You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@trafficserver.apache.org by zw...@apache.org on 2014/09/30 16:28:57 UTC

git commit: TS-1475: Coverity 1242015 Buffer not null terminated

Repository: trafficserver
Updated Branches:
  refs/heads/master 98ea180cc -> f16c7615a


TS-1475: Coverity 1242015 Buffer not null terminated


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/f16c7615
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/f16c7615
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/f16c7615

Branch: refs/heads/master
Commit: f16c7615a4f9a824f011e759789331f04b945551
Parents: 98ea180
Author: Leif Hedstrom <zw...@apache.org>
Authored: Tue Sep 30 08:28:50 2014 -0600
Committer: Leif Hedstrom <zw...@apache.org>
Committed: Tue Sep 30 08:28:50 2014 -0600

----------------------------------------------------------------------
 iocore/net/SSLUtils.cc | 2 +-
 lib/ts/ink_string.cc   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/trafficserver/blob/f16c7615/iocore/net/SSLUtils.cc
----------------------------------------------------------------------
diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
index a807e2b..c399be7 100644
--- a/iocore/net/SSLUtils.cc
+++ b/iocore/net/SSLUtils.cc
@@ -197,7 +197,7 @@ ssl_servername_callback(SSL * ssl, int * ad, void * /*arg*/)
     netvc->getSSLHandShakeComplete());
 
   if (servername != NULL) {
-    strncpy(netvc->sniServername, servername, TS_MAX_HOST_NAME_LEN);
+    ink_strlcpy(netvc->sniServername, servername, TS_MAX_HOST_NAME_LEN);
   }
 
   // catch the client renegotiation early on

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/f16c7615/lib/ts/ink_string.cc
----------------------------------------------------------------------
diff --git a/lib/ts/ink_string.cc b/lib/ts/ink_string.cc
index 3ce655a..3307381 100644
--- a/lib/ts/ink_string.cc
+++ b/lib/ts/ink_string.cc
@@ -231,7 +231,7 @@ ink_strlcpy(char *dst, const char *src, size_t siz)
   /* Not enough room in dst, add NUL and traverse rest of src */
   if (n == 0) {
     if (siz != 0)
-                            *d = '\0';      /* NUL-terminate dst */
+      *d = '\0';      /* NUL-terminate dst */
     while (*s++)
       ;
   }

Re: git commit: TS-1475: Coverity 1242015 Buffer not null terminated

Posted by Susan Hinrichs <sh...@network-geographics.com>.

Yes, we can remove it.  Thought it had already been taken out.  I had 
that in before you pointed out that openssl already provides a call to 
get this information.

On 9/30/2014 10:28 AM, James Peach wrote:
> On Sep 30, 2014, at 7:28 AM, zwoop@apache.org wrote:
>
>> Repository: trafficserver
>> Updated Branches:
>>   refs/heads/master 98ea180cc -> f16c7615a
>>
>>
>> TS-1475: Coverity 1242015 Buffer not null terminated
>>
>>
>> Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
>> Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/f16c7615
>> Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/f16c7615
>> Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/f16c7615
>>
>> Branch: refs/heads/master
>> Commit: f16c7615a4f9a824f011e759789331f04b945551
>> Parents: 98ea180
>> Author: Leif Hedstrom <zw...@apache.org>
>> Authored: Tue Sep 30 08:28:50 2014 -0600
>> Committer: Leif Hedstrom <zw...@apache.org>
>> Committed: Tue Sep 30 08:28:50 2014 -0600
>>
>> ----------------------------------------------------------------------
>> iocore/net/SSLUtils.cc | 2 +-
>> lib/ts/ink_string.cc   | 2 +-
>> 2 files changed, 2 insertions(+), 2 deletions(-)
>> ----------------------------------------------------------------------
>>
>>
>> http://git-wip-us.apache.org/repos/asf/trafficserver/blob/f16c7615/iocore/net/SSLUtils.cc
>> ----------------------------------------------------------------------
>> diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
>> index a807e2b..c399be7 100644
>> --- a/iocore/net/SSLUtils.cc
>> +++ b/iocore/net/SSLUtils.cc
>> @@ -197,7 +197,7 @@ ssl_servername_callback(SSL * ssl, int * ad, void * /*arg*/)
>>      netvc->getSSLHandShakeComplete());
>>
>>    if (servername != NULL) {
>> -    strncpy(netvc->sniServername, servername, TS_MAX_HOST_NAME_LEN);
>> +    ink_strlcpy(netvc->sniServername, servername, TS_MAX_HOST_NAME_LEN);
>>    }
> Can you remove SSLNetVConnection::sniServername? It's not used anywhere, so it just makes SSLNetVConnections larger ...
>

Re: git commit: TS-1475: Coverity 1242015 Buffer not null terminated

Posted by James Peach <jp...@apache.org>.

On Sep 30, 2014, at 7:28 AM, zwoop@apache.org wrote:

> Repository: trafficserver
> Updated Branches:
>  refs/heads/master 98ea180cc -> f16c7615a
> 
> 
> TS-1475: Coverity 1242015 Buffer not null terminated
> 
> 
> Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
> Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/f16c7615
> Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/f16c7615
> Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/f16c7615
> 
> Branch: refs/heads/master
> Commit: f16c7615a4f9a824f011e759789331f04b945551
> Parents: 98ea180
> Author: Leif Hedstrom <zw...@apache.org>
> Authored: Tue Sep 30 08:28:50 2014 -0600
> Committer: Leif Hedstrom <zw...@apache.org>
> Committed: Tue Sep 30 08:28:50 2014 -0600
> 
> ----------------------------------------------------------------------
> iocore/net/SSLUtils.cc | 2 +-
> lib/ts/ink_string.cc   | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
> ----------------------------------------------------------------------
> 
> 
> http://git-wip-us.apache.org/repos/asf/trafficserver/blob/f16c7615/iocore/net/SSLUtils.cc
> ----------------------------------------------------------------------
> diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
> index a807e2b..c399be7 100644
> --- a/iocore/net/SSLUtils.cc
> +++ b/iocore/net/SSLUtils.cc
> @@ -197,7 +197,7 @@ ssl_servername_callback(SSL * ssl, int * ad, void * /*arg*/)
>     netvc->getSSLHandShakeComplete());
> 
>   if (servername != NULL) {
> -    strncpy(netvc->sniServername, servername, TS_MAX_HOST_NAME_LEN);
> +    ink_strlcpy(netvc->sniServername, servername, TS_MAX_HOST_NAME_LEN);
>   }

Can you remove SSLNetVConnection::sniServername? It's not used anywhere, so it just makes SSLNetVConnections larger ...

Re: git commit: TS-1475: Coverity 1242015 Buffer not null terminated

Posted by James Peach <jp...@apache.org>.

On Sep 30, 2014, at 7:28 AM, zwoop@apache.org wrote:

> Repository: trafficserver
> Updated Branches:
>  refs/heads/master 98ea180cc -> f16c7615a
> 
> 
> TS-1475: Coverity 1242015 Buffer not null terminated
> 
> 
> Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
> Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/f16c7615
> Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/f16c7615
> Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/f16c7615
> 
> Branch: refs/heads/master
> Commit: f16c7615a4f9a824f011e759789331f04b945551
> Parents: 98ea180
> Author: Leif Hedstrom <zw...@apache.org>
> Authored: Tue Sep 30 08:28:50 2014 -0600
> Committer: Leif Hedstrom <zw...@apache.org>
> Committed: Tue Sep 30 08:28:50 2014 -0600
> 
> ----------------------------------------------------------------------
> iocore/net/SSLUtils.cc | 2 +-
> lib/ts/ink_string.cc   | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
> ----------------------------------------------------------------------
> 
> 
> http://git-wip-us.apache.org/repos/asf/trafficserver/blob/f16c7615/iocore/net/SSLUtils.cc
> ----------------------------------------------------------------------
> diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc
> index a807e2b..c399be7 100644
> --- a/iocore/net/SSLUtils.cc
> +++ b/iocore/net/SSLUtils.cc
> @@ -197,7 +197,7 @@ ssl_servername_callback(SSL * ssl, int * ad, void * /*arg*/)
>     netvc->getSSLHandShakeComplete());
> 
>   if (servername != NULL) {
> -    strncpy(netvc->sniServername, servername, TS_MAX_HOST_NAME_LEN);
> +    ink_strlcpy(netvc->sniServername, servername, TS_MAX_HOST_NAME_LEN);
>   }

Can you remove SSLNetVConnection::sniServername? It's not used anywhere, so it just makes SSLNetVConnections larger ...