From 5dc69d4ce1de5ac3c345cfb19873b491626215e1 Mon Sep 17 00:00:00 2001
From: Kostya Serebryany <kcc@google.com>
Date: Fri, 9 Sep 2016 02:13:27 +0000
Subject: [sanitizer] fix a potential buffer overflow due to
 __sanitizer_symbolize_pc (need to put a zero after strncmp). LOL

git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@281015 91177308-0d34-0410-b5e6-96231b3b80d8
---
 lib/sanitizer_common/sanitizer_stacktrace_libcdep.cc | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'lib/sanitizer_common/sanitizer_stacktrace_libcdep.cc')

diff --git a/lib/sanitizer_common/sanitizer_stacktrace_libcdep.cc b/lib/sanitizer_common/sanitizer_stacktrace_libcdep.cc
index 1d5af733c..522fbeb9a 100644
--- a/lib/sanitizer_common/sanitizer_stacktrace_libcdep.cc
+++ b/lib/sanitizer_common/sanitizer_stacktrace_libcdep.cc
@@ -88,11 +88,13 @@ extern "C" {
 SANITIZER_INTERFACE_ATTRIBUTE
 void __sanitizer_symbolize_pc(uptr pc, const char *fmt, char *out_buf,
                               uptr out_buf_size) {
+  if (!out_buf_size) return;
   using namespace __sanitizer;
   pc = StackTrace::GetPreviousInstructionPc(pc);
   SymbolizedStack *frame = Symbolizer::GetOrInit()->SymbolizePC(pc);
   if (!frame) {
     internal_strncpy(out_buf, "<can't symbolize>", out_buf_size);
+    out_buf[out_buf_size - 1] = 0;
     return;
   }
   InternalScopedString frame_desc(GetPageSizeCached());
@@ -100,5 +102,6 @@ void __sanitizer_symbolize_pc(uptr pc, const char *fmt, char *out_buf,
               common_flags()->symbolize_vs_style,
               common_flags()->strip_path_prefix);
   internal_strncpy(out_buf, frame_desc.data(), out_buf_size);
+  out_buf[out_buf_size - 1] = 0;
 }
 }  // extern "C"
-- 
cgit v1.2.3