commit cf6e734a9f88b521a5116b7ca119b3a26aede1a8
author florian <florian@a5019735-40e9-0310-863c-91ae7b9d1cf9> Sun Sep 28 13:29:06 2014 +0000
committer florian <florian@a5019735-40e9-0310-863c-91ae7b9d1cf9> Sun Sep 28 13:29:06 2014 +0000
tree ce8efaec7aef06f145f558735c986389b0f18ca7
parent 3b860fc34b9e4bbbc9682ee2b1e2736f233401b9

Merge r14229 from the BUF_REMOVAL branch to trunk.
Function MC_(snprintf_delta) requires a buffer of size 31 or larger to
avoid overflow.Add an assert, change and document the buffer size and
fix all call sites. Remove magic constants along the way.


git-svn-id: svn://svn.valgrind.org/valgrind/trunk@14583 a5019735-40e9-0310-863c-91ae7b9d1cf9

memcheck/mc_errors.c

diff --git a/memcheck/mc_errors.c b/memcheck/mc_errors.c
index e6a2133..2efa2b6 100644
--- a/memcheck/mc_errors.c
+++ b/memcheck/mc_errors.c
@@ -305,6 +305,12 @@
                              SizeT current_val, SizeT old_val, 
                              LeakCheckDeltaMode delta_mode)
 {
+   // Make sure the buffer size is large enough. With old_val == 0 and
+   // current_val == ULLONG_MAX the delta including inserted commas is:
+   // 18,446,744,073,709,551,615
+   // whose length is 26. Therefore:
+   tl_assert(size >= 26 + 4 + 1);
+
    if (delta_mode == LCD_Any)
       buf[0] = '\0';
    else if (current_val >= old_val)
@@ -320,24 +326,24 @@
 {
    // char arrays to produce the indication of increase/decrease in case
    // of delta_mode != LCD_Any
-   HChar d_bytes[20];
-   HChar d_direct_bytes[20];
-   HChar d_indirect_bytes[20];
-   HChar d_num_blocks[20];
+   HChar d_bytes[31];
+   HChar d_direct_bytes[31];
+   HChar d_indirect_bytes[31];
+   HChar d_num_blocks[31];
 
-   MC_(snprintf_delta) (d_bytes, 20, 
+   MC_(snprintf_delta) (d_bytes, sizeof(d_bytes),
                         lr->szB + lr->indirect_szB, 
                         lr->old_szB + lr->old_indirect_szB,
                         MC_(detect_memory_leaks_last_delta_mode));
-   MC_(snprintf_delta) (d_direct_bytes, 20,
+   MC_(snprintf_delta) (d_direct_bytes, sizeof(d_direct_bytes),
                         lr->szB,
                         lr->old_szB,
                         MC_(detect_memory_leaks_last_delta_mode));
-   MC_(snprintf_delta) (d_indirect_bytes, 20,
+   MC_(snprintf_delta) (d_indirect_bytes, sizeof(d_indirect_bytes),
                         lr->indirect_szB,
                         lr->old_indirect_szB,
                         MC_(detect_memory_leaks_last_delta_mode));
-   MC_(snprintf_delta) (d_num_blocks, 20,
+   MC_(snprintf_delta) (d_num_blocks, sizeof(d_num_blocks),
                         (SizeT) lr->num_blocks,
                         (SizeT) lr->old_num_blocks,
                         MC_(detect_memory_leaks_last_delta_mode));

memcheck/mc_leakcheck.c

diff --git a/memcheck/mc_leakcheck.c b/memcheck/mc_leakcheck.c
index 8b624e2..f02e75c 100644
--- a/memcheck/mc_leakcheck.c
+++ b/memcheck/mc_leakcheck.c
@@ -1427,12 +1427,14 @@
    }
 
    if (VG_(clo_verbosity) > 0 && !VG_(clo_xml)) {
-      HChar d_bytes[20];
-      HChar d_blocks[20];
+      HChar d_bytes[31];
+      HChar d_blocks[31];
 #     define DBY(new,old) \
-      MC_(snprintf_delta) (d_bytes, 20, (new), (old), lcp->deltamode)
+      MC_(snprintf_delta) (d_bytes, sizeof(d_bytes), (new), (old), \
+                           lcp->deltamode)
 #     define DBL(new,old) \
-      MC_(snprintf_delta) (d_blocks, 20, (new), (old), lcp->deltamode)
+      MC_(snprintf_delta) (d_blocks, sizeof(d_blocks), (new), (old), \
+                           lcp->deltamode)
 
       VG_(umsg)("LEAK SUMMARY:\n");
       VG_(umsg)("   definitely lost: %'lu%s bytes in %'lu%s blocks\n",