You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by so...@apache.org on 2017/02/09 17:42:41 UTC
[trafficserver] branch 6.2.x updated (f7d94fc -> 465b518)
This is an automated email from the ASF dual-hosted git repository.
sorber pushed a change to branch 6.2.x
in repository https://git-dual.apache.org/repos/asf/trafficserver.git.
from f7d94fc Revert "Fix Assertion failure in the regex_revalidate plugin."
new 99c62ee TS-4367: Failed clang-analyzer, memory leak in mgmt/api
new 63f8434 TS-4366 Uninitialized stack value used in mp4 plugin
new c858c3a TS-4479: Clang-analyzer failure, Potential memory leak
new 1b1e2da Remove dead store.
new 465b518 TS-4729: Fix dead assignment.
The 5 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Summary of changes:
mgmt/api/GenericParser.cc | 9 ++++
plugins/experimental/mp4/mp4_meta.cc | 75 ++++++++++++++++---------------
plugins/experimental/ts_lua/ts_lua_misc.c | 2 -
proxy/http2/Http2Stream.cc | 25 ++++++-----
proxy/http2/Http2Stream.h | 7 +--
proxy/logging/LogCollationAccept.cc | 5 +--
6 files changed, 67 insertions(+), 56 deletions(-)
--
To stop receiving notification emails like this one, please contact
['"commits@trafficserver.apache.org" <co...@trafficserver.apache.org>'].
[trafficserver] 01/05: TS-4367: Failed clang-analyzer,
memory leak in mgmt/api
Posted by so...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
sorber pushed a commit to branch 6.2.x
in repository https://git-dual.apache.org/repos/asf/trafficserver.git
commit 99c62ee4b4dbaa5921d83b47a27fc53090dfeb34
Author: Bryan Call <bc...@apache.org>
AuthorDate: Wed May 25 10:43:46 2016 -0700
TS-4367: Failed clang-analyzer, memory leak in mgmt/api
(cherry picked from commit 1cff52240584e5e6dccee63a02ab70ce61a961a2)
---
mgmt/api/GenericParser.cc | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/mgmt/api/GenericParser.cc b/mgmt/api/GenericParser.cc
index 0eb5121..eb36872 100644
--- a/mgmt/api/GenericParser.cc
+++ b/mgmt/api/GenericParser.cc
@@ -354,12 +354,15 @@ Rule::cacheParse(char *rule, unsigned short minNumToken, unsigned short maxNumTo
if (insideQuote) {
// printf("enqueue\n");
m_tokenList->enqueue(token);
+ token = NULL; // transfered ownership of token to the token list
insideQuote = false;
} else {
insideQuote = true;
}
}
}
+
+ delete token;
return m_tokenList;
}
@@ -633,6 +636,7 @@ Rule::socksParse(char *rule)
// printf("!insideQuote: %s\n", subtoken);
token->setValue(newStr);
m_tokenList->enqueue(token);
+ token = NULL; // transfered ownership of token to the token list
} else {
// printf("insideQuote: %s\n", subtoken);
// printf("%s 1\n", subtoken);
@@ -649,6 +653,7 @@ Rule::socksParse(char *rule)
if (insideQuote) {
// printf("enqueue\n");
m_tokenList->enqueue(token);
+ token = NULL; // transfered ownership of token to the token list
insideQuote = false;
} else {
insideQuote = true;
@@ -657,6 +662,7 @@ Rule::socksParse(char *rule)
} /* end for loop */
}
+ delete token;
return m_tokenList;
}
@@ -719,6 +725,7 @@ Rule::splitdnsParse(char *rule)
if (!insideQuote) {
token->setValue(newStr);
m_tokenList->enqueue(token);
+ token = NULL; // transfered ownership of token to the token list
} else {
// printf("%s 1\n", subtoken);
token->appendValue(newStr);
@@ -734,6 +741,7 @@ Rule::splitdnsParse(char *rule)
if (insideQuote) {
// printf("enqueue\n");
m_tokenList->enqueue(token);
+ token = NULL; // transfered ownership of token to the token list
insideQuote = false;
} else {
insideQuote = true;
@@ -741,6 +749,7 @@ Rule::splitdnsParse(char *rule)
}
}
+ delete token;
return m_tokenList;
// return cacheParse(rule, 2);
}
--
To stop receiving notification emails like this one, please contact
"commits@trafficserver.apache.org" <co...@trafficserver.apache.org>.
[trafficserver] 03/05: TS-4479: Clang-analyzer failure,
Potential memory leak
Posted by so...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
sorber pushed a commit to branch 6.2.x
in repository https://git-dual.apache.org/repos/asf/trafficserver.git
commit c858c3a764ae065866382e0da148b51fa2c09f3c
Author: Bryan Call <bc...@apache.org>
AuthorDate: Thu May 26 10:15:51 2016 -0700
TS-4479: Clang-analyzer failure, Potential memory leak
(cherry picked from commit 87d1fc5d17d82ebb8f06f4138ca82b6e3b57179c)
---
proxy/logging/LogCollationAccept.cc | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/proxy/logging/LogCollationAccept.cc b/proxy/logging/LogCollationAccept.cc
index 6f66d3a..92b9924 100644
--- a/proxy/logging/LogCollationAccept.cc
+++ b/proxy/logging/LogCollationAccept.cc
@@ -91,12 +91,9 @@ LogCollationAccept::~LogCollationAccept()
int
LogCollationAccept::accept_event(int event, NetVConnection *net_vc)
{
- LogCollationHostSM *sm;
-
switch (event) {
case NET_EVENT_ACCEPT:
- sm = new LogCollationHostSM(net_vc);
- ink_assert(NULL != sm);
+ new LogCollationHostSM(net_vc);
break;
default:
--
To stop receiving notification emails like this one, please contact
"commits@trafficserver.apache.org" <co...@trafficserver.apache.org>.
[trafficserver] 04/05: Remove dead store.
Posted by so...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
sorber pushed a commit to branch 6.2.x
in repository https://git-dual.apache.org/repos/asf/trafficserver.git
commit 1b1e2da5249d0d3e1e4a1ff3beefb6962889773b
Author: James Peach <jp...@apache.org>
AuthorDate: Mon Jun 20 17:21:17 2016 -0700
Remove dead store.
(cherry picked from commit 67efb389b890919237248ed437c7af1d01559bf1)
---
plugins/experimental/ts_lua/ts_lua_misc.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/plugins/experimental/ts_lua/ts_lua_misc.c b/plugins/experimental/ts_lua/ts_lua_misc.c
index e9e5ca8..b3481dc 100644
--- a/plugins/experimental/ts_lua/ts_lua_misc.c
+++ b/plugins/experimental/ts_lua/ts_lua_misc.c
@@ -171,8 +171,6 @@ ts_lua_schedule_handler(TSCont contp, TSEvent ev, void *edata)
main_ctx = crt->mctx;
L = crt->lua;
- ret = 0;
-
TSMutexLock(main_ctx->mutexp);
ts_lua_set_cont_info(L, ci);
--
To stop receiving notification emails like this one, please contact
"commits@trafficserver.apache.org" <co...@trafficserver.apache.org>.
[trafficserver] 02/05: TS-4366 Uninitialized stack value used in
mp4 plugin
Posted by so...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
sorber pushed a commit to branch 6.2.x
in repository https://git-dual.apache.org/repos/asf/trafficserver.git
commit 63f84343fbbb9ae09c3a00438b2821564993728d
Author: Gancho Tenev <gt...@gmail.com>
AuthorDate: Tue Apr 26 12:30:24 2016 -0700
TS-4366 Uninitialized stack value used in mp4 plugin
It is possible that there are cases where IOBufferReaderCopy() does not modify
the input buffer (copy 0 bytes) which leaves the buffer uninitialized which is
undesirable since the buffers are always allocated on the stack.
Addressed it in one of 2 ways:
(1) memset(buffer, 0, sizeof(buffer)) or
(2) check IOBufferReaderCopy() return value and handle accordingly.
These changes are meant to only address using uninitialized values allocated on
the stack, avoiding bigger changes since regression tests are not available to
properly verify functionality.
This closes #656
(cherry picked from commit 77bd40ba19f29b11873c1709485b64840d137dde)
Conflicts:
plugins/experimental/mp4/mp4_meta.cc
---
plugins/experimental/mp4/mp4_meta.cc | 75 +++++++++++++++++++-----------------
1 file changed, 39 insertions(+), 36 deletions(-)
diff --git a/plugins/experimental/mp4/mp4_meta.cc b/plugins/experimental/mp4/mp4_meta.cc
index 863bc75..6f0dd4f 100644
--- a/plugins/experimental/mp4/mp4_meta.cc
+++ b/plugins/experimental/mp4/mp4_meta.cc
@@ -221,7 +221,7 @@ int
Mp4Meta::parse_root_atoms()
{
int i, ret, rc;
- int64_t atom_size, atom_header_size;
+ int64_t atom_size, atom_header_size, copied_size;
char buf[64];
char *atom_header, *atom_name;
@@ -231,8 +231,8 @@ Mp4Meta::parse_root_atoms()
if (meta_avail < (int64_t)sizeof(uint32_t))
return 0;
- IOBufferReaderCopy(meta_reader, buf, sizeof(mp4_atom_header64));
- atom_size = mp4_get_32value(buf);
+ copied_size = IOBufferReaderCopy(meta_reader, buf, sizeof(mp4_atom_header64));
+ atom_size = copied_size > 0 ? mp4_get_32value(buf) : 0;
if (atom_size == 0) {
return 1;
@@ -319,7 +319,7 @@ int
Mp4Meta::mp4_read_atom(mp4_atom_handler *atom, int64_t size)
{
int i, ret, rc;
- int64_t atom_size, atom_header_size;
+ int64_t atom_size, atom_header_size, copied_size;
char buf[32];
char *atom_header, *atom_name;
@@ -330,8 +330,8 @@ Mp4Meta::mp4_read_atom(mp4_atom_handler *atom, int64_t size)
if (meta_avail < (int64_t)sizeof(uint32_t)) // data insufficient, not reasonable for internal atom box.
return -1;
- IOBufferReaderCopy(meta_reader, buf, sizeof(mp4_atom_header64));
- atom_size = mp4_get_32value(buf);
+ copied_size = IOBufferReaderCopy(meta_reader, buf, sizeof(mp4_atom_header64));
+ atom_size = copied_size > 0 ? mp4_get_32value(buf) : 0;
if (atom_size == 0) {
return 1;
@@ -461,6 +461,7 @@ Mp4Meta::mp4_read_mvhd_atom(int64_t atom_header_size, int64_t atom_data_size)
if (sizeof(mp4_mvhd_atom) - 8 > (size_t)atom_data_size)
return -1;
+ memset(&mvhd64, 0, sizeof(mvhd64));
IOBufferReaderCopy(meta_reader, &mvhd64, sizeof(mp4_mvhd64_atom));
mvhd = (mp4_mvhd_atom *)&mvhd64;
@@ -559,6 +560,7 @@ Mp4Meta::mp4_read_mdhd_atom(int64_t atom_header_size, int64_t atom_data_size)
mp4_mdhd_atom *mdhd;
mp4_mdhd64_atom mdhd64;
+ memset(&mdhd64, 0, sizeof(mdhd64));
IOBufferReaderCopy(meta_reader, &mdhd64, sizeof(mp4_mdhd64_atom));
mdhd = (mp4_mdhd_atom *)&mdhd64;
@@ -726,17 +728,16 @@ int
Mp4Meta::mp4_read_stts_atom(int64_t atom_header_size, int64_t atom_data_size)
{
int32_t entries;
- int64_t esize;
+ int64_t esize, copied_size;
mp4_stts_atom stts;
Mp4Trak *trak;
if (sizeof(mp4_stts_atom) - 8 > (size_t)atom_data_size)
return -1;
- IOBufferReaderCopy(meta_reader, &stts, sizeof(mp4_stts_atom));
-
- entries = mp4_get_32value(stts.entries);
- esize = entries * sizeof(mp4_stts_entry);
+ copied_size = IOBufferReaderCopy(meta_reader, &stts, sizeof(mp4_stts_atom));
+ entries = copied_size > 0 ? mp4_get_32value(stts.entries) : 0;
+ esize = entries * sizeof(mp4_stts_entry);
if (sizeof(mp4_stts_atom) - 8 + esize > (size_t)atom_data_size)
return -1;
@@ -761,16 +762,16 @@ int
Mp4Meta::mp4_read_stss_atom(int64_t atom_header_size, int64_t atom_data_size)
{
int32_t entries;
- int64_t esize;
+ int64_t esize, copied_size;
mp4_stss_atom stss;
Mp4Trak *trak;
if (sizeof(mp4_stss_atom) - 8 > (size_t)atom_data_size)
return -1;
- IOBufferReaderCopy(meta_reader, &stss, sizeof(mp4_stss_atom));
- entries = mp4_get_32value(stss.entries);
- esize = entries * sizeof(int32_t);
+ copied_size = IOBufferReaderCopy(meta_reader, &stss, sizeof(mp4_stss_atom));
+ entries = copied_size > 0 ? mp4_get_32value(stss.entries) : 0;
+ esize = entries * sizeof(int32_t);
if (sizeof(mp4_stss_atom) - 8 + esize > (size_t)atom_data_size)
return -1;
@@ -795,16 +796,16 @@ int
Mp4Meta::mp4_read_ctts_atom(int64_t atom_header_size, int64_t atom_data_size)
{
int32_t entries;
- int64_t esize;
+ int64_t esize, copied_size;
mp4_ctts_atom ctts;
Mp4Trak *trak;
if (sizeof(mp4_ctts_atom) - 8 > (size_t)atom_data_size)
return -1;
- IOBufferReaderCopy(meta_reader, &ctts, sizeof(mp4_ctts_atom));
- entries = mp4_get_32value(ctts.entries);
- esize = entries * sizeof(mp4_ctts_entry);
+ copied_size = IOBufferReaderCopy(meta_reader, &ctts, sizeof(mp4_ctts_atom));
+ entries = copied_size > 0 ? mp4_get_32value(ctts.entries) : 0;
+ esize = entries * sizeof(mp4_ctts_entry);
if (sizeof(mp4_ctts_atom) - 8 + esize > (size_t)atom_data_size)
return -1;
@@ -829,16 +830,16 @@ int
Mp4Meta::mp4_read_stsc_atom(int64_t atom_header_size, int64_t atom_data_size)
{
int32_t entries;
- int64_t esize;
+ int64_t esize, copied_size;
mp4_stsc_atom stsc;
Mp4Trak *trak;
if (sizeof(mp4_stsc_atom) - 8 > (size_t)atom_data_size)
return -1;
- IOBufferReaderCopy(meta_reader, &stsc, sizeof(mp4_stsc_atom));
- entries = mp4_get_32value(stsc.entries);
- esize = entries * sizeof(mp4_stsc_entry);
+ copied_size = IOBufferReaderCopy(meta_reader, &stsc, sizeof(mp4_stsc_atom));
+ entries = copied_size > 0 ? mp4_get_32value(stsc.entries) : 0;
+ esize = entries * sizeof(mp4_stsc_entry);
if (sizeof(mp4_stsc_atom) - 8 + esize > (size_t)atom_data_size)
return -1;
@@ -863,19 +864,19 @@ int
Mp4Meta::mp4_read_stsz_atom(int64_t atom_header_size, int64_t atom_data_size)
{
int32_t entries, size;
- int64_t esize, atom_size;
+ int64_t esize, atom_size, copied_size;
mp4_stsz_atom stsz;
Mp4Trak *trak;
if (sizeof(mp4_stsz_atom) - 8 > (size_t)atom_data_size)
return -1;
- IOBufferReaderCopy(meta_reader, &stsz, sizeof(mp4_stsz_atom));
- entries = mp4_get_32value(stsz.entries);
- esize = entries * sizeof(int32_t);
+ copied_size = IOBufferReaderCopy(meta_reader, &stsz, sizeof(mp4_stsz_atom));
+ entries = copied_size > 0 ? mp4_get_32value(stsz.entries) : 0;
+ esize = entries * sizeof(int32_t);
trak = trak_vec[trak_num - 1];
- size = mp4_get_32value(stsz.uniform_size);
+ size = copied_size > 0 ? mp4_get_32value(stsz.uniform_size) : 0;
trak->sample_sizes_entries = entries;
@@ -906,16 +907,16 @@ int
Mp4Meta::mp4_read_stco_atom(int64_t atom_header_size, int64_t atom_data_size)
{
int32_t entries;
- int64_t esize;
+ int64_t esize, copied_size;
mp4_stco_atom stco;
Mp4Trak *trak;
if (sizeof(mp4_stco_atom) - 8 > (size_t)atom_data_size)
return -1;
- IOBufferReaderCopy(meta_reader, &stco, sizeof(mp4_stco_atom));
- entries = mp4_get_32value(stco.entries);
- esize = entries * sizeof(int32_t);
+ copied_size = IOBufferReaderCopy(meta_reader, &stco, sizeof(mp4_stco_atom));
+ entries = copied_size > 0 ? mp4_get_32value(stco.entries) : 0;
+ esize = entries * sizeof(int32_t);
if (sizeof(mp4_stco_atom) - 8 + esize > (size_t)atom_data_size)
return -1;
@@ -940,16 +941,16 @@ int
Mp4Meta::mp4_read_co64_atom(int64_t atom_header_size, int64_t atom_data_size)
{
int32_t entries;
- int64_t esize;
+ int64_t esize, copied_size;
mp4_co64_atom co64;
Mp4Trak *trak;
if (sizeof(mp4_co64_atom) - 8 > (size_t)atom_data_size)
return -1;
- IOBufferReaderCopy(meta_reader, &co64, sizeof(mp4_co64_atom));
- entries = mp4_get_32value(co64.entries);
- esize = entries * sizeof(int64_t);
+ copied_size = IOBufferReaderCopy(meta_reader, &co64, sizeof(mp4_co64_atom));
+ entries = copied_size > 0 ? mp4_get_32value(co64.entries) : 0;
+ esize = entries * sizeof(int64_t);
if (sizeof(mp4_co64_atom) - 8 + esize > (size_t)atom_data_size)
return -1;
@@ -1554,6 +1555,7 @@ Mp4Meta::mp4_update_mvhd_duration()
if (need > (int64_t)sizeof(mp4_mvhd64_atom))
need = sizeof(mp4_mvhd64_atom);
+ memset(&mvhd64, 0, sizeof(mvhd64));
IOBufferReaderCopy(mvhd_atom.reader, &mvhd64, need);
mvhd = (mp4_mvhd_atom *)&mvhd64;
@@ -1589,6 +1591,7 @@ Mp4Meta::mp4_update_tkhd_duration(Mp4Trak *trak)
if (need > (int64_t)sizeof(mp4_tkhd64_atom))
need = sizeof(mp4_tkhd64_atom);
+ memset(&tkhd64_atom, 0, sizeof(tkhd64_atom));
IOBufferReaderCopy(trak->atoms[MP4_TKHD_ATOM].reader, &tkhd64_atom, need);
tkhd_atom = (mp4_tkhd_atom *)&tkhd64_atom;
--
To stop receiving notification emails like this one, please contact
"commits@trafficserver.apache.org" <co...@trafficserver.apache.org>.
[trafficserver] 05/05: TS-4729: Fix dead assignment.
Posted by so...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
sorber pushed a commit to branch 6.2.x
in repository https://git-dual.apache.org/repos/asf/trafficserver.git
commit 465b518c0d7ab3e27c62cbde027e36fc5f87b796
Author: shinrich <sh...@ieee.org>
AuthorDate: Wed Aug 10 15:00:43 2016 -0500
TS-4729: Fix dead assignment.
(cherry picked from commit 29bc28a713463eb815524a91e03be95fe3aeedb1)
Conflicts:
proxy/http2/Http2Stream.cc
proxy/http2/Http2Stream.h
---
proxy/http2/Http2Stream.cc | 25 ++++++++++++++-----------
proxy/http2/Http2Stream.h | 7 ++++---
2 files changed, 18 insertions(+), 14 deletions(-)
diff --git a/proxy/http2/Http2Stream.cc b/proxy/http2/Http2Stream.cc
index 231a743..5794bef 100644
--- a/proxy/http2/Http2Stream.cc
+++ b/proxy/http2/Http2Stream.cc
@@ -491,7 +491,9 @@ Http2Stream::update_write_request(IOBufferReader *buf_reader, int64_t write_len,
total_added += bytes_added;
}
}
- bool is_done = (this->response_process_data());
+
+ bool is_done = false;
+ this->response_process_data(is_done);
if (total_added > 0 || is_done) {
write_vio.ndone += total_added;
int send_event = (write_vio.nbytes == write_vio.ndone || is_done) ? VC_EVENT_WRITE_COMPLETE : VC_EVENT_WRITE_READY;
@@ -510,7 +512,10 @@ Http2Stream::update_write_request(IOBufferReader *buf_reader, int64_t write_len,
parent->connection_state.send_headers_frame(this);
// See if the response is chunked. Set up the dechunking logic if it is
- is_done = this->response_initialize_data_handling();
+ this->response_initialize_data_handling(is_done);
+ if (is_done) {
+ send_event = VC_EVENT_WRITE_COMPLETE;
+ }
// If there is additional data, send it along in a data frame. Or if this was header only
// make sure to send the end of stream
@@ -649,10 +654,10 @@ check_continuation(Continuation *cont)
return stream == NULL;
}
-bool
-Http2Stream::response_initialize_data_handling()
+void
+Http2Stream::response_initialize_data_handling(bool &is_done)
{
- bool is_done = false;
+ is_done = false;
const char *name = "transfer-encoding";
const char *value = "chunked";
int chunked_index = response_header.value_get_index(name, strlen(name), value, strlen(value));
@@ -667,16 +672,15 @@ Http2Stream::response_initialize_data_handling()
this->response_reader = NULL;
// Get things going if there is already data waiting
if (this->chunked_handler.chunked_reader->is_read_avail_more_than(0)) {
- is_done = response_process_data();
+ response_process_data(is_done);
}
}
- return is_done;
}
-bool
-Http2Stream::response_process_data()
+void
+Http2Stream::response_process_data(bool &done)
{
- bool done = false;
+ done = false;
if (chunked) {
do {
if (chunked_handler.state == ChunkedHandler::CHUNK_FLOW_CONTROL) {
@@ -685,7 +689,6 @@ Http2Stream::response_process_data()
done = this->chunked_handler.process_chunked_content();
} while (chunked_handler.state == ChunkedHandler::CHUNK_FLOW_CONTROL);
}
- return done;
}
bool
diff --git a/proxy/http2/Http2Stream.h b/proxy/http2/Http2Stream.h
index 0f19564..2f9ecd0 100644
--- a/proxy/http2/Http2Stream.h
+++ b/proxy/http2/Http2Stream.h
@@ -201,9 +201,7 @@ public:
{
return chunked;
}
- bool response_initialize_data_handling();
- bool response_process_data();
- bool response_is_data_available() const;
+
void release(IOBufferReader *r);
virtual bool
@@ -227,6 +225,9 @@ public:
void clear_io_events();
private:
+ void response_initialize_data_handling(bool &is_done);
+ void response_process_data(bool &is_done);
+ bool response_is_data_available() const;
Event *send_tracked_event(Event *event, int send_event, VIO *vio);
HTTPParser http_parser;
ink_hrtime _start_time;
--
To stop receiving notification emails like this one, please contact
"commits@trafficserver.apache.org" <co...@trafficserver.apache.org>.