From b11e4aefbee765c0c09bbe1386ec78920f9162fd Mon Sep 17 00:00:00 2001 From: =?utf8?q?Beno=C3=AEt=20Ganne?= Date: Wed, 17 Jul 2019 11:45:20 +0200 Subject: [PATCH] vppinfra: elog: fix read overflow in string lookup MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit elog string hashtable use strlen() to determine string length for hashing, strings must be NULL-terminated for both inserts and lookups. Type: fix Fixes: 9c8ca8dd3197e40dfcb8bcecd95c10eeb56239ed Change-Id: I0680d39a9b89411055fd6adc89c9f253adfae32c Signed-off-by: Benoît Ganne --- src/vppinfra/elog.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/src/vppinfra/elog.c b/src/vppinfra/elog.c index 19d86bb70c0..12ac3a596e4 100644 --- a/src/vppinfra/elog.c +++ b/src/vppinfra/elog.c @@ -572,6 +572,12 @@ elog_string (elog_main_t * em, char *fmt, ...) em->string_table_tmp = va_format (em->string_table_tmp, fmt, &va); va_end (va); + /* String table entries MUST be NULL terminated */ + len = vec_len (em->string_table_tmp); + ASSERT (len > 0); + if (em->string_table_tmp[len - 1] != 0) + vec_add1 (em->string_table_tmp, 0); + /* See if we already have this string in the string table */ p = hash_get_mem (em->string_table_hash, em->string_table_tmp); @@ -582,11 +588,7 @@ elog_string (elog_main_t * em, char *fmt, ...) return (p[0]); } - /* We don't, so add it. String table entries MUST be NULL terminated */ - len = vec_len (em->string_table_tmp); - ASSERT (len > 0); - if (em->string_table_tmp[len - 1] != 0) - vec_add1 (em->string_table_tmp, 0); + /* We don't, so add it. */ offset = vec_len (em->string_table); vec_append (em->string_table, em->string_table_tmp); -- 2.16.6