You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Benjamin Bannier (JIRA)" <ji...@apache.org> on 2017/02/18 09:22:44 UTC
[jira] [Created] (MESOS-7143) ABORT checks its preconditions
incorrectly and incompletely
Benjamin Bannier created MESOS-7143:
---------------------------------------
Summary: ABORT checks its preconditions incorrectly and incompletely
Key: MESOS-7143
URL: https://issues.apache.org/jira/browse/MESOS-7143
Project: Mesos
Issue Type: Bug
Components: stout
Affects Versions: 0.23.0
Reporter: Benjamin Bannier
Priority: Minor
Currently, stout's {{ABORT}} (which is mapped to {{_Abort}}) checks it precondition incompletely and incorrectly.
Its current control flow is roughly
{code}
void _Abort(const char* prefix, const char* message)
{
size_t prefix_len = strlen(prefix);
size_t message_len = strlen(message);
// Async-safe write.
while(::write(2, prefix, prefix_len) == -1 && errno == EINTR);
while(message != nullptr &&
::write(2, message, message_len) == -1 && errno == EINTR);
}
{code}
We here check the precondition {{message != nullptr}} after we already have called {{strlen(message)}}; calling {{strlen}} on a {{nullptr}} already triggers undefined behavior.
Similarly, we never guard against a {{prefix}} which is {{nullptr}}, but unconditionally call {{strlen}} on it.
It seems it should be possible to assert that neither {{prefix}} nor {{message}} are {{nullptr}} before any use.
This was diagnosed by coverity as CID-1400833, and has been present in all releases since 0.23.0.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)