bryancall commented on issue #12954: URL: https://github.com/apache/trafficserver/issues/12954#issuecomment-4828331220
Thank you for the careful report. This is fixed on master. [PR #12985](https://github.com/apache/trafficserver/pull/12985) ("Check valid parent selection hash string"), merged on 2026-03-25, adds the exact MAXDNAME bound you suggested. In `ProcessParents` the code now rejects an overlong hash suffix before the copy: ```c if (tmp3 && strlen(tmp3 + 1) > MAXDNAME) { errPtr = "Parent hash string is too long"; goto MERROR; } ``` That guard runs ahead of both the primary and secondary parent branches, so both `memcpy()` paths into the fixed `hash_string[MAXDNAME + 1]` buffer are now bounded, and the pull request also added a regression test covering the overlong and max-length cases. The fix is targeted at the 10.2.0 release milestone (not yet released). Closing as resolved. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
