From 297aaf97a32ac16a2bc3f4bbc231d5de859ac02d Mon Sep 17 00:00:00 2001 From: kkinnunen Date: Thu, 19 Feb 2015 06:32:12 -0800 Subject: Avoid wrong memory access due to double substitution and %% Use the form SkDebugf("%s", arbitraryString) instead of SkDebugf(arbitraryString). Fixes the case where SkString::appendf-ing a string with "%%" and then printing the string with SkDebugf would cause uninitialized read and corrupted debug print. ninja -C out/Debug tools && valgrind --leak-check=full ./out/Debug/render_pictures --config gpu -w q -r ... ... ==7307== Conditional jump or move depends on uninitialised value(s) ==7307== at 0x6908475: __printf_fp (printf_fp.c:1180) ==7307== by 0x6904267: vfprintf (vfprintf.c:1629) ==7307== by 0x6906E53: buffered_vfprintf (vfprintf.c:2313) ==7307== by 0x690188D: vfprintf (vfprintf.c:1316) ==7307== by 0x67E8F5: SkDebugf(char const*, ...) (SkDebug_stdio.cpp:18) ==7307== by 0x7983F1: GrContext::printCacheStats() const (GrTest.cpp:54) ==7307== by 0x408ECF: tool_main(int, char**) (render_pictures_main.cpp:480) ==7307== by 0x40913E: main (render_pictures_main.cpp:511) ==7307== Budget: 2048 items 100663296 bytes Entry Count: current 652 (651 budgeted, 0 wrapped, 297 locked, 638 scratch 32 0.000000ull), high 652 Entry Bytes: current 51087658 (budgeted 49826658, 49 0.000000ull, 1261000 unbudgeted) high 51087658 (observe "ull" instead of "% full") (from mtklein) This CL is not editing public API. TBR=reed@google.com Review URL: https://codereview.chromium.org/943453002 --- include/utils/SkDebugUtils.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/utils/SkDebugUtils.h b/include/utils/SkDebugUtils.h index 2fa6d41313..fe276019ba 100644 --- a/include/utils/SkDebugUtils.h +++ b/include/utils/SkDebugUtils.h @@ -23,7 +23,7 @@ inline void SkDebugDumpMathematica( const T val ) { template inline void SkDebugDumpMathematica(const char *name, const T *array, int size) { - SkDebugf(name); + SkDebugf("%s", name); SkDebugf(" = {"); for (int i=0 ; i < size ; i++) { SkDebugDumpMathematica(array[i]); @@ -34,7 +34,7 @@ inline void SkDebugDumpMathematica(const char *name, const T *array, int size) { template inline void SkDebugDumpMathematica(const char *name, const T *array, int width, int height) { - SkDebugf(name); + SkDebugf("%s", name); SkDebugf(" = {\n"); for (int i=0 ; i < height ; i++) { SkDebugf(" {"); @@ -54,7 +54,7 @@ inline void SkDebugDumpMathematica(const char *name, const T *array, int width, template inline void SkDebugDumpMathematica( const char *name, const T val ) { - SkDebugf(name); + SkDebugf("%s", name); SkDebugf(" = "); SkDebugDumpMathematica(val); SkDebugf(";\n"); -- cgit v1.2.3