liblog: do better checks of log messages.
Testing:
The following test cases all passed and generated log entries:
# echo -n '\03foo\0bar\0' > /dev/log/main
# echo -n '\03\0bar\0' > /dev/log/main
# echo -n '\03\0a\0' > /dev/log/main
The following entries were successfully processed by
logcat but produced no log entries:
# echo -n '\03\0\0' > /dev/log/main
# echo -n '\03a\0\0' > /dev/log/main
# echo -n '\03b\0\0' > /dev/log/main
Also tested the pathological error condition:
cat /dev/urandom > /dev/log/main
which produced many "+++ LOG: malformed log entry" errors.
Bug: 5478600
Change-Id: I53bc79507242dcfc14445746c29edf47be0a90b4
diff --git a/liblog/logprint.c b/liblog/logprint.c
index f2dd79f..daada5a 100644
--- a/liblog/logprint.c
+++ b/liblog/logprint.c
@@ -352,7 +352,6 @@
{
entry->tv_sec = buf->sec;
entry->tv_nsec = buf->nsec;
- entry->priority = buf->msg[0];
entry->pid = buf->pid;
entry->tid = buf->tid;
@@ -360,26 +359,32 @@
* format: <priority:1><tag:N>\0<message:N>\0
*
* tag str
- * starts at msg+1
+ * starts at buf->msg+1
* msg
- * starts at msg+1+len(tag)+1
+ * starts at buf->msg+1+len(tag)+1
*/
- entry->tag = buf->msg + 1;
- const size_t tag_len = strlen(entry->tag);
- const size_t preambleAndNullLen = tag_len + 3;
- if (buf->len <= preambleAndNullLen) {
- fprintf(stderr, "+++ LOG: entry corrupt or truncated\n");
+ if (buf->len < 3) {
+ // An well-formed entry must consist of at least a priority
+ // and two null characters
+ fprintf(stderr, "+++ LOG: entry too small\n");
return -1;
}
- entry->messageLen = buf->len - preambleAndNullLen;
- entry->message = entry->tag + tag_len + 1;
- if (entry->messageLen != strlen(entry->message)) {
- fprintf(stderr,
- "+++ LOG: Message length inconsistent. Expected %d, got %d\n",
- entry->messageLen, strlen(entry->message));
+ int nullsFound = 0;
+ int i;
+ for (i = 1; i < buf->len; i++) {
+ if (buf->msg[i] == '\0') {
+ nullsFound++;
+ }
+ }
+ if (nullsFound != 2) {
+ fprintf(stderr, "+++ LOG: malformed log entry\n");
return -1;
}
+ entry->priority = buf->msg[0];
+ entry->tag = buf->msg + 1;
+ entry->message = entry->tag + strlen(entry->tag) + 1;
+ entry->messageLen = strlen(entry->message);
return 0;
}