jmestwa-coder opened a new pull request, #653: URL: https://github.com/apache/logging-log4cxx/pull/653
## Summary Bound multiprocess map-file filename reads to avoid constructing `LogString` from unterminated mmap-backed data. ## What changed - Added a bounded helper for reading mmap-backed filenames. - Replaced direct `LogString(const logchar*)` construction from raw mapped memory. - Reject invalid map contents that do not contain a string terminator within the mapped region. - Added validation before subtracting `suffixLength` from mapped filename length. - Added a regression test covering corrupt non-NUL-terminated `.map` contents. ## Why The previous code assumed mmap-backed shared-state strings were always NUL-terminated and constructed `LogString` directly from raw mapped memory. Corrupt or malformed `.map` contents could cause unbounded string scanning past the mapped payload. The new logic bounds the scan to the mapped filename region and safely ignores invalid shared-state contents. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
