You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by si...@apache.org on 2018/10/27 05:09:32 UTC
[pulsar] branch master updated: Fix memory issue in cpp ZTSClient
(#2814)
This is an automated email from the ASF dual-hosted git repository.
sijie pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pulsar.git
The following commit(s) were added to refs/heads/master by this push:
new c518247 Fix memory issue in cpp ZTSClient (#2814)
c518247 is described below
commit c518247d873bfe07364359e5f63f5fd7f689c0e9
Author: hrsakai <hs...@yahoo-corp.jp>
AuthorDate: Sat Oct 27 14:09:27 2018 +0900
Fix memory issue in cpp ZTSClient (#2814)
### Modifications
* Use `calloc` instead of `malloc` in order to add Termination character(`\0`).
* Free memory allocated with `calloc` and `PEM_read_bio_RSAPrivateKey`.
---
pulsar-client-cpp/lib/auth/athenz/ZTSClient.cc | 34 +++++++++++++++++++++-----
1 file changed, 28 insertions(+), 6 deletions(-)
diff --git a/pulsar-client-cpp/lib/auth/athenz/ZTSClient.cc b/pulsar-client-cpp/lib/auth/athenz/ZTSClient.cc
index 3097c30..9467124 100644
--- a/pulsar-client-cpp/lib/auth/athenz/ZTSClient.cc
+++ b/pulsar-client-cpp/lib/auth/athenz/ZTSClient.cc
@@ -141,8 +141,16 @@ std::string ZTSClient::ybase64Encode(const unsigned char *input, int length) {
}
char *ZTSClient::base64Decode(const char *input) {
- BIO *bio, *b64;
+ if (input == NULL) {
+ return NULL;
+ }
+
size_t length = strlen(input);
+ if (length == 0) {
+ return NULL;
+ }
+
+ BIO *bio, *b64;
char *result = (char *)malloc(length);
bio = BIO_new_mem_buf((void *)input, -1);
@@ -150,16 +158,21 @@ char *ZTSClient::base64Decode(const char *input) {
bio = BIO_push(b64, bio);
BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL);
- BIO_read(bio, result, length);
+ int decodeStrLen = BIO_read(bio, result, length);
BIO_free_all(bio);
+ if (decodeStrLen > 0) {
+ result[decodeStrLen] = '\0';
+ return result;
+ }
+ free(result);
- return result;
+ return NULL;
}
const std::string ZTSClient::getPrincipalToken() const {
// construct unsigned principal token
std::string unsignedTokenString = "v=S1";
- char host[BUFSIZ];
+ char host[BUFSIZ] = {};
long long t = (long long)time(NULL);
gethostname(host, sizeof(host));
@@ -176,8 +189,8 @@ const std::string ZTSClient::getPrincipalToken() const {
// signing
const char *unsignedToken = unsignedTokenString.c_str();
- unsigned char signature[BUFSIZ];
- unsigned char hash[SHA256_DIGEST_LENGTH];
+ unsigned char signature[BUFSIZ] = {};
+ unsigned char hash[SHA256_DIGEST_LENGTH] = {};
unsigned int siglen;
FILE *fp;
RSA *privateKey;
@@ -189,14 +202,21 @@ const std::string ZTSClient::getPrincipalToken() const {
}
char *decodeStr = base64Decode(privateKeyUri_.data.c_str());
+ if (decodeStr == NULL) {
+ LOG_ERROR("Failed to decode privateKey");
+ return "";
+ }
+
BIO *bio = BIO_new_mem_buf((void *)decodeStr, -1);
BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL);
if (bio == NULL) {
LOG_ERROR("Failed to create key BIO");
+ free(decodeStr);
return "";
}
privateKey = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL);
BIO_free(bio);
+ free(decodeStr);
if (privateKey == NULL) {
LOG_ERROR("Failed to load privateKey");
return "";
@@ -225,6 +245,8 @@ const std::string ZTSClient::getPrincipalToken() const {
std::string principalToken = unsignedTokenString + ";s=" + ybase64Encode(signature, siglen);
LOG_DEBUG("Created signed principal token: " << principalToken);
+ RSA_free(privateKey);
+
return principalToken;
}