This is an automated email from the ASF dual-hosted git repository. sijie pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/pulsar.git
The following commit(s) were added to refs/heads/master by this push: new c518247 Fix memory issue in cpp ZTSClient (#2814) c518247 is described below commit c518247d873bfe07364359e5f63f5fd7f689c0e9 Author: hrsakai <hsa...@yahoo-corp.jp> AuthorDate: Sat Oct 27 14:09:27 2018 +0900 Fix memory issue in cpp ZTSClient (#2814) ### Modifications * Use `calloc` instead of `malloc` in order to add Termination character(`\0`). * Free memory allocated with `calloc` and `PEM_read_bio_RSAPrivateKey`. --- pulsar-client-cpp/lib/auth/athenz/ZTSClient.cc | 34 +++++++++++++++++++++----- 1 file changed, 28 insertions(+), 6 deletions(-) diff --git a/pulsar-client-cpp/lib/auth/athenz/ZTSClient.cc b/pulsar-client-cpp/lib/auth/athenz/ZTSClient.cc index 3097c30..9467124 100644 --- a/pulsar-client-cpp/lib/auth/athenz/ZTSClient.cc +++ b/pulsar-client-cpp/lib/auth/athenz/ZTSClient.cc @@ -141,8 +141,16 @@ std::string ZTSClient::ybase64Encode(const unsigned char *input, int length) { } char *ZTSClient::base64Decode(const char *input) { - BIO *bio, *b64; + if (input == NULL) { + return NULL; + } + size_t length = strlen(input); + if (length == 0) { + return NULL; + } + + BIO *bio, *b64; char *result = (char *)malloc(length); bio = BIO_new_mem_buf((void *)input, -1); @@ -150,16 +158,21 @@ char *ZTSClient::base64Decode(const char *input) { bio = BIO_push(b64, bio); BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL); - BIO_read(bio, result, length); + int decodeStrLen = BIO_read(bio, result, length); BIO_free_all(bio); + if (decodeStrLen > 0) { + result[decodeStrLen] = '\0'; + return result; + } + free(result); - return result; + return NULL; } const std::string ZTSClient::getPrincipalToken() const { // construct unsigned principal token std::string unsignedTokenString = "v=S1"; - char host[BUFSIZ]; + char host[BUFSIZ] = {}; long long t = (long long)time(NULL); gethostname(host, sizeof(host)); @@ -176,8 +189,8 @@ const std::string ZTSClient::getPrincipalToken() const { // signing const char *unsignedToken = unsignedTokenString.c_str(); - unsigned char signature[BUFSIZ]; - unsigned char hash[SHA256_DIGEST_LENGTH]; + unsigned char signature[BUFSIZ] = {}; + unsigned char hash[SHA256_DIGEST_LENGTH] = {}; unsigned int siglen; FILE *fp; RSA *privateKey; @@ -189,14 +202,21 @@ const std::string ZTSClient::getPrincipalToken() const { } char *decodeStr = base64Decode(privateKeyUri_.data.c_str()); + if (decodeStr == NULL) { + LOG_ERROR("Failed to decode privateKey"); + return ""; + } + BIO *bio = BIO_new_mem_buf((void *)decodeStr, -1); BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL); if (bio == NULL) { LOG_ERROR("Failed to create key BIO"); + free(decodeStr); return ""; } privateKey = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL); BIO_free(bio); + free(decodeStr); if (privateKey == NULL) { LOG_ERROR("Failed to load privateKey"); return ""; @@ -225,6 +245,8 @@ const std::string ZTSClient::getPrincipalToken() const { std::string principalToken = unsignedTokenString + ";s=" + ybase64Encode(signature, siglen); LOG_DEBUG("Created signed principal token: " << principalToken); + RSA_free(privateKey); + return principalToken; }