diff options
| -rw-r--r-- | liblog/logprint.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/liblog/logprint.c b/liblog/logprint.c index 5ddda36..4c5b3e5 100644 --- a/liblog/logprint.c +++ b/liblog/logprint.c @@ -753,6 +753,16 @@ char *android_log_formatLogLine ( suffixLen = 1; break; } + /* snprintf has a weird return value. It returns what would have been + * written given a large enough buffer. In the case that the prefix is + * longer then our buffer(128), it messes up the calculations below + * possibly causing heap corruption. To avoid this we double check and + * set the length at the maximum (size minus null byte) + */ + if(prefixLen >= sizeof(prefixBuf)) + prefixLen = sizeof(prefixBuf) - 1; + if(suffixLen >= sizeof(suffixBuf)) + suffixLen = sizeof(suffixBuf) - 1; /* the following code is tragically unreadable */ |