From: Florian Krohm Date: Fri, 19 Dec 2014 20:29:22 +0000 (+0000) Subject: Buffer audit. Resize a few. X-Git-Tag: svn/VALGRIND_3_11_0~762 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ae89e282cc88c50609e5fbb371eba940bba87923;p=thirdparty%2Fvalgrind.git Buffer audit. Resize a few. git-svn-id: svn://svn.valgrind.org/valgrind/trunk@14824 --- diff --git a/callgrind/main.c b/callgrind/main.c index 0180ec6490..6845d9d40e 100644 --- a/callgrind/main.c +++ b/callgrind/main.c @@ -1656,8 +1656,9 @@ Bool CLG_(handle_client_request)(ThreadId tid, UWord *args, UWord *ret) case VG_USERREQ__DUMP_STATS_AT: { - HChar buf[512]; - VG_(sprintf)(buf,"Client Request: %s", (HChar*)args[1]); + const HChar *arg = (HChar*)args[1]; + HChar buf[30 + VG_(strlen)(arg)]; // large enough + VG_(sprintf)(buf,"Client Request: %s", arg); CLG_(dump_profile)(buf, True); *ret = 0; /* meaningless */ } diff --git a/callgrind/threads.c b/callgrind/threads.c index 9c432718c0..023009f008 100644 --- a/callgrind/threads.c +++ b/callgrind/threads.c @@ -179,7 +179,7 @@ void CLG_(run_thread)(ThreadId tid) { /* check for dumps needed */ static ULong bbs_done = 0; - static HChar buf[512]; + HChar buf[50]; // large enough if (CLG_(clo).dump_every_bb >0) { if (CLG_(stat).bb_executions - bbs_done > CLG_(clo).dump_every_bb) { diff --git a/coregrind/m_aspacemgr/aspacemgr-linux.c b/coregrind/m_aspacemgr/aspacemgr-linux.c index 17f4ab0db6..c5ad4d9e17 100644 --- a/coregrind/m_aspacemgr/aspacemgr-linux.c +++ b/coregrind/m_aspacemgr/aspacemgr-linux.c @@ -1116,7 +1116,7 @@ Bool VG_(am_do_sync_check) ( const HChar* fn, # if 0 { - HChar buf[100]; + HChar buf[100]; // large enough VG_(am_show_nsegments)(0,"post syncheck failure"); VG_(sprintf)(buf, "/bin/cat /proc/%d/maps", VG_(getpid)()); VG_(system)(buf); diff --git a/coregrind/m_gdbserver/server.c b/coregrind/m_gdbserver/server.c index 7f2e5c908d..85242f12ab 100644 --- a/coregrind/m_gdbserver/server.c +++ b/coregrind/m_gdbserver/server.c @@ -720,7 +720,6 @@ void handle_query (char *arg_own_buf, int *new_packet_len_p) unsigned long gdb_id; struct thread_info *ti; ThreadState *tst; - char status[100]; gdb_id = strtoul (&arg_own_buf[17], NULL, 16); ti = gdb_id_to_thread (gdb_id); @@ -728,6 +727,13 @@ void handle_query (char *arg_own_buf, int *new_packet_len_p) tst = (ThreadState *) inferior_target_data (ti); /* Additional info is the tid, the thread status and the thread's name, if any. */ + SizeT len = strlen(VG_(name_of_ThreadStatus)(tst->status)) + 20; + if (tst->thread_name) len += strlen(tst->thread_name); + /* As the string will be hexified and copied into own_buf we need + to limit the length to avoid buffer overflow. */ + if (len * 2 > (PBUFSIZ + POVERHSIZ)) + len = (PBUFSIZ + POVERHSIZ) / 2; + char status[len]; if (tst->thread_name) { VG_(snprintf) (status, sizeof(status), "tid %d %s %s", tst->tid, diff --git a/coregrind/m_gdbserver/target.c b/coregrind/m_gdbserver/target.c index e24822823a..4a738d2b59 100644 --- a/coregrind/m_gdbserver/target.c +++ b/coregrind/m_gdbserver/target.c @@ -43,7 +43,7 @@ static struct valgrind_target_ops the_low_target; static char *image_ptid(unsigned long ptid) { - static char result[100]; + static char result[50]; // large enough VG_(sprintf) (result, "id %ld", ptid); return result; } diff --git a/coregrind/m_scheduler/scheduler.c b/coregrind/m_scheduler/scheduler.c index c45b147bbd..4faf001649 100644 --- a/coregrind/m_scheduler/scheduler.c +++ b/coregrind/m_scheduler/scheduler.c @@ -267,8 +267,7 @@ void VG_(acquire_BigLock)(ThreadId tid, const HChar* who) #if 0 if (VG_(clo_trace_sched)) { - HChar buf[100]; - vg_assert(VG_(strlen)(who) <= 100-50); + HChar buf[VG_(strlen)(who) + 30]; VG_(sprintf)(buf, "waiting for lock (%s)", who); print_sched_event(tid, buf); } @@ -298,8 +297,7 @@ void VG_(acquire_BigLock)(ThreadId tid, const HChar* who) } if (VG_(clo_trace_sched)) { - HChar buf[150]; - vg_assert(VG_(strlen)(who) <= 150-50); + HChar buf[VG_(strlen)(who) + 30]; VG_(sprintf)(buf, " acquired lock (%s)", who); print_sched_event(tid, buf); } @@ -328,10 +326,9 @@ void VG_(release_BigLock)(ThreadId tid, ThreadStatus sleepstate, VG_(running_tid) = VG_INVALID_THREADID; if (VG_(clo_trace_sched)) { - HChar buf[200]; - vg_assert(VG_(strlen)(who) <= 200-100); - VG_(sprintf)(buf, "releasing lock (%s) -> %s", - who, VG_(name_of_ThreadStatus)(sleepstate)); + const HChar *status = VG_(name_of_ThreadStatus)(sleepstate); + HChar buf[VG_(strlen)(who) + VG_(strlen)(status) + 30]; + VG_(sprintf)(buf, "releasing lock (%s) -> %s", who, status); print_sched_event(tid, buf); } diff --git a/coregrind/m_sigframe/sigframe-ppc32-linux.c b/coregrind/m_sigframe/sigframe-ppc32-linux.c index 8731c4f90b..aae1d2f779 100644 --- a/coregrind/m_sigframe/sigframe-ppc32-linux.c +++ b/coregrind/m_sigframe/sigframe-ppc32-linux.c @@ -107,7 +107,7 @@ struct nonrt_sigframe { struct vki_sigcontext sigcontext; struct vki_mcontext mcontext; struct vg_sig_private priv; - unsigned char abigap[224]; + unsigned char abigap[224]; // unused }; /* Structure put on stack for signal handlers with SA_SIGINFO set. */ @@ -116,7 +116,7 @@ struct rt_sigframe { vki_siginfo_t siginfo; struct vki_ucontext ucontext; struct vg_sig_private priv; - unsigned char abigap[224]; + unsigned char abigap[224]; // unused }; #define SET_SIGNAL_LR(zztst, zzval) \ diff --git a/coregrind/m_sigframe/sigframe-ppc64-linux.c b/coregrind/m_sigframe/sigframe-ppc64-linux.c index 17a3c501f8..459d6b1c0c 100644 --- a/coregrind/m_sigframe/sigframe-ppc64-linux.c +++ b/coregrind/m_sigframe/sigframe-ppc64-linux.c @@ -114,7 +114,7 @@ struct rt_sigframe { void* puc; vki_siginfo_t info; struct vg_sig_private priv; - UChar abigap[288]; + UChar abigap[288]; // unused }; #define SET_SIGNAL_LR(zztst, zzval) \ diff --git a/coregrind/m_signals.c b/coregrind/m_signals.c index cf61137203..508f315116 100644 --- a/coregrind/m_signals.c +++ b/coregrind/m_signals.c @@ -1219,7 +1219,7 @@ void do_sigprocmask_bitops ( Int vki_how, static HChar* format_sigset ( const vki_sigset_t* set ) { - static HChar buf[128]; + static HChar buf[_VKI_NSIG_WORDS * 16 + 1]; int w; VG_(strcpy)(buf, ""); @@ -1647,7 +1647,7 @@ static void default_action(const vki_siginfo_t *info, ThreadId tid) } #if 0 { - HChar buf[110]; + HChar buf[50]; // large enough VG_(am_show_nsegments)(0,"post segfault"); VG_(sprintf)(buf, "/bin/cat /proc/%d/maps", VG_(getpid)()); VG_(system)(buf); diff --git a/coregrind/vgdb-invoker-ptrace.c b/coregrind/vgdb-invoker-ptrace.c index 1d43390bad..e9d1392ee7 100644 --- a/coregrind/vgdb-invoker-ptrace.c +++ b/coregrind/vgdb-invoker-ptrace.c @@ -226,7 +226,7 @@ HChar* name_of_ThreadStatus ( ThreadStatus status ) static char *status_image (int status) { - static char result[256]; + static char result[256]; // large enough int sz = 0; #define APPEND(...) sz += snprintf (result+sz, 256 - sz - 1, __VA_ARGS__) diff --git a/helgrind/libhb_core.c b/helgrind/libhb_core.c index 1668df8611..b146e0a7ad 100644 --- a/helgrind/libhb_core.c +++ b/helgrind/libhb_core.c @@ -1089,7 +1089,7 @@ static void sprintf_Byte ( /*OUT*/HChar* dst, UChar byte ) { static Bool is_sane_Descr_and_Tree ( UShort descr, SVal* tree ) { Word i; UChar validbits = descr_to_validbits(descr); - HChar buf[128], buf2[128]; + HChar buf[128], buf2[128]; // large enough if (validbits == 0) goto bad; for (i = 0; i < 8; i++) {