This is an automated email from the ASF dual-hosted git repository. bcall pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push: new 26affdad94 make sure open() and read() succeeded (#10273) 26affdad94 is described below commit 26affdad9451da19782cdb3ff6ac881a54277410 Author: Fei Deng <f...@yahooinc.com> AuthorDate: Mon Oct 9 18:33:33 2023 -0400 make sure open() and read() succeeded (#10273) --- plugins/experimental/ssl_session_reuse/src/config.cc | 3 +-- plugins/experimental/ssl_session_reuse/src/ssl_init.cc | 11 +++++++---- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/plugins/experimental/ssl_session_reuse/src/config.cc b/plugins/experimental/ssl_session_reuse/src/config.cc index b2a9814c7b..d83c60d783 100644 --- a/plugins/experimental/ssl_session_reuse/src/config.cc +++ b/plugins/experimental/ssl_session_reuse/src/config.cc @@ -82,12 +82,11 @@ Config::loadConfig(const std::string &filename) } } - close(fd); - m_noConfig = false; success = true; m_alreadyLoaded = true; } + close(fd); return success; } diff --git a/plugins/experimental/ssl_session_reuse/src/ssl_init.cc b/plugins/experimental/ssl_session_reuse/src/ssl_init.cc index 961a017cfb..acfd2ea2a3 100644 --- a/plugins/experimental/ssl_session_reuse/src/ssl_init.cc +++ b/plugins/experimental/ssl_session_reuse/src/ssl_init.cc @@ -105,7 +105,7 @@ get_redis_auth_key(char *retKeyBuff, int buffSize) if (ssl_param.redis_auth_key_file.length()) { int fd = open(ssl_param.redis_auth_key_file.c_str(), O_RDONLY); struct stat info; - if (0 == fstat(fd, &info)) { + if (fd >= 0 && 0 == fstat(fd, &info)) { size_t n = info.st_size; std::string key_data; key_data.resize(n); @@ -114,10 +114,13 @@ get_redis_auth_key(char *retKeyBuff, int buffSize) while (read_len > 1 && key_data[read_len - 1] == '\n') { --read_len; } - memset(retKeyBuff, 0, buffSize); - strncpy(retKeyBuff, key_data.c_str(), read_len); - retval = key_data.length(); + if (read_len > 0 && read_len <= buffSize && static_cast<size_t>(read_len) <= key_data.length()) { + memset(retKeyBuff, 0, buffSize); + strncpy(retKeyBuff, key_data.c_str(), read_len); + retval = read_len; + } } + close(fd); } else { TSError("Can not get redis auth key."); }