From 9ab7b3193f5f1f73e8dff45caf354566567961b2 Mon Sep 17 00:00:00 2001
From: Pompolic <pompolic@special-circumstanc.es>
Date: Wed, 23 Mar 2022 21:37:04 +0100
Subject: [PATCH] (WIP) Fix truncation, stop leaking final_message_buf

---
 pdf.c | 29 +++++++++++++++++++++--------
 1 file changed, 21 insertions(+), 8 deletions(-)

diff --git a/pdf.c b/pdf.c
index 4c42ee4..f98d81a 100644
--- a/pdf.c
+++ b/pdf.c
@@ -41,7 +41,7 @@ uint8_t logs_failed = 0;
 
 typedef struct log_entry_S {
 	const char *message;
-	uint8_t severity;
+	uint64_t severity;
 } log_entry;
 
 log_entry **logs = NULL;
@@ -50,7 +50,7 @@ void free_log_messages();
 
 #include <stdarg.h>
 
-void log_message(uint8_t severity, const char *format, ...)
+void log_message(uint64_t severity, const char *format, ...)
 {
 	log_entry *msg;
 	char *final_string_buf = calloc(2048, sizeof(char));
@@ -73,6 +73,8 @@ void log_message(uint8_t severity, const char *format, ...)
 		{
 			fprintf(stderr, "Failed to grow log buffer. (capacity > UINT64_MAX)\n");
 			logs_failed = 1;
+			if(final_string_buf)
+				free(final_string_buf);
 			free_log_messages();
 			return;
 		}
@@ -82,6 +84,8 @@ void log_message(uint8_t severity, const char *format, ...)
 		{
 			fprintf(stderr, "Failed to grow log buffer. (size * count overflowed)\n");
 			logs_failed = 1;
+			if(final_string_buf)
+				free(final_string_buf);
 			free_log_messages();
 			return;
 		}
@@ -94,6 +98,9 @@ void log_message(uint8_t severity, const char *format, ...)
 	{
 		fprintf(stderr, "Failed to allocate log buffer.\n");
 		logs_failed = 1;
+		if(final_string_buf)
+			free(final_string_buf);
+		//XXX possibly print them and then free logs
 		return;
 	}
 
@@ -106,9 +113,15 @@ void log_message(uint8_t severity, const char *format, ...)
 		va_end(ap);
 
 		msg_len = strlen(final_string_buf);
-		message = calloc(msg_len, sizeof(char));
-		/* Due to calloc, last byte should be 0 at this point, so the string will be zero-terminated */
-		strncpy(message, final_string_buf, msg_len-1);
+		message = calloc(msg_len+1, sizeof(char));
+		/* Due to calloc, the last byte should be 0 at this point, so the string will be zero-terminated */
+		strncpy(message, final_string_buf, msg_len);
+		free(final_string_buf);
+	}
+	else
+	{
+		fprintf(stderr, "Failed to allocate temporary buffer for log message.\n");
+		return;
 	}
 
 	msg = malloc(sizeof(log_message));
@@ -127,7 +140,7 @@ void print_log_messages()
 		entry = logs[i];
 		if(log_level <= entry->severity)
 		{
-			fprintf(stderr, "%s\n", entry->message);
+			fprintf(stderr, "%s", entry->message);
 		}
 	}
 }
@@ -962,14 +975,14 @@ act_viol(const HParseResult *p, void *viol)
 	viol = (uint8_t *) viol;
 	severity_parse = h_parse(p_violsev, viol, strlen((char *)viol));
 	if (!severity_parse) {
-	        fprintf(stderr, "Severity for violaiton %s not assigned!\n", (char *)viol);
+	        log_message(99999, "Severity for violaiton %s not assigned!\n", (char *)viol);
 	        severity = 99999;
 	}
 	else {
 	        severity = severity_parse->ast->seq->elements[0]->uint;
 	}
 	offset = p->ast->seq->elements[p->ast->seq->used-1]->uint / 8;
-	fprintf(stderr, "VIOLATION[%d]@%d (0x%x): %s\n", severity, offset, offset, (char *) viol);
+	log_message(severity, "VIOLATION[%d]@%d (0x%x): %s\n", severity, offset, offset, (char *) viol);
 	if (strictness && severity > strictness) {
 	        exit(1);
 	}
-- 
GitLab