[svn-r9825] Purpose:

Bug fix Description: Fix possible overrun in error description string by allocating large enough string on the fly. Platforms tested: FreeBSD 4.10 (sleipnir) Too minor to require h5committest
2024-11-27 02:10:55 +08:00 · 2005-01-14 14:36:01 -05:00 · 2005-01-14 14:36:01 -05:00 · 23130b569c
commit 23130b569c
parent d00ec8d85a
4 changed files with 42 additions and 8 deletions
--- a/src/H5E.c
+++ b/src/H5E.c
@ -1485,7 +1485,9 @@ H5Epush_stack(hid_t err_stack, const char *file, const char *func, unsigned line
    va_list     ap;             /* Varargs info */
    H5E_t       *estack;        /* Pointer to error stack to modify */
    H5E_msg_t   *maj_ptr, *min_ptr;     /* Pointer to major and minor error info */
-    char        tmp[H5E_LEN];   /* Buffer to place formatted description in */
+    int         tmp_len;        /* Current size of description buffer */
+    int         desc_len;       /* Actual length of description when formatted */
+    char        *tmp=NULL;      /* Buffer to place formatted description in */
    herr_t	ret_value=SUCCEED;      /* Return value */

    /* Don't clear the error stack! :-) */
@ -1513,7 +1515,20 @@ H5Epush_stack(hid_t err_stack, const char *file, const char *func, unsigned line

    /* Format the description */
    va_start(ap, fmt);
-    HDvsnprintf(tmp, H5E_LEN, fmt, ap);
+
+    /* Allocate space for the formatted description buffer */
+    tmp_len=128;
+    if((tmp=H5MM_malloc((size_t)tmp_len))==NULL)
+        HGOTO_ERROR (H5E_RESOURCE, H5E_NOSPACE, FAIL, "memory allocation failed")
+
+    /* If the description doesn't fit into the initial buffer size, allocate more space and try again */
+    while((desc_len=HDvsnprintf(tmp, (size_t)tmp_len, fmt, ap))>tmp_len) {
+        H5MM_xfree(tmp);
+        tmp_len = desc_len+1;
+        if((tmp=H5MM_malloc((size_t)tmp_len))==NULL)
+            HGOTO_ERROR (H5E_RESOURCE, H5E_NOSPACE, FAIL, "memory allocation failed")
+    } /* end while */
+
    va_end(ap);

    /* Push the error on the stack */
@ -1521,6 +1536,9 @@ H5Epush_stack(hid_t err_stack, const char *file, const char *func, unsigned line
        HGOTO_ERROR(H5E_ERROR, H5E_CANTSET, FAIL, "can't push error on stack")

 done:
+    if(tmp)
+        H5MM_xfree(tmp);
+
    FUNC_LEAVE_API(ret_value)
 }

--- a/src/H5Epublic.h
+++ b/src/H5Epublic.h
@ -27,10 +27,7 @@
 /* Value for the default error stack */
 #define H5E_DEFAULT             0

-/* Limit of error strings recorded */
-#define H5E_LEN                 128
-
-/* Take out _new later */
+/* Different kinds of error information */
 typedef enum H5E_type_t {
    H5E_MAJOR,
    H5E_MINOR
--- a/test/error_test.c
+++ b/test/error_test.c
@ -74,6 +74,8 @@ hid_t   ERR_MIN_GETNUM;
 #define SPACE2_DIM1	        10
 #define SPACE2_DIM2	        10

+#define LONG_DESC_SIZE          8192
+
 herr_t custom_print_cb(unsigned n, const H5E_error_t *err_desc, void* client_data);


@ -429,6 +431,8 @@ main(void)
    hid_t		file, fapl;
    hid_t               estack_id;
    char		filename[1024];
+    char                *long_desc;
+    size_t              u;
    const char          *FUNC_main="main";

    fprintf(stderr, "   This program tests the Error API.  There're supposed to be some error messages\n");
@ -446,8 +450,8 @@ main(void)
    /* Test error stack */ 
    if(error_stack()<0) {
        /* Push an error onto error stack */
-        H5Epush_stack(ERR_STACK, __FILE__, FUNC_main, __LINE__, ERR_CLS, ERR_MAJ_TEST, ERR_MIN_ERRSTACK, 
-                "Error stack test failed");
+        if(H5Epush_stack(ERR_STACK, __FILE__, FUNC_main, __LINE__, ERR_CLS, ERR_MAJ_TEST, ERR_MIN_ERRSTACK, 
+                "Error stack test failed")<0) TEST_ERROR;
        
        /* Delete an error from the top of error stack */
        H5Epop(ERR_STACK, 1);
@ -470,6 +474,17 @@ main(void)
        H5Eprint_stack(estack_id, stderr);
        H5Eclose_stack(estack_id);
    }
+
+    /* Test pushing a very long error description */
+    if((long_desc=HDmalloc(LONG_DESC_SIZE))==NULL) TEST_ERROR;
+
+    for(u=0; u<LONG_DESC_SIZE; u++)
+        long_desc[u]='A'+(u%26);
+    long_desc[LONG_DESC_SIZE-1]='\0';
+    if(H5Epush_stack(H5E_DEFAULT, __FILE__, FUNC_main, __LINE__, ERR_CLS, ERR_MAJ_TEST, ERR_MIN_SUBROUTINE, 
+            "Testing very long description string, %s", long_desc)<0) TEST_ERROR;
+    if(H5Eprint_stack(H5P_DEFAULT, stderr)<0) TEST_ERROR;
+    HDfree(long_desc);
    
    if (H5Fclose(file)<0) TEST_ERROR ;
    h5_cleanup(FILENAME, fapl);
--- a/test/testfiles/error_test_1
+++ b/test/testfiles/error_test_1