Fix the overrun issue reported by static application security testing

[lian-bo]

The current issue is reported by the SAST(Static Application Security Testing) as below:

Error: OVERRUN:
snappy_unittest.cc:95: return_constant: Function call "sysconf(_SC_PAGESIZE)" may return -1.
snappy_unittest.cc:95: assignment: Assigning: "page_size" = "sysconf(SC_PAGESIZE)". The value of "page_size" is now 18446744073709551615.
snappy_unittest.cc:97: overrun-buffer-arg: Calling "mprotect" with "this->protected_page" and "page_size" is suspicious because of the very large index, 18446744073709551615. The index may be due to a negative parameter being interpreted as unsigned.

95| const size_t page_size = sysconf(_SC_PAGESIZE);

96| // Undo the mprotect.

97|-> CHECK_EQ(0, mprotect(protected_page_, page_size, PROT_READ|PROT_WRITE));

98| CHECK_EQ(0, munmap(mem_, alloc_size_));

99| }

Let's set the page size to 4096, if the invoking sysconf(_SC_PAGESIZE) failed, otherwise still use the actual value of sysconf(_SC_PAGESIZE). In addition, also save its value in the constructor function in order to use it again in the deconstructor function, that can avoid calling the sysconf(_SC_PAGESIZE) twice.

(Did the same changes in snappy_test_tool.cc).

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

[lian-bo]

Thank you for applying the patch: ee6bc15 ("Fix the overrun issue reported by static application security testing")
So I will close this issue.

[lian-bo]

Hi, @danilak-G
Can you help to review this patch?

[danilak-G]

Thanks for the patch. This is low priority for now as this affects only a testing tool and unittests without affecting core code