Bug 129237

Summary: ANGLE: Stop using unsafe strcpy method
Product: WebKit Reporter: David Kilzer (:ddkilzer) <ddkilzer>
Component: ANGLEAssignee: David Kilzer (:ddkilzer) <ddkilzer>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, dino, kbr, kondapallykalyan, roger_fong
Priority: P2 Keywords: InRadar
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
URL: https://code.google.com/p/angleproject/issues/detail?id=307
Attachments:
Description Flags
Patch v1
none
Patch v2
none
Patch v3
none
Patch v4 dino: review+

David Kilzer (:ddkilzer)
Reported 2014-02-23 15:55:41 PST
ANGLE should stop using the unsafe strcpy method.
Attachments
Patch v1 (5.13 KB, patch)
2014-02-23 16:13 PST, David Kilzer (:ddkilzer) 		no flags
DetailsFormatted DiffDiff
Patch v2 (5.35 KB, patch)
2014-02-23 16:27 PST, David Kilzer (:ddkilzer) 		no flags
DetailsFormatted DiffDiff
Patch v3 (4.74 KB, patch)
2014-02-23 16:52 PST, David Kilzer (:ddkilzer) 		no flags
DetailsFormatted DiffDiff
Patch v4 (4.79 KB, patch)
2014-02-23 17:25 PST, David Kilzer (:ddkilzer) 		dino: review+
DetailsFormatted DiffDiff
Show Obsolete (3) View All Add attachment proposed patch, testcase, etc.
David Kilzer (:ddkilzer)
Comment 1 2014-02-23 15:56:28 PST
<rdar://problem/11077580>
David Kilzer (:ddkilzer)
Comment 2 2014-02-23 16:13:46 PST
Created attachment 225016 [details] Patch v1
WebKit Commit Bot
Comment 3 2014-02-23 16:15:53 PST
Note that there are important steps to take when updating ANGLE. See http://trac.webkit.org/wiki/UpdatingANGLE
WebKit Commit Bot
Comment 4 2014-02-23 16:15:59 PST
Attachment 225016 [details] did not pass style-queue: ERROR: Source/ThirdParty/ANGLE/src/libGLESv2/Program.cpp:118: Declaration has space between type name and * in char *newLog [whitespace/declaration] [3] Total errors found: 1 in 5 files If any of these errors are false positives, please file a bug against check-webkit-style.
David Kilzer (:ddkilzer)
Comment 5 2014-02-23 16:19:11 PST
Comment on attachment 225016 [details] Patch v1 View in context: https://bugs.webkit.org/attachment.cgi?id=225016&action=review > Source/ThirdParty/ANGLE/src/common/angleutils.h:47 > +#define strlcpy(dst, src, dstsize) strcpy_s(dst, dstsize, src) Waiting for the EWS bots to tell me if this works on Windows. > Source/ThirdParty/ANGLE/src/compiler/ShaderLang.cpp:226 > + size_t infoLogLength = 0; > + ShGetInfo(compiler, SH_INFO_LOG_LENGTH, &infoLogLength); A better design would be to pass in the buffer length to ShGetInfoLog() as a parameter, but since it's a C API, a new function name would have to be created. > Source/ThirdParty/ANGLE/src/compiler/ShaderLang.cpp:245 > + size_t objCodeLength = 0; > + ShGetInfo(handle, SH_OBJECT_CODE_LENGTH, &objCodeLength); Ditto for passing in the length to ShGetObjectCode(). > Source/ThirdParty/ANGLE/src/libGLESv2/Program.cpp:112 > + const size_t newInfoLogLength = infoLength + 2; > + mInfoLog = new char[newInfoLogLength]; > + strlcpy(mInfoLog, info, newInfoLogLength); > + strlcpy(mInfoLog + infoLength, "\n", newInfoLogLength - infoLength); I think using snprintf() here would be clearer, but probably not as performant. > Source/ThirdParty/ANGLE/src/libGLESv2/Program.cpp:121 > + const size_t newInfoLogLength = logLength + infoLength + 2; > + char *newLog = new char[newInfoLogLength]; > + strlcpy(newLog, mInfoLog, newInfoLogLength); > + strlcpy(newLog + logLength, info, newInfoLogLength - logLength); > + strlcpy(newLog + logLength + infoLength, "\n", newInfoLogLength - logLength - infoLength); Ditto for using snprintf().
David Kilzer (:ddkilzer)
Comment 6 2014-02-23 16:27:51 PST
Created attachment 225017 [details] Patch v2 Try to fix builds by adding #include <string.h> to ShaderLang.cpp.
WebKit Commit Bot
Comment 7 2014-02-23 16:28:32 PST
Attachment 225017 [details] did not pass style-queue: ERROR: Source/ThirdParty/ANGLE/src/libGLESv2/Program.cpp:118: Declaration has space between type name and * in char *newLog [whitespace/declaration] [3] Total errors found: 1 in 5 files If any of these errors are false positives, please file a bug against check-webkit-style.
David Kilzer (:ddkilzer)
Comment 8 2014-02-23 16:40:24 PST
(In reply to comment #6) > Created an attachment (id=225017) [details] > Patch v2 > > Try to fix builds by adding #include <string.h> to ShaderLang.cpp. Hmm, strlcpy doesn't seem to be used in WebCore, so we should probably use strncpy with an explicit '\0' set at the end.
David Kilzer (:ddkilzer)
Comment 9 2014-02-23 16:52:54 PST
Created attachment 225018 [details] Patch v3 Switch to strncpy() instead of strlcpy().
David Kilzer (:ddkilzer)
Comment 10 2014-02-23 17:25:17 PST
Created attachment 225020 [details] Patch v4 Update patch after Dean landed updated ANGLE in r164565, r164567.
WebKit Commit Bot
Comment 11 2014-02-23 17:26:41 PST
Attachment 225020 [details] did not pass style-queue: ERROR: Source/ThirdParty/ANGLE/src/libGLESv2/Program.cpp:119: Declaration has space between type name and * in char *newLog [whitespace/declaration] [3] Total errors found: 1 in 4 files If any of these errors are false positives, please file a bug against check-webkit-style.
Dean Jackson
Comment 12 2014-02-23 17:28:18 PST
Comment on attachment 225020 [details] Patch v4 We should file a bug on ANGLE to pick this up. I'll do so.
David Kilzer (:ddkilzer)
Comment 13 2014-02-23 17:29:20 PST
(In reply to comment #12) > (From update of attachment 225020 [details]) > We should file a bug on ANGLE to pick this up. I'll do so. https://code.google.com/p/angleproject/issues/detail?id=307
David Kilzer (:ddkilzer)
Comment 14 2014-02-24 03:09:22 PST
Committed r164580: <http://trac.webkit.org/changeset/164580>
Note You need to log in before you can comment on or make changes to this bug.