Prevent snprintf vulnerability

Summary:
With a very big name for a `ParameterRange`, the `snprintf` call from `combination_name` can end up having a negative second parameter, causing  a memory overflow, which can lead to a serious security issue.

We can checking that the second parameter is always >= 0 and throw an exception if not.

See the new GTEST.

Reviewed By: mdouze

Differential Revision: D46856956

fbshipit-source-id: 91c657ec028c462d4b808b595811342034e00133

Author: OctavianGuzu

faiss/AutoTune.cpp

@@ -284,6 +284,8 @@ std::string ParameterSpace::combination_name(size_t cno) const {
     char buf[1000], *wp = buf;
     *wp = 0;
     for (int i = 0; i < parameter_ranges.size(); i++) {
+        FAISS_THROW_IF_NOT_MSG(
+                buf + 1000 - wp >= 0, "Overflow detected in snprintf");
         const ParameterRange& pr = parameter_ranges[i];
         size_t j = cno % pr.values.size();
         cno /= pr.values.size();