klaatu01 opened a new pull request, #458: URL: https://github.com/apache/pulsar-client-node/pull/458
Still seeing issues even after #412 During further investigation of the Token Auth supplier crash when the runtime is handling AuthChallenges, we found a potential off-by-one buffer overflow in the token allocation code. `strcpy` copies the terminating `\0`, but the buffer is allocated using `size()`, which does not include space for it, resulting in an off-by-one write. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
