emmenlau opened a new pull request #2234:
URL: https://github.com/apache/thrift/pull/2234
The code that sets a domain socket path in `TServerSocket.cpp` and
`TSocket.cpp` is currently slightly more complex than required (at least that
is my understanding). Also it seems to contain a potential out-of-bounds-access.
I simplified the code in the following way:
- Ensure that the `sockaddr_un struct` is fully set to zero before using it
- This removes the necessity to deal with zero-termination of the path.
It also removes the need for the `len` variable
- Do not use `path_.size() + 1` length when `memcpy` the path from `path_`
to the `sockaddr_un struct`
- This may be an out-of-bounds-access in the current code, depending on
whether `path_` actually contains an additional zero-terminating character
(which is unlikely)
- [ ] Did you create an [Apache
Jira](https://issues.apache.org/jira/projects/THRIFT/issues/) ticket? (not
required for trivial changes)
- [ ] If a ticket exists: Does your pull request title follow the pattern
"THRIFT-NNNN: describe my issue"?
- [x] Did you squash your changes to a single commit? (not required, but
preferred)
- [x] Did you do your best to avoid breaking changes? If one was needed,
did you label the Jira ticket with "Breaking-Change"?
- [x] If your change does not involve any code, include `[skip ci]` anywhere
in the commit message to free up build resources.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
