diff options
author | Lassi Marttala <lassi.lm.marttala@partner.bmw.com> | 2012-02-21 12:16:23 +0100 |
---|---|---|
committer | Christian Muck <christian.muck@bmw.de> | 2012-04-04 14:30:09 +0200 |
commit | 64646a665c9fafc4454c67b6212702ed59e01c87 (patch) | |
tree | 510bc41181cfd9a0edd71325c3d1b3dcf52aa570 /src/shared | |
parent | 83059468ecd8ca6a68901f20477615cb58808c94 (diff) | |
download | DLT-daemon-64646a665c9fafc4454c67b6212702ed59e01c87.tar.gz |
GENDLT-15, Avoid buffer overrun with snprintf().
Check return value of dlt_user_log_write_start(_id) correctly.
Reduce the number of applications if allocation fails.
Make dlt_user_log_write_start inline
Improve error checking in dlt_user_log_write_start_id
Use databuffersize to avoid reallocations
Signed-off-by: Christian Muck <christian.muck@bmw.de>
Diffstat (limited to 'src/shared')
-rwxr-xr-x | src/shared/dlt_common.c | 27 |
1 files changed, 19 insertions, 8 deletions
diff --git a/src/shared/dlt_common.c b/src/shared/dlt_common.c index 4ebdaf1..31073d6 100755 --- a/src/shared/dlt_common.c +++ b/src/shared/dlt_common.c @@ -698,6 +698,7 @@ int dlt_message_init(DltMessage *msg,int verbose) msg->datasize = 0; msg->databuffer = 0; + msg->databuffersize = 0; msg->storageheader = 0; msg->standardheader = 0; @@ -720,8 +721,9 @@ int dlt_message_free(DltMessage *msg,int verbose) if (msg->databuffer) { free(msg->databuffer); + msg->databuffer = 0; + msg->databuffersize = 0; } - msg->databuffer = 0; return 0; } @@ -1241,11 +1243,16 @@ int dlt_message_read(DltMessage *msg,uint8_t *buffer,unsigned int length,int res /* free last used memory for buffer */ if (msg->databuffer) { - free(msg->databuffer); + if (msg->datasize>msg->databuffersize){ + free(msg->databuffer); + msg->databuffer=(uint8_t *)malloc(msg->datasize); + msg->databuffersize = msg->datasize; + } + }else{ + /* get new memory for buffer */ + msg->databuffer = (uint8_t *)malloc(msg->datasize); + msg->databuffersize = msg->datasize; } - - /* get new memory for buffer */ - msg->databuffer = (uint8_t *)malloc(msg->datasize); if (msg->databuffer == 0) { sprintf(str,"Cannot allocate memory for payload buffer of size %d!\n",msg->datasize); @@ -1588,13 +1595,17 @@ int dlt_file_read_data(DltFile *file, int verbose) } /* free last used memory for buffer */ - if (file->msg.databuffer) + if (file->msg.databuffer && (file->msg.databuffersize < file->msg.datasize)) { free(file->msg.databuffer); + file->msg.databuffer=0; } - /* get new memory for buffer */ - file->msg.databuffer = (uint8_t *)malloc(file->msg.datasize); + if (file->msg.databuffer == 0){ + /* get new memory for buffer */ + file->msg.databuffer = (uint8_t *)malloc(file->msg.datasize); + file->msg.databuffersize = file->msg.datasize; + } if (file->msg.databuffer == 0) { |