This is an automated email from the ASF dual-hosted git repository. cmcfarlen pushed a commit to branch 10.1.x in repository https://gitbox.apache.org/repos/asf/trafficserver.git
commit 7cd85df5fe9b4ad762e115bd78327ae6b4e18e91 Author: Brian Neradt <[email protected]> AuthorDate: Mon Dec 8 16:01:34 2025 -0600 stats_over_http: fix incorrect use of C string functions (#12722) The strstr() calls were being passed strings returned from TSMimeHdrFieldValueStringGet, which returns a non-null-terminated string. This could lead to reading uninitialized memory. Fix this by using std::string_view with its find() method to search within the non-null-terminated string without requiring a copy. This takes over the work started by @vuori in #12634. (cherry picked from commit 90e2d1dd66fb5da34d927c52e0b77b30feb47764) --- plugins/stats_over_http/stats_over_http.cc | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/plugins/stats_over_http/stats_over_http.cc b/plugins/stats_over_http/stats_over_http.cc index 118f42a0ce..7df6c845de 100644 --- a/plugins/stats_over_http/stats_over_http.cc +++ b/plugins/stats_over_http/stats_over_http.cc @@ -792,17 +792,19 @@ stats_origin(TSCont contp, TSEvent /* event ATS_UNUSED */, void *edata) accept_encoding_field = TSMimeHdrFieldFind(reqp, hdr_loc, TS_MIME_FIELD_ACCEPT_ENCODING, TS_MIME_LEN_ACCEPT_ENCODING); my_state->encoding = encoding_format_t::NONE; if (accept_encoding_field != TS_NULL_MLOC) { - int len = -1; - const char *str = TSMimeHdrFieldValueStringGet(reqp, hdr_loc, accept_encoding_field, -1, &len); - if (len >= TS_HTTP_LEN_DEFLATE && strstr(str, TS_HTTP_VALUE_DEFLATE) != nullptr) { + int len = -1; + const char *str = TSMimeHdrFieldValueStringGet(reqp, hdr_loc, accept_encoding_field, -1, &len); + std::string_view accept_encoding = + (str != nullptr && len > 0) ? std::string_view{str, static_cast<size_t>(len)} : std::string_view{}; + if (len >= TS_HTTP_LEN_DEFLATE && accept_encoding.find(TS_HTTP_VALUE_DEFLATE) != std::string_view::npos) { Dbg(dbg_ctl, "Saw deflate in accept encoding"); my_state->encoding = init_gzip(my_state, DEFLATE_MODE); - } else if (len >= TS_HTTP_LEN_GZIP && strstr(str, TS_HTTP_VALUE_GZIP) != nullptr) { + } else if (len >= TS_HTTP_LEN_GZIP && accept_encoding.find(TS_HTTP_VALUE_GZIP) != std::string_view::npos) { Dbg(dbg_ctl, "Saw gzip in accept encoding"); my_state->encoding = init_gzip(my_state, GZIP_MODE); } #if HAVE_BROTLI_ENCODE_H - else if (len >= TS_HTTP_LEN_BROTLI && strstr(str, TS_HTTP_VALUE_BROTLI) != nullptr) { + else if (len >= TS_HTTP_LEN_BROTLI && accept_encoding.find(TS_HTTP_VALUE_BROTLI) != std::string_view::npos) { Dbg(dbg_ctl, "Saw br in accept encoding"); my_state->encoding = init_br(my_state); }
