This is an automated email from the ASF dual-hosted git repository.
bcall pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 82a4e62742 Fix uninitialized fields in header_rewrite and
ja4_fingerprint plugins (#12977)
82a4e62742 is described below
commit 82a4e62742e2004ec8a6e5feb2e53e02b7b21d23
Author: Bryan Call <[email protected]>
AuthorDate: Wed Mar 18 12:12:15 2026 -0700
Fix uninitialized fields in header_rewrite and ja4_fingerprint plugins
(#12977)
Initialize fields flagged by Coverity:
- CID 1497355: OperatorSetHttpCntl::_cntl_qual
- CID 1644243: OperatorSetPluginCntl::_name
- CID 1587255: TLSClientHelloSummary::protocol
Also initialize OperatorSetPluginCntl::_value, add missing `TSError`
logging for unknown plugin control names, and clarify these defaults are
safety initializers overwritten during parsing/call setup.
---
plugins/experimental/ja4_fingerprint/ja4.h | 4 ++--
plugins/header_rewrite/operators.cc | 2 ++
plugins/header_rewrite/operators.h | 8 ++++----
3 files changed, 8 insertions(+), 6 deletions(-)
diff --git a/plugins/experimental/ja4_fingerprint/ja4.h
b/plugins/experimental/ja4_fingerprint/ja4.h
index 31b151dc0c..d277f27105 100644
--- a/plugins/experimental/ja4_fingerprint/ja4.h
+++ b/plugins/experimental/ja4_fingerprint/ja4.h
@@ -53,8 +53,8 @@ class TLSClientHelloSummary
public:
using difference_type =
std::iterator_traits<std::vector<std::uint16_t>::iterator>::difference_type;
- Protocol protocol;
- std::uint16_t TLS_version{0}; // 0 is not the default, this is only to not
have it un-initialized.
+ Protocol protocol{Protocol::TLS}; // always overwritten by caller
+ std::uint16_t TLS_version{0}; // 0 is not the default, this is only
to not have it un-initialized.
std::string ALPN;
std::vector<std::uint16_t> const &get_ciphers() const;
diff --git a/plugins/header_rewrite/operators.cc
b/plugins/header_rewrite/operators.cc
index 9a3238d3af..76c4f6197b 100644
--- a/plugins/header_rewrite/operators.cc
+++ b/plugins/header_rewrite/operators.cc
@@ -1232,6 +1232,8 @@ OperatorSetPluginCntl::initialize(Parser &p)
} else {
TSError("[%s] Unknown value for INBOUND_IP_SOURCE control: %s",
PLUGIN_NAME, value.c_str());
}
+ } else {
+ TSError("[%s] Unknown plugin control name: %s", PLUGIN_NAME, name.c_str());
}
}
diff --git a/plugins/header_rewrite/operators.h
b/plugins/header_rewrite/operators.h
index eee90c3581..2b48f813db 100644
--- a/plugins/header_rewrite/operators.h
+++ b/plugins/header_rewrite/operators.h
@@ -456,8 +456,8 @@ protected:
bool exec(const Resources &res) const override;
private:
- bool _flag = false;
- TSHttpCntlType _cntl_qual;
+ bool _flag{false};
+ TSHttpCntlType _cntl_qual{TS_HTTP_CNTL_LOGGING_MODE}; // always overwritten
by initialize()
};
class OperatorSetPluginCntl : public Operator
@@ -487,8 +487,8 @@ protected:
}
private:
- PluginCtrl _name;
- int _value;
+ PluginCtrl _name{PluginCtrl::TIMEZONE}; // always overwritten by initialize()
+ int _value{0};
};
class RemapPluginInst; // Opaque to the HRW operator, but needed in the
implementation.
