[compiler-rt] Fix incorrect use of snprintf

Summary: snprintf returns buffer size needed for printing. If buffer was small, calling code receives incorrectly symbolized buffer and fail. Reviewers: eugenis Subscribers: kubamracek, dberris, kcc Differential Revision: https://reviews.llvm.org/D29440 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@293930 91177308-0d34-0410-b5e6-96231b3b80d8
author: Vitaly Buka <vitalybuka@google.com> 2017-02-02 20:10:07 +0000
committer: Vitaly Buka <vitalybuka@google.com> 2017-02-02 20:10:07 +0000
commit: 67248be160a147a711e2f6b53b6a3270dca7dd21 (patch)
tree: 6bea644b1788e6a0e31a36c5dcb98326c7832efb /lib
parent: dafbfeaa2a09e1fec8fa81304bfb80bb0b36763d (diff)
3 files changed, 25 insertions, 11 deletions
diff --git a/lib/sanitizer_common/sanitizer_symbolizer_libcdep.cc b/lib/sanitizer_common/sanitizer_symbolizer_libcdep.cc
index 7c377a729..483467090 100644
--- a/lib/sanitizer_common/sanitizer_symbolizer_libcdep.cc
+++ b/lib/sanitizer_common/sanitizer_symbolizer_libcdep.cc
@@ -356,11 +356,19 @@ const char *LLVMSymbolizer::FormatAndSendCommand(bool is_data,
   CHECK(module_name);
   const char *is_data_str = is_data ? "DATA " : "";
   if (arch == kModuleArchUnknown) {
-    internal_snprintf(buffer_, kBufferSize, "%s\"%s\" 0x%zx\n", is_data_str,
-                      module_name, module_offset);
+    if (internal_snprintf(buffer_, kBufferSize, "%s\"%s\" 0x%zx\n", is_data_str,
+                          module_name,
+                          module_offset) >= static_cast<int>(kBufferSize)) {
+      Report("WARNING: Command buffer too small");
+      return nullptr;
+    }
   } else {
-    internal_snprintf(buffer_, kBufferSize, "%s\"%s:%s\" 0x%zx\n", is_data_str,
-                      module_name, ModuleArchToString(arch), module_offset);
+    if (internal_snprintf(buffer_, kBufferSize, "%s\"%s:%s\" 0x%zx\n",
+                          is_data_str, module_name, ModuleArchToString(arch),
+                          module_offset) >= static_cast<int>(kBufferSize)) {
+      Report("WARNING: Command buffer too small");
+      return nullptr;
+    }
   }
   return symbolizer_process_->SendCommand(buffer_);
 }
@@ -426,6 +434,11 @@ bool SymbolizerProcess::ReadFromSymbolizer(char *buffer, uptr max_length) {
     read_len += just_read;
     if (ReachedEndOfOutput(buffer, read_len))
       break;
+    if (read_len + 1 == max_length) {
+      Report("WARNING: Symbolizer buffer too small");
+      read_len = 0;
+      break;
+    }
   }
   buffer[read_len] = '\0';
   return true;
diff --git a/lib/sanitizer_common/sanitizer_symbolizer_posix_libcdep.cc b/lib/sanitizer_common/sanitizer_symbolizer_posix_libcdep.cc
index f50d8b184..d3c77b510 100644
--- a/lib/sanitizer_common/sanitizer_symbolizer_posix_libcdep.cc
+++ b/lib/sanitizer_common/sanitizer_symbolizer_posix_libcdep.cc
@@ -424,7 +424,6 @@ class InternalSymbolizer : public SymbolizerTool {
   InternalSymbolizer() { }
 
   static const int kBufferSize = 16 * 1024;
-  static const int kMaxDemangledNameSize = 1024;
   char buffer_[kBufferSize];
 };
 #else  // SANITIZER_SUPPORTS_WEAK_HOOKS
diff --git a/lib/sanitizer_common/symbolizer/sanitizer_symbolize.cc b/lib/sanitizer_common/symbolizer/sanitizer_symbolize.cc
index bd315a0c9..7970786a5 100644
--- a/lib/sanitizer_common/symbolizer/sanitizer_symbolize.cc
+++ b/lib/sanitizer_common/symbolizer/sanitizer_symbolize.cc
@@ -41,8 +41,8 @@ bool __sanitizer_symbolize_code(const char *ModuleName, uint64_t ModuleOffset,
         getDefaultSymbolizer()->symbolizeInlinedCode(ModuleName, ModuleOffset);
     Printer << (ResOrErr ? ResOrErr.get() : llvm::DIInliningInfo());
   }
-  __sanitizer::internal_snprintf(Buffer, MaxLength, "%s", Result.c_str());
-  return true;
+  return __sanitizer::internal_snprintf(Buffer, MaxLength, "%s",
+                                        Result.c_str()) < MaxLength;
 }
 
 bool __sanitizer_symbolize_data(const char *ModuleName, uint64_t ModuleOffset,
@@ -55,8 +55,8 @@ bool __sanitizer_symbolize_data(const char *ModuleName, uint64_t ModuleOffset,
         getDefaultSymbolizer()->symbolizeData(ModuleName, ModuleOffset);
     Printer << (ResOrErr ? ResOrErr.get() : llvm::DIGlobal());
   }
-  __sanitizer::internal_snprintf(Buffer, MaxLength, "%s", Result.c_str());
-  return true;
+  return __sanitizer::internal_snprintf(Buffer, MaxLength, "%s",
+                                        Result.c_str()) < MaxLength;
 }
 
 void __sanitizer_symbolize_flush() { getDefaultSymbolizer()->flush(); }
@@ -65,8 +65,10 @@ int __sanitizer_symbolize_demangle(const char *Name, char *Buffer,
                                    int MaxLength) {
   std::string Result =
       llvm::symbolize::LLVMSymbolizer::DemangleName(Name, nullptr);
-  __sanitizer::internal_snprintf(Buffer, MaxLength, "%s", Result.c_str());
-  return static_cast<int>(Result.size() + 1);
+  return __sanitizer::internal_snprintf(Buffer, MaxLength, "%s",
+                                        Result.c_str()) < MaxLength
+             ? static_cast<int>(Result.size() + 1)
+             : 0;
 }
 
 }  // extern "C"
author	Vitaly Buka <vitalybuka@google.com>	2017-02-02 20:10:07 +0000
committer	Vitaly Buka <vitalybuka@google.com>	2017-02-02 20:10:07 +0000
commit	67248be160a147a711e2f6b53b6a3270dca7dd21 (patch)
tree	6bea644b1788e6a0e31a36c5dcb98326c7832efb /lib
parent	dafbfeaa2a09e1fec8fa81304bfb80bb0b36763d (diff)