[ https://issues.apache.org/jira/browse/TS-3305?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Changming Sun updated TS-3305: ------------------------------ Attachment: TS-3305.patch Patch attached. It also fixed some warnings of "comparison between signed and unsigned values". > minor bugs in ats lua plugin > ---------------------------- > > Key: TS-3305 > URL: https://issues.apache.org/jira/browse/TS-3305 > Project: Traffic Server > Issue Type: Bug > Components: Lua, Plugins > Reporter: Kit Chan > Assignee: Kit Chan > Fix For: sometime > > Attachments: TS-3305.patch > > > a minor bugs in ATS lua plugin, > In plugins/experimental/ts_lua/ts_lua.c line 89: > if (fn) { > sprintf(conf->script, "%s", argv[2]); > } else { > conf->content = argv[2]; > } > line: 358 > sprintf(conf->script, "%s", argv[1]); > "sprintf" is extremely dangerous and deprecated ,should be replaced with > "snprintf". > And it would be better ( less confused ) if a '\0' is always added to the > buffer after strncpy: > e.g: > if (argc < 3) { > strncpy(errbuf, "[TSRemapNewInstance] - lua script file or string is > required !!", errbuf_size - 1); > return TS_ERROR; > } > Should be: > if (argc < 3) { > strncpy(errbuf, "[TSRemapNewInstance] - lua script file or string is > required !!", errbuf_size - 1); > errbuf[errbuf_size - 1] = '\0'; > return TS_ERROR; > } > Because strncpy doesn't guarantee null-termination. Now it works just because > errbuf is large enough(2048 bytes) -- This message was sent by Atlassian JIRA (v6.3.4#6332)