[lib][memlog] Sanitize u32 overflow of the log ring buffer write index
Fix the ubsan abort observed when reaching the unsigned
integer overflow of the write index.
Bug: 189783664
Change-Id: I19e6fc4cc492f4a1d2b71bbad7e9372915d89704
diff --git a/lib/memlog/memlog.c b/lib/memlog/memlog.c
index 683fb3e..37905f2 100644
--- a/lib/memlog/memlog.c
+++ b/lib/memlog/memlog.c
@@ -78,13 +78,16 @@
struct log_rb* rb = log->rb;
log_offset = rb->alloc;
- rb->alloc += len;
+
+ __builtin_add_overflow(rb->alloc, len, &rb->alloc);
/* Updates to alloc should be visible before the data is written. */
wmb();
for (i = 0; i < len; i++) {
- uint32_t offset = (log_offset + i) & (log->rb_sz - 1);
+ uint32_t offset;
+ __builtin_add_overflow(log_offset, i, &offset);
+ offset &= (log->rb_sz - 1);
volatile char* ptr = &rb->data[offset];
*ptr = str[i];
}
