bakaid commented on a change in pull request #743: Minificpp 1169 - Simplify C2
metrics collection and reporting
URL: https://github.com/apache/nifi-minifi-cpp/pull/743#discussion_r396391265
##########
File path: extensions/http-curl/tests/HTTPHandlers.h
##########
@@ -343,4 +345,103 @@ class DeleteTransactionResponder : public CivetHandler {
std::string response_code;
};
+class HeartbeatHandler : public CivetHandler {
+ public:
+ explicit HeartbeatHandler(bool isSecure)
+ : isSecure(isSecure) {
+ }
+
+ std::string readPost(struct mg_connection *conn) {
+ std::string response;
+ int readBytes;
+
+ char buffer[1024];
+ while ((readBytes = mg_read(conn, buffer, sizeof(buffer))) > 0) {
+ response.append(buffer, 0, (readBytes / sizeof(char)));
Review comment:
This is one of the bugs (and potential crashes) identified by ASAN.
`buffer` is not guaranteed to contain a c-string, `mg_read` just reads
binary data.
The `std::string::append` overload that gets used here is the `string&
append(const string& str, size_t pos, size_t count)` one, meaning that an
`std::string` will be implicitly constructed from `buffer`, resulting in a
stack overread and potential crash.
It should be replaced with the `string& append( const CharT* s, size_type
count )` overload since we are reading the string from `pos == 0` anyway.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
