You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by zw...@apache.org on 2020/06/29 22:48:15 UTC
[trafficserver] branch 9.0.x updated: Prevent buffer overflow
during log filter actions (#6950)
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/9.0.x by this push:
new f8ef654 Prevent buffer overflow during log filter actions (#6950)
f8ef654 is described below
commit f8ef654c8c731f7e08585e553353d405f0d19b92
Author: Sudheer Vinukonda <su...@apache.org>
AuthorDate: Fri Jun 26 18:17:16 2020 -0700
Prevent buffer overflow during log filter actions (#6950)
Buffer overflow resulting in corrupting global variables when the
unmapped URL is pointing to the global INVALID_STR.
(cherry picked from commit ad494167444ac53c24d8e49704efbefc3caf8250)
---
proxy/logging/LogAccess.cc | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/proxy/logging/LogAccess.cc b/proxy/logging/LogAccess.cc
index 6d8d9e1..5a0680d 100644
--- a/proxy/logging/LogAccess.cc
+++ b/proxy/logging/LogAccess.cc
@@ -1144,7 +1144,7 @@ void
LogAccess::set_client_req_url(char *buf, int len)
{
if (buf) {
- m_client_req_url_len = len;
+ m_client_req_url_len = std::min(len, m_client_req_url_len);
ink_strlcpy(m_client_req_url_str, buf, m_client_req_url_len + 1);
}
}
@@ -1153,7 +1153,7 @@ void
LogAccess::set_client_req_url_canon(char *buf, int len)
{
if (buf) {
- m_client_req_url_canon_len = len;
+ m_client_req_url_canon_len = std::min(len, m_client_req_url_canon_len);
ink_strlcpy(m_client_req_url_canon_str, buf, m_client_req_url_canon_len + 1);
}
}
@@ -1162,7 +1162,7 @@ void
LogAccess::set_client_req_unmapped_url_canon(char *buf, int len)
{
if (buf && m_client_req_unmapped_url_canon_str) {
- m_client_req_unmapped_url_canon_len = len;
+ m_client_req_unmapped_url_canon_len = std::min(len, m_client_req_unmapped_url_canon_len);
ink_strlcpy(m_client_req_unmapped_url_canon_str, buf, m_client_req_unmapped_url_canon_len + 1);
}
}
@@ -1171,7 +1171,7 @@ void
LogAccess::set_client_req_unmapped_url_path(char *buf, int len)
{
if (buf && m_client_req_unmapped_url_path_str) {
- m_client_req_unmapped_url_path_len = len;
+ m_client_req_unmapped_url_path_len = std::min(len, m_client_req_unmapped_url_path_len);
ink_strlcpy(m_client_req_unmapped_url_path_str, buf, m_client_req_unmapped_url_path_len + 1);
}
}
@@ -1180,7 +1180,7 @@ void
LogAccess::set_client_req_unmapped_url_host(char *buf, int len)
{
if (buf && m_client_req_unmapped_url_host_str) {
- m_client_req_unmapped_url_host_len = len;
+ m_client_req_unmapped_url_host_len = std::min(len, m_client_req_unmapped_url_host_len);
ink_strlcpy(m_client_req_unmapped_url_host_str, buf, m_client_req_unmapped_url_host_len + 1);
}
}
@@ -1190,7 +1190,7 @@ LogAccess::set_client_req_url_path(char *buf, int len)
{
//?? use m_client_req_unmapped_url_path_str for now..may need to enhance later..
if (buf && m_client_req_unmapped_url_path_str) {
- m_client_req_url_path_len = len;
+ m_client_req_url_path_len = std::min(len, m_client_req_url_path_len);
ink_strlcpy(m_client_req_unmapped_url_path_str, buf, m_client_req_url_path_len + 1);
}
}