From 1b10c04c333e0c1e5c6e373d55f2564db728ed25 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Sat, 9 Jun 2018 13:41:44 +0200 Subject: basic/ellipsize: do not assume the string is NUL-terminated when length is given oss-fuzz flags this as: ==1==WARNING: MemorySanitizer: use-of-uninitialized-value 0. 0x7fce77519ca5 in ascii_is_valid systemd/src/basic/utf8.c:252:9 1. 0x7fce774d203c in ellipsize_mem systemd/src/basic/string-util.c:544:13 2. 0x7fce7730a299 in print_multiline systemd/src/shared/logs-show.c:244:37 3. 0x7fce772ffdf3 in output_short systemd/src/shared/logs-show.c:495:25 4. 0x7fce772f5a27 in show_journal_entry systemd/src/shared/logs-show.c:1077:15 5. 0x7fce772f66ad in show_journal systemd/src/shared/logs-show.c:1164:29 6. 0x4a2fa0 in LLVMFuzzerTestOneInput systemd/src/fuzz/fuzz-journal-remote.c:64:21 ... I didn't reproduce the issue, but this looks like an obvious error: the length is specified, so we shouldn't use the string with any functions for normal C-strings. --- src/basic/string-util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/basic/string-util.c') diff --git a/src/basic/string-util.c b/src/basic/string-util.c index 13456f101..1f8bf3d4d 100644 --- a/src/basic/string-util.c +++ b/src/basic/string-util.c @@ -545,7 +545,7 @@ char *ellipsize_mem(const char *s, size_t old_length, size_t new_length, unsigne return strdup(""); /* If no multibyte characters use ascii_ellipsize_mem for speed */ - if (ascii_is_valid(s)) + if (ascii_is_valid_n(s, old_length)) return ascii_ellipsize_mem(s, old_length, new_length, percent); x = ((new_length - 1) * percent) / 100; -- cgit v1.2.3