[
https://issues.apache.org/jira/browse/GEODE-6495?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jonas Jensen resolved GEODE-6495.
---------------------------------
Resolution: Fixed
I just saw this has already been fixed on the "develop" branch of geode-native.
> Buffer size too small for nonblock error message
> ------------------------------------------------
>
> Key: GEODE-6495
> URL: https://issues.apache.org/jira/browse/GEODE-6495
> Project: Geode
> Issue Type: Bug
> Reporter: Jonas Jensen
> Priority: Major
>
> In {{cppcache/src/TcpConn.cpp}}, there's [a buffer of length
> 250|https://github.com/apache/geode-native/blob/268bc6e4c1d070b40cd723437491b85589ba681e/cppcache/src/TcpConn.cpp#L243]
> that's [written to with an {{snprintf}}
> call|https://github.com/apache/geode-native/blob/268bc6e4c1d070b40cd723437491b85589ba681e/cppcache/src/TcpConn.cpp#L245]
> that's allowed to write up to 256 characters.
> Either the buffer should be larger, or the argument to {{sprintf}} should be
> smaller.
> I don't see any way that this could have security implications since it only
> writes static data taken from the locale of the process. Nevertheless, I
> think it's worth fixing for the sake of code hygiene.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
