Skip to content

Fix a couple of Coverity issues in health check plugin, around filenames #10371

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
zwoop merged 2 commits into from
Sep 5, 2023
Merged

Fix a couple of Coverity issues in health check plugin, around filenames #10371

zwoop merged 2 commits into from
Sep 5, 2023

Conversation

@zwoop
Copy link
Contributor

@zwoop zwoop commented Sep 4, 2023
edited
Loading

This fixes #10349
This fixes #10350

@zwoop zwoop added Coverity healthchecks healthchecks plugin labels Sep 4, 2023
@zwoop zwoop added this to the 10.0.0 milestone Sep 4, 2023
@zwoop zwoop requested a review from maskit September 4, 2023 23:57
@zwoop zwoop self-assigned this Sep 4, 2023
@zwoop zwoop changed the title Add a length check to healthcheck basename Fix a couple of Coverity issues in health check plugin, around filenames Sep 5, 2023
@zwoop zwoop force-pushed the CID1518588 branch 4 times, most recently from cf4600d to f7052a0 Compare September 5, 2023 20:22
@maskit maskit linked an issue Sep 5, 2023 that may be closed by this pull request
CID 1518574: Untrusted loop bound #10357
Closed
@maskit maskit removed a link to an issue Sep 5, 2023
CID 1518574: Untrusted loop bound #10357
Closed
@maskit
Copy link
Member

maskit commented Sep 5, 2023 

/home/jenkins/workspace/Github_Builds/cmake/src/plugins/healthchecks/healthchecks.cc
In function 'HCDirEntry* setup_watchers(int)',
    inlined from 'void* hc_thread(void*)' at ../plugins/healthchecks/healthchecks.cc:177:17:
../plugins/healthchecks/healthchecks.cc:140:12: error: 'char* strncpy(char*, const char*, size_t)' output may be truncated copying 4095 bytes from a string of length 4095 [-Werror=stringop-truncation]
  140 |     strncpy(fname, conf->fname, MAX_PATH_LEN - 1);
      |     ~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../plugins/healthchecks/healthchecks.cc:140:12: error: 'char* strncpy(char*, const char*, size_t)' output may be truncated copying 4095 bytes from a string of length 4095 [-Werror=stringop-truncation]
cc1plus: all warnings being treated as errors

@zwoop zwoop merged commit adac616 into apache:master Sep 5, 2023
@zwoop zwoop deleted the CID1518588 branch September 5, 2023 23:35
cmcfarlen pushed a commit to cmcfarlen/trafficserver that referenced this pull request Jun 3, 2024
@zwoop
Merge remote-tracking branch 'asf/master'
cdd35f9 
* asf/master: (22 commits)
  fix: check whether a protocol is enabled during the length calculation in create_npn_advertisement (apache#10381)
  Coverity 1518612: Remove dead code (apache#10384)
  prefetch_cmcd: make autests more robust by removing need for gold file wildcard (apache#10382)
  Give a chance to send a response before receiving next request on H2 (apache#9997)
  CID 1516688: Fix uninitialized member of AcceptOptions (apache#10152)
  Fix slice head request memory issue (apache#10285)
  Fixes the TSMgmt metrics APIs for new API metrics (apache#10379)
  Minor parent.config a/an change (apache#10372)
  Allow DbgCtl tag to be set after instance construction. (apache#10375)
  Fix more build dep issues, for later PRs to work (apache#10376)
  money_trace cid 1518569: string not null terminated (apache#10373)
  Fix a couple of Coverity issues in health check plugin, around filenames (apache#10371)
  Fixes some build issues that happens with  other changes (apache#10374)
  Eliminate unreachable code covered by switch default (apache#10370)
  Add tests for disk failure (apache#10192)
  Disable copying/moving for DbgCtl. (apache#10321)
  Cmake autest (apache#10327)
  cmake: add unit tests from mgmt/rpc (apache#10366)
  Adjust CMakeLists with git worktree (apache#10298)
  Fix example plugins build (apache#10326)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@maskit maskit maskit approved these changes

Assignees

@zwoop zwoop

Labels

Coverity healthchecks healthchecks plugin

Projects

None yet

Milestone

10.0.0

Development

Successfully merging this pull request may close these issues.

CID 1518587: Buffer not null terminated CID 1518588: Out-of-bounds read

2 participants

@zwoop @maskit