You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@rocketmq.apache.org by di...@apache.org on 2020/02/28 03:33:14 UTC
[rocketmq-client-cpp] branch master updated: Fix a
heap-buffer-overflow risk due to wrong use of string constructor. (#264)
This is an automated email from the ASF dual-hosted git repository.
dinglei pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/rocketmq-client-cpp.git
The following commit(s) were added to refs/heads/master by this push:
new 00ecc4d Fix a heap-buffer-overflow risk due to wrong use of string constructor. (#264)
00ecc4d is described below
commit 00ecc4d07699c357235fa2e203b048f77e451719
Author: yizhe.wcm <42...@users.noreply.github.com>
AuthorDate: Fri Feb 28 11:33:04 2020 +0800
Fix a heap-buffer-overflow risk due to wrong use of string constructor. (#264)
---
src/protocol/LockBatchBody.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/protocol/LockBatchBody.cpp b/src/protocol/LockBatchBody.cpp
index a63426d..faecbbc 100644
--- a/src/protocol/LockBatchBody.cpp
+++ b/src/protocol/LockBatchBody.cpp
@@ -69,7 +69,7 @@ void LockBatchResponseBody::setLockOKMQSet(vector<MQMessageQueue> in_lockOKMQSet
void LockBatchResponseBody::Decode(const MemoryBlock* mem, vector<MQMessageQueue>& messageQueues) {
messageQueues.clear();
//<! decode;
- const char* const pData = static_cast<const char*>(mem->getData());
+ const std::string pData(mem->getData(), mem->getSize());
Json::Reader reader;
Json::Value root;