Bug 1369560 - Avoid potentially unsafe snprintf usage in FPSCounter. r=mchang

snprintf returns the number of bytes it would have written when it runs out of space. This patch makes sure we properly handle this unlikely event in FPSCounter. This patch also makes sure we don't print out the contents of an uninitialized buffer. --HG-- extra : rebase_source : 3b0efdc90aeb1ee17e10a75493af51f2878bfcda
2025-03-09 04:25:38 +00:00 · 2017-06-02 14:39:15 -07:00 · 2017-06-02 14:39:15 -07:00 · 9df1db2e87
commit 9df1db2e87
parent dff88e38e4
1 changed files with 21 additions and 6 deletions
--- a/gfx/layers/composite/FPSCounter.cpp
+++ b/gfx/layers/composite/FPSCounter.cpp
@ -210,7 +210,10 @@ FPSCounter::WriteFrameTimeStamps(PRFileDesc* fd)
  const int bufferSize = 256;
  char buffer[bufferSize];
  int writtenCount = SprintfLiteral(buffer, "FPS Data for: %s\n", mFPSName);
-  MOZ_ASSERT(writtenCount >= 0);
+  MOZ_ASSERT(writtenCount < bufferSize);
+  if (writtenCount >= bufferSize) {
+    return;
+  }
  PR_Write(fd, buffer, writtenCount);

  ResetReverseIterator();
@ -225,8 +228,10 @@ FPSCounter::WriteFrameTimeStamps(PRFileDesc* fd)
  while (HasNext(startTimeStamp)) {
    TimeDuration duration = previousSample - nextTimeStamp;
    writtenCount = SprintfLiteral(buffer, "%f,\n", duration.ToMilliseconds());
-
-    MOZ_ASSERT(writtenCount >= 0);
+    MOZ_ASSERT(writtenCount < bufferSize);
+    if (writtenCount >= bufferSize) {
+      continue;
+    }
    PR_Write(fd, buffer, writtenCount);

    previousSample = nextTimeStamp;
@ -299,8 +304,13 @@ FPSCounter::PrintFPS()
 void
 FPSCounter::PrintHistogram(std::map<int, int>& aHistogram)
 {
+  if (aHistogram.size() == 0) {
+    return;
+  }
+
  int length = 0;
  const int kBufferLength = 512;
+  int availableSpace = kBufferLength;
  char buffer[kBufferLength];

  for (std::map<int, int>::iterator iter = aHistogram.begin();
@ -309,9 +319,14 @@ FPSCounter::PrintHistogram(std::map<int, int>& aHistogram)
    int fps = iter->first;
    int count = iter->second;

-    length += snprintf(buffer + length, kBufferLength - length,
-                       "FPS: %d = %d. ", fps, count);
-    NS_ASSERTION(length >= kBufferLength, "Buffer overrun while printing FPS histogram.");
+    int lengthRequired = snprintf(buffer + length, availableSpace,
+                                  "FPS: %d = %d. ", fps, count);
+    // Ran out of buffer space. Oh well - just print what we have.
+    if (lengthRequired > availableSpace) {
+      break;
+    }
+    length += lengthRequired;
+    availableSpace -= lengthRequired;
  }

  printf_stderr("%s\n", buffer);