fix memory out of bounds in to_cstring

8e5fcb68 · obdev · wangzelin.wzl · 097cd3de · 8e5fcb68 · 8e5fcb68
3 changed file
--- a/deps/oblib/src/lib/trace/ob_trace.cpp
+++ b/deps/oblib/src/lib/trace/ob_trace.cpp
@@ -255,12 +255,12 @@ int UUID::deserialize(const char* buf, const int64_t buf_len, int64_t& pos)
 int to_string_and_strip(const char* str, const int64_t length, char* buf, const int64_t buf_len, int64_t& pos)
 {
  int ret = OB_SUCCESS;
-  char from[] = "\"\n\r\\";
-  const char* to[] = { "\\\"", "\\n", "\\r", "\\\\"};
+  char from[] = "\"\n\r\\\t";
+  const char* to[] = { "\\\"", "\\n", "\\r", "\\\\", " "};
  buf[pos++] = '\"';
  for (auto j = 0; j < length && str[j]; ++j) {
    bool conv = false;
-    for (auto i = 0; i < 4; ++i) {
+    for (auto i = 0; i < sizeof(from) - 1; ++i) {
      if (from[i] == str[j]) {
        for (const char* toc = to[i]; *toc; ++toc) {
          if (pos < buf_len) {
@@ -341,15 +341,15 @@ ObSpanCtx::ObSpanCtx()
 ObTrace* ObTrace::get_instance()
 {
  if (OB_ISNULL(save_buffer)) {
-    thread_local char* default_tsi_buffer = (char*)GET_TSI(ByteBuf<8 * DEFAULT_BUFFER_SIZE>);
-    thread_local char default_tls_buffer[DEFAULT_BUFFER_SIZE];
+    thread_local char* default_tsi_buffer = (char*)GET_TSI(ByteBuf<DEFAULT_BUFFER_SIZE>);
+    thread_local char default_tls_buffer[MIN_BUFFER_SIZE];
    struct Guard {
      Guard(char* buffer, int64_t size) {
        IGNORE_RETURN new(buffer) ObTrace(size);
      }
    };
-    thread_local Guard guard1(default_tsi_buffer, 8 * DEFAULT_BUFFER_SIZE);
-    thread_local Guard guard2(default_tls_buffer, 1 * DEFAULT_BUFFER_SIZE);
+    thread_local Guard guard1(default_tsi_buffer, DEFAULT_BUFFER_SIZE);
+    thread_local Guard guard2(default_tls_buffer, MIN_BUFFER_SIZE);
    if (OB_ISNULL(default_tsi_buffer)) {
      save_buffer = (ObTrace*)default_tls_buffer;
      LIB_LOG(WARN, "tsi was nullptr");

--- a/deps/oblib/src/lib/trace/ob_trace.h
+++ b/deps/oblib/src/lib/trace/ob_trace.h
@@ -209,7 +209,7 @@ struct ObSpanCtx final : public common::ObDLinkBase<ObSpanCtx>
 struct ObTrace
 {
  static constexpr uint64_t MAGIC_CODE = 0x1234567887654321ul;
-  static constexpr int64_t DEFAULT_BUFFER_SIZE = (1L << 13);
+  static constexpr int64_t DEFAULT_BUFFER_SIZE = (1L << 16);
  static constexpr int64_t MIN_BUFFER_SIZE = (1L << 13);
  static ObTrace* get_instance();
  static void set_trace_buffer(void* buffer, int64_t buffer_size);
@@ -273,46 +273,31 @@ struct ObTrace
  bool append_tag(ObTagType tag_type, const T& value)
  {
    int ret = false;
+    ObString v("");
    if (OB_ISNULL(value.ptr())) {
      // do nothing
    } else {
-      auto l = value.length();
-      if (offset_ + sizeof(ObTagCtx<void*>) + l + 1 - sizeof(void*) >= buffer_size_) {
-        // do nothing
-      } else {
-        ObTagCtx<void*>* tag = new (data_ + offset_) ObTagCtx<void*>;
-        tag->next_ = last_active_span_->tags_;
-        last_active_span_->tags_ = tag;
-        tag->tag_type_ = tag_type;
-        memcpy(&(tag->data_), value.ptr(), l);
-        offset_ += (sizeof(ObTagCtx<void*>) + l + 1 - sizeof(void*));
-        data_[offset_ - 1] = '\0';
-        ret = true;
-      }
+      v = value;
+    }
+    auto l = v.length();
+    if (offset_ + sizeof(ObTagCtx<void*>) + l + 1 - sizeof(void*) >= buffer_size_) {
+      // do nothing
+    } else {
+      ObTagCtx<void*>* tag = new (data_ + offset_) ObTagCtx<void*>;
+      tag->next_ = last_active_span_->tags_;
+      last_active_span_->tags_ = tag;
+      tag->tag_type_ = tag_type;
+      memcpy(&(tag->data_), v.ptr(), l);
+      offset_ += (sizeof(ObTagCtx<void*>) + l + 1 - sizeof(void*));
+      data_[offset_ - 1] = '\0';
+      ret = true;
    }
    return ret;
  }
  template<class T, typename std::enable_if<std::is_convertible<T, const char*>::value, bool>::type = true>
  bool append_tag(ObTagType tag_type, const T& value)
  {
-    int ret = false;
-    if (OB_ISNULL(value)) {
-      // do nothing
-    } else {
-      auto l = strlen(value);
-      if (offset_ + sizeof(ObTagCtx<void*>) + l + 1 - sizeof(void*) >= buffer_size_) {
-        // do nothing
-      } else {
-        ObTagCtx<void*>* tag = new (data_ + offset_) ObTagCtx<void*>;
-        tag->next_ = last_active_span_->tags_;
-        last_active_span_->tags_ = tag;
-        tag->tag_type_ = tag_type;
-        memcpy(&(tag->data_), value, l + 1);
-        offset_ += (sizeof(ObTagCtx<void*>) + l + 1 - sizeof(void*));
-        ret = true;
-      }
-    }
-    return ret;
+    return append_tag(tag_type, OB_ISNULL(value) ? ObString("") : ObString(value));
  }
 private:
  bool check_magic() { return MAGIC_CODE == magic_code_; }

--- a/deps/oblib/src/lib/utility/ob_print_utils.h
+++ b/deps/oblib/src/lib/utility/ob_print_utils.h
@@ -202,7 +202,7 @@ public:
 private:
  BufList list_;
  int64_t level_;
-  int idx_;
+  uint64_t idx_;
 };

 template <typename T>