kezhuw commented on PR #2209:
URL: https://github.com/apache/zookeeper/pull/2209#issuecomment-2458627959
```c
zhandle_t *zookeeper_init_ssl(const char *host, const char *cert, watcher_fn
watcher,
int recv_timeout, const clientid_t *clientid, void *context, int
flags)
{
zcert_t zcert;
zcert.certstr = strdup(cert);
zcert.ca = strtok(strdup(cert), ",");
zcert.cert = strtok(NULL, ",");
zcert.key = strtok(NULL, ",");
zcert.passwd = strtok(NULL, ",");
return zookeeper_init_internal(host, watcher, recv_timeout, clientid,
context, flags, NULL, &zcert, NULL);
}
```
After checking above code, I suggest we fix like following.
```diff
- zcert.ca = strtok(strdup(cert), ",");
+ zcert.ca = strtok(zcert.certstr, ",");
```
Given the "Possible implementation" in
https://en.cppreference.com/w/cpp/string/byte/strtok and also after evaluting
`strtok`. I think there is no guarantee that `zcert.ca` will always point to
allocated memory after `strtok`.
cc @symat @ztzg
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@zookeeper.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
