[
https://issues.apache.org/jira/browse/TS-5097?focusedWorklogId=33781&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-33781
]
ASF GitHub Bot logged work on TS-5097:
--------------------------------------
Author: ASF GitHub Bot
Created on: 16/Dec/16 19:21
Start Date: 16/Dec/16 19:21
Worklog Time Spent: 10m
Work Description: GitHub user danobi opened a pull request:
https://github.com/apache/trafficserver/pull/1268
TS-5097 Validate plugin argument count
If we don't validate the plugin argument count, the plugin API is
vulnerable to buffer overflow fun (not actually fun).
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/danobi/trafficserver TS-5097
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/trafficserver/pull/1268.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #1268
----
commit 4b91604a0338e14445aeb80ff8d280a38173b960
Author: Daniel Xu <[email protected]>
Date: 2016-12-16T19:18:09Z
TS-5097 Validate plugin argument count
If we don't validate the plugin argument count, the plugin API is
vulnerable to buffer overflow fun (not actually fun).
----
Issue Time Tracking
-------------------
Worklog Id: (was: 33781)
Time Spent: 10m
Remaining Estimate: 0h
> Validate plugin argument count
> ------------------------------
>
> Key: TS-5097
> URL: https://issues.apache.org/jira/browse/TS-5097
> Project: Traffic Server
> Issue Type: Bug
> Components: Plugins
> Reporter: Daniel Xu
> Assignee: Daniel Xu
> Time Spent: 10m
> Remaining Estimate: 0h
>
> The plugin initialization code in proxy/Plugin.cc is hard coded to have a
> maximum of 64 plugin arguments. However, the code isn't validating that the
> provided list of arguments is < 64 in count.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
