[squid-dev] [PATCH] snprintf result used without validating its range
Alex Rousskov
rousskov at measurement-factory.com
Tue Feb 9 18:39:18 UTC 2016
On 02/09/2016 10:25 AM, Yuriy M. Kaminskiy wrote:
> Index: squid-3.5.13/src/log/File.cc
> ===================================================================
> --- squid-3.5.13.orig/src/log/File.cc
> +++ squid-3.5.13/src/log/File.cc
> @@ -104,13 +104,16 @@ logfilePrintf(Logfile * lf, const char *
...
> + if (s < 0) {
> + xstrncpy(buf, "snprintf error in logfilePrintf\n", sizeof(buf));
...
We should not write error messages to access.log. When an overflow
happens: If all logfilePrintf() callers cannot meaningfully handle the
error anyway, then we should just log the error message to cache.log and
return from logfilePrintf(). Otherwise, a more complex solution is needed.
N.B. IMHO, logging truncated lines is a bad idea but that wrong decision
was probably made long time ago, and changing it is both difficult and
probably outside your patch scope.
Thank you,
Alex.
More information about the squid-dev
mailing list