This is an automated email from the ASF dual-hosted git repository.
bcall pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 8ab65ab151 Coverity 1497446: Wrapper object use after free in
GzipInflateTransformation (#10877)
8ab65ab151 is described below
commit 8ab65ab1514b9dee0ec776d1bb72f5970941f2c7
Author: Bryan Call <[email protected]>
AuthorDate: Thu Nov 30 08:24:08 2023 -0800
Coverity 1497446: Wrapper object use after free in
GzipInflateTransformation (#10877)
Ignore false positive
---
src/tscpp/api/GzipInflateTransformation.cc | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/tscpp/api/GzipInflateTransformation.cc
b/src/tscpp/api/GzipInflateTransformation.cc
index 04c389205e..9b2077f80e 100644
--- a/src/tscpp/api/GzipInflateTransformation.cc
+++ b/src/tscpp/api/GzipInflateTransformation.cc
@@ -107,11 +107,13 @@ GzipInflateTransformation::consume(std::string_view data)
while (state_->z_stream_.avail_in > 0 && err != Z_STREAM_END) {
LOG_DEBUG("Iteration %d: Gzip has %d bytes to inflate", ++iteration,
state_->z_stream_.avail_in);
- // Setup where the decompressed output will go.
+ // Setup where the decompressed output will go
+ // next_out needs to be set to nullptr before we return since it points to
a local buffer
+ // coverity[WRAPPER_ESCAPE: FALSE]
state_->z_stream_.next_out = reinterpret_cast<unsigned char
*>(&buffer[0]);
state_->z_stream_.avail_out = inflate_block_size;
- /* Uncompress */
+ // Uncompress the data
err = inflate(&state_->z_stream_, Z_SYNC_FLUSH);
if (err != Z_OK && err != Z_STREAM_END) {
