Avoid potentially unsafe snprintf usage in FPSCounter.

snprintf returns the number of bytes it would have written when it runs out of space. This patch makes sure we properly handle this unlikely event in FPSCounter. This patch also makes sure we don't print out the contents of an uninitialized buffer.
author: wolfbeast <mcwerewolf@gmail.com> 2017-10-04 14:14:24 +0200
committer: wolfbeast <mcwerewolf@gmail.com> 2018-02-08 13:19:30 +0100
commit: b9b545e7ddcbbe5934d905805db1d6a436862737 (patch)
tree: ba8053a45cafd30f929d098253828d596b0a7f51
parent: c247ba5ab8f600fd748bc914524ae1ee17369062 (diff)
download: UXP-b9b545e7ddcbbe5934d905805db1d6a436862737.tar
UXP-b9b545e7ddcbbe5934d905805db1d6a436862737.tar.gz
UXP-b9b545e7ddcbbe5934d905805db1d6a436862737.tar.lz
UXP-b9b545e7ddcbbe5934d905805db1d6a436862737.tar.xz
UXP-b9b545e7ddcbbe5934d905805db1d6a436862737.zip
1 files changed, 21 insertions, 6 deletions
diff --git a/gfx/layers/composite/FPSCounter.cpp b/gfx/layers/composite/FPSCounter.cpp
index 02ffc4b2c..b8e93eb97 100644
--- a/gfx/layers/composite/FPSCounter.cpp
+++ b/gfx/layers/composite/FPSCounter.cpp
@@ -210,7 +210,10 @@ FPSCounter::WriteFrameTimeStamps(PRFileDesc* fd)
   const int bufferSize = 256;
   char buffer[bufferSize];
   int writtenCount = SprintfLiteral(buffer, "FPS Data for: %s\n", mFPSName);
-  MOZ_ASSERT(writtenCount >= 0);
+  MOZ_ASSERT(writtenCount < bufferSize);
+  if (writtenCount >= bufferSize) {
+    return;
+  }
   PR_Write(fd, buffer, writtenCount);
 
   ResetReverseIterator();
@@ -225,8 +228,10 @@ FPSCounter::WriteFrameTimeStamps(PRFileDesc* fd)
   while (HasNext(startTimeStamp)) {
     TimeDuration duration = previousSample - nextTimeStamp;
     writtenCount = SprintfLiteral(buffer, "%f,\n", duration.ToMilliseconds());
-
-    MOZ_ASSERT(writtenCount >= 0);
+    MOZ_ASSERT(writtenCount < bufferSize);
+    if (writtenCount >= bufferSize) {
+      continue;
+    }
     PR_Write(fd, buffer, writtenCount);
 
     previousSample = nextTimeStamp;
@@ -299,8 +304,13 @@ FPSCounter::PrintFPS()
 void
 FPSCounter::PrintHistogram(std::map<int, int>& aHistogram)
 {
+  if (aHistogram.size() == 0) {
+    return;
+  }
+
   int length = 0;
   const int kBufferLength = 512;
+  int availableSpace = kBufferLength;
   char buffer[kBufferLength];
 
   for (std::map<int, int>::iterator iter = aHistogram.begin();
@@ -309,9 +319,14 @@ FPSCounter::PrintHistogram(std::map<int, int>& aHistogram)
     int fps = iter->first;
     int count = iter->second;
 
-    length += snprintf(buffer + length, kBufferLength - length,
-                       "FPS: %d = %d. ", fps, count);
-    NS_ASSERTION(length >= kBufferLength, "Buffer overrun while printing FPS histogram.");
+    int lengthRequired = snprintf(buffer + length, availableSpace,
+                                  "FPS: %d = %d. ", fps, count);
+    // Ran out of buffer space. Oh well - just print what we have.
+    if (lengthRequired > availableSpace) {
+      break;
+    }
+    length += lengthRequired;
+    availableSpace -= lengthRequired;
   }
 
   printf_stderr("%s\n", buffer);
author	wolfbeast <mcwerewolf@gmail.com>	2017-10-04 14:14:24 +0200
committer	wolfbeast <mcwerewolf@gmail.com>	2018-02-08 13:19:30 +0100
commit	b9b545e7ddcbbe5934d905805db1d6a436862737 (patch)
tree	ba8053a45cafd30f929d098253828d596b0a7f51
parent	c247ba5ab8f600fd748bc914524ae1ee17369062 (diff)
download	UXP-b9b545e7ddcbbe5934d905805db1d6a436862737.tar UXP-b9b545e7ddcbbe5934d905805db1d6a436862737.tar.gz UXP-b9b545e7ddcbbe5934d905805db1d6a436862737.tar.lz UXP-b9b545e7ddcbbe5934d905805db1d6a436862737.tar.xz UXP-b9b545e7ddcbbe5934d905805db1d6a436862737.zip