logger: validate hdr_size field in logger entry - check hdr_size to make sure it is in the expected range from sizeof entry_v1 to entry (entry_v4). - alter msg() method to report NULL on invalid hdr_size - alter all users of msg() method. Bug: 30947841 Change-Id: I9bc1740d7aa9f37df5be966c18de1fb9de63d5dd

commit: 305374cf0f8cf28b58a108cf4f45df92fc0dde86 [log] [tgz]
author: Mark Salyzyn <salyzyn@google.com> Thu Aug 18 14:59:41 2016 -0700
committer: Mark Salyzyn <salyzyn@google.com> Tue Aug 23 14:51:50 2016 -0700
tree: 4f7ae56a180ae568508f5da1f4f83e25a054d712
parent: 82b67fff06363c8e7a17058cb5ce748f21a27f11 [diff] [blame]
diff --git a/include/log/logger.h b/include/log/logger.h
index 60d47a2..256fdd1 100644
--- a/include/log/logger.h
+++ b/include/log/logger.h

@@ -143,7 +143,14 @@
     }
     char *msg()
     {
-        return entry.hdr_size ? (char *) buf + entry.hdr_size : entry_v1.msg;
+        unsigned short hdr_size = entry.hdr_size;
+        if (!hdr_size) {
+            hdr_size = sizeof(entry_v1);
+        }
+        if ((hdr_size < sizeof(entry_v1)) || (hdr_size > sizeof(entry))) {
+            return NULL;
+        }
+        return (char *) buf + hdr_size;
     }
     unsigned int len()
     {
commit	305374cf0f8cf28b58a108cf4f45df92fc0dde86	[log] [tgz]
author	Mark Salyzyn <salyzyn@google.com>	Thu Aug 18 14:59:41 2016 -0700
committer	Mark Salyzyn <salyzyn@google.com>	Tue Aug 23 14:51:50 2016 -0700
tree	4f7ae56a180ae568508f5da1f4f83e25a054d712
parent	82b67fff06363c8e7a17058cb5ce748f21a27f11 [diff] [blame]