- API: when creating message strings for CPU time etc.,

use strlcat() instead of strcat(). Einstein@home has seen some SEGVs in this function. I suspect that it's getting 1e304-type values (why? possible bugs in getrusage-related code, still) and that these cause long strings that overflow the message buffer. svn path=/trunk/boinc/; revision=13999
2007-10-30 23:03:21 +00:00 · 2007-10-30 23:03:21 +00:00 · d43c0e1786
parent 26138742c6
commit d43c0e1786
2 changed files with 21 additions and 7 deletions
--- a/api/boinc_api.C
+++ b/api/boinc_api.C
@ -248,9 +248,12 @@ double boinc_worker_thread_cpu_time() {

 // communicate to the core client (via shared mem)
 // the current CPU time and fraction done
+// NOTE: various bugs could cause some of these FP numbers to be enormous,
+// possibly overflowing the buffer.
+// So use strlcat() instead of strcat()
 //
 static bool update_app_progress(double cpu_t, double cp_cpu_t) {
-    char msg_buf[MSG_CHANNEL_SIZE], buf[256];
+    char msg_buf[MSG_CHANNEL_SIZE], buf[8000];

    if (standalone) return true;

@ -260,29 +263,29 @@ static bool update_app_progress(double cpu_t, double cp_cpu_t) {
        cpu_t, cp_cpu_t
    );
    if (want_network) {
-        strcat(msg_buf, "<want_network>1</want_network>\n");
+        strlcat(msg_buf, "<want_network>1</want_network>\n", MSG_CHANNEL_SIZE);
    }
    if (fraction_done >= 0) {
        double range = aid.fraction_done_end - aid.fraction_done_start;
        double fdone = aid.fraction_done_start + fraction_done*range;
        sprintf(buf, "<fraction_done>%2.8f</fraction_done>\n", fdone);
-        strcat(msg_buf, buf);
+        strlcat(msg_buf, buf, MSG_CHANNEL_SIZE);
    }
    if (fpops_per_cpu_sec) {
        sprintf(buf, "<fpops_per_cpu_sec>%f</fpops_per_cpu_sec>\n", fpops_per_cpu_sec);
-        strcat(msg_buf, buf);
+        strlcat(msg_buf, buf, MSG_CHANNEL_SIZE);
    }
    if (fpops_cumulative) {
        sprintf(buf, "<fpops_cumulative>%f</fpops_cumulative>\n", fpops_cumulative);
-        strcat(msg_buf, buf);
+        strlcat(msg_buf, buf, MSG_CHANNEL_SIZE);
    }
    if (intops_per_cpu_sec) {
        sprintf(buf, "<intops_per_cpu_sec>%f</intops_per_cpu_sec>\n", intops_per_cpu_sec);
-        strcat(msg_buf, buf);
+        strlcat(msg_buf, buf, MSG_CHANNEL_SIZE);
    }
    if (intops_cumulative) {
        sprintf(buf, "<intops_cumulative>%f</intops_cumulative>\n", intops_cumulative);
-        strcat(msg_buf, buf);
+        strlcat(msg_buf, buf, MSG_CHANNEL_SIZE);
    }
    return app_client_shm->shm->app_status.send_msg(msg_buf);
 }
--- a/11
+++ b/11
@ -10201,3 +10201,14 @@ David  30 Oct 2007
            bolt.php
            bolt_course_sample.php
            bolt_sched.php
+
+David  30 Oct 2007
+    - API: when creating message strings for CPU time etc.,
+        use strlcat() instead of strcat().
+        Einstein@home has seen some SEGVs in this function.
+        I suspect that it's getting 1e304-type values
+        (why? possible bugs in getrusage-related code, still)
+        and that these cause long strings that overflow the message buffer.
+
+    api/
+        boinc_api.C