From: Benoît Ganne <bganne@cisco.com>
Date: Wed, 17 Jul 2019 09:45:20 +0000 (+0200)
Subject: vppinfra: elog: fix read overflow in string lookup
X-Git-Tag: v20.01-rc0~167
X-Git-Url: https://gerrit.fd.io/r/gitweb?a=commitdiff_plain;h=b11e4aefbee765c0c09bbe1386ec78920f9162fd;p=vpp.git

vppinfra: elog: fix read overflow in string lookup

elog string hashtable use strlen() to determine string length for
hashing, strings must be NULL-terminated for both inserts and lookups.

Type: fix
Fixes: 9c8ca8dd3197e40dfcb8bcecd95c10eeb56239ed

Change-Id: I0680d39a9b89411055fd6adc89c9f253adfae32c
Signed-off-by: Benoît Ganne <bganne@cisco.com>
---

diff --git a/src/vppinfra/elog.c b/src/vppinfra/elog.c
index 19d86bb70c0..12ac3a596e4 100644
--- a/src/vppinfra/elog.c
+++ b/src/vppinfra/elog.c
@@ -572,6 +572,12 @@ elog_string (elog_main_t * em, char *fmt, ...)
   em->string_table_tmp = va_format (em->string_table_tmp, fmt, &va);
   va_end (va);
 
+  /* String table entries MUST be NULL terminated */
+  len = vec_len (em->string_table_tmp);
+  ASSERT (len > 0);
+  if (em->string_table_tmp[len - 1] != 0)
+    vec_add1 (em->string_table_tmp, 0);
+
   /* See if we already have this string in the string table */
   p = hash_get_mem (em->string_table_hash, em->string_table_tmp);
 
@@ -582,11 +588,7 @@ elog_string (elog_main_t * em, char *fmt, ...)
       return (p[0]);
     }
 
-  /* We don't, so add it. String table entries MUST be NULL terminated */
-  len = vec_len (em->string_table_tmp);
-  ASSERT (len > 0);
-  if (em->string_table_tmp[len - 1] != 0)
-    vec_add1 (em->string_table_tmp, 0);
+  /* We don't, so add it. */
 
   offset = vec_len (em->string_table);
   vec_append (em->string_table, em->string_table_tmp);