'); s = strrchr(file, '/');
size += snprintf(p + size, len - size, "[%s:%i %s()]", size += spa_scnprintf(p + size, len - size, "[%s:%i %s()]",
s ? s + 1 : file, line, func); s ? s + 1 : file, line, func);
} }
size += snprintf(p + size, len - size, " "); size += spa_scnprintf(p + size, len - size, " ");
/* /*
* it is assumed that at this point `size` <= `len`, * it is assumed that at this point `size` <= `len`,
* which is reasonable as long as file names and function names * which is reasonable as long as file names and function names
* don't become very long * don't become very long
*/ */
size += vsnprintf(p + size, len - size, fmt, args); size += spa_vscnprintf(p + size, len - size, fmt, args);
/* /*
* `RESERVED_LENGTH` bytes are reserved for printing the suffix * `RESERVED_LENGTH` bytes are reserved for printing the suffix
@ -132,16 +132,16 @@ impl_log_logv(void *object,
*/ */
/* if the message could not fit entirely... */ /* if the message could not fit entirely... */
if (size >= len) { if (size >= len - 1) {
size = len - 1; /* index of the null byte */ size = len - 1; /* index of the null byte */
len = sizeof(location); len = sizeof(location);
size += snprintf(p + size, len - size, "... (truncated)"); size += spa_scnprintf(p + size, len - size, "... (truncated)");
} }
else { else {
len = sizeof(location); len = sizeof(location);
} }
size += snprintf(p + size, len - size, "%s\n", suffix); size += spa_scnprintf(p + size, len - size, "%s\n", suffix);
if (SPA_UNLIKELY(do_trace)) { if (SPA_UNLIKELY(do_trace)) {
uint32_t index; uint32_t index;