summaryrefslogtreecommitdiff
path: root/absl/synchronization/mutex.cc
diff options
context:
space:
mode:
authorGravatar Elijah Conners <business@elijahpepe.com>2022-07-19 22:37:47 -0700
committerGravatar Elijah Conners <business@elijahpepe.com>2022-07-19 22:37:47 -0700
commit68da198e67ef88a55dfb184b804b91534d9406fc (patch)
tree163c1955b106a3b2c2068d9e62d7f32b6328b667 /absl/synchronization/mutex.cc
parent0c8bd82e90bac01f8afc6afdd5754d9d9b16cf68 (diff)
fix(mutex): safely call snprintf
In the PostSynchEvent() function, the pos integer uses an implementation of snprintf that is fundamentally unsafe: since the return value of snprintf is the number of characters that would have been written to the buffer, if an operation reaches the end of the buffer with more than one character discarded, the return value will be greater than the buffer size, requiring a check of the buffer's current size. Signed-off-by: Elijah Conners <business@elijahpepe.com>
Diffstat (limited to 'absl/synchronization/mutex.cc')
-rw-r--r--absl/synchronization/mutex.cc6
1 files changed, 5 insertions, 1 deletions
diff --git a/absl/synchronization/mutex.cc b/absl/synchronization/mutex.cc
index 52e2455d..1e3ca35a 100644
--- a/absl/synchronization/mutex.cc
+++ b/absl/synchronization/mutex.cc
@@ -430,7 +430,11 @@ static void PostSynchEvent(void *obj, int ev) {
char buffer[ABSL_ARRAYSIZE(pcs) * 24];
int pos = snprintf(buffer, sizeof (buffer), " @");
for (int i = 0; i != n; i++) {
- pos += snprintf(&buffer[pos], sizeof (buffer) - pos, " %p", pcs[i]);
+ int b += snprintf(&buffer[pos], sizeof (buffer) - pos, " %p", pcs[i]);
+ if (b < 0 || b >= sizeof (buffer) - pos) {
+ break;
+ }
+ pos += b;
}
ABSL_RAW_LOG(INFO, "%s%p %s %s", event_properties[ev].msg, obj,
(e == nullptr ? "" : e->name), buffer);