Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix FormatAllocateString complexity #808

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Fix FormatAllocateString complexity #808

wants to merge 3 commits into from

Conversation

jepio
Copy link
Member

@jepio jepio commented Nov 15, 2024

Description

FormatAllocateString has multiple issues:

  • it always allocates at least 512 bytes even when the input is shorter
  • once the length of the formatted output exceeds 512 bytes it starts incrementing the buffer size by 1 byte and goes through a malloc,snprintf,free loop until it finds the right size. This has an O(n^2) complexity and is slow for longer strings.
  • it has an unnecessary DuplicateString at the end

Rewrite FormatAllocateString to call snprintf once to calculate the required buffer size, then malloc the right buffer and then format the string.

This change is motivated by hitting this edge case through fuzzing CheckFileSystemMountingOption where a lot of reason strings get added to the reason buffer. I've added a test case for long strings and a fuzzer case whose runtime goes from ~3s to 10ms.

Checklist

  • I have read the contribution guidelines.
  • I added unit-tests to validate my changes. All unit tests are passing.
  • I have merged the latest main branch prior to this PR submission.
  • I submitted this PR against the main branch.

@jepio jepio requested a review from a team as a code owner November 15, 2024 15:01
MariusNi
MariusNi reviewed Nov 15, 2024
View reviewed changes
src/common/commonutils/OtherUtils.c
{
FREE_MEMORY(stringToReturn);
return NULL;
}
return stringToReturn;
}
Copy link
Contributor

@MariusNi MariusNi Nov 15, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a great idea! Just a nit suggestion, same code, just bit changed to only return once after initial input args validation (for consistence with rest of code), how about this?

char* FormatAllocateString(const char* format, ...)
{
    char* stringToReturn = NULL;
    int formatResult = 0;
    int sizeOfBuffer = 0;

    if (NULL == format)
    {
        return stringToReturn;
    }

    va_list arguments;
    va_start(arguments, format);
    // snprintf returns the required buffer size, excluding the null terminator
    sizeOfBuffer = vsnprintf(NULL, 0, format, arguments);
    va_end(arguments);

    if (sizeOfBuffer > 0)
    {
        if (NULL != (stringToReturn = malloc((size_t)sizeOfBuffer + 1)))
        {
            va_start(arguments, format);
            formatResult = vsnprintf(stringToReturn, sizeOfBuffer + 1, format, arguments);
            va_end(arguments);

            if ((formatResult < 0) || (formatResult > sizeOfBuffer))
            {
                FREE_MEMORY(stringToReturn);
            }
        }
    }

    return stringToReturn;
}

MariusNi
MariusNi approved these changes Nov 15, 2024
View reviewed changes
Copy link
Contributor

@MariusNi MariusNi left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:shipit:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MariusNi MariusNi MariusNi approved these changes

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jepio @MariusNi