Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fec2e2c7 authored by Mark Salyzyn's avatar Mark Salyzyn
Browse files

logd: identical check access message data out of range 

(cherry pick from commit 22712428)

Discovered while running AddressSanitizer, binary events were fed
into logd that were smaller than the binary event string header.
Fix is to check the buffer sizes before performing the memcmp
operation.

Test: compile
Bug: 74574189
Change-Id: Ic01ef6fb0725258d9f39bbdca582ed648a1adc5d
parent 84379567

logd/LogBuffer.cpp

+3 −1
Original line number Diff line number Diff line
@@ -171,7 +171,9 @@ static enum match_type identical(LogBufferElement* elem, 
    }



    // audit message (except sequence number) identical?

    if (last->isBinary()) {

    if (last->isBinary() &&

        (lenl > static_cast<ssize_t>(sizeof(android_log_event_string_t))) &&

        (lenr > static_cast<ssize_t>(sizeof(android_log_event_string_t)))) {

        if (fastcmp<memcmp>(msgl, msgr, sizeof(android_log_event_string_t) -

                                            sizeof(int32_t))) {

            return DIFFERENT;