diff options
author | Tor Brede Vekterli <vekterli@oath.com> | 2018-03-05 13:56:03 +0000 |
---|---|---|
committer | Tor Brede Vekterli <vekterli@oath.com> | 2018-03-06 14:31:03 +0000 |
commit | 8293870aa18813e314ec7112fdc2d6dbe020d9d2 (patch) | |
tree | 450a2e68f5858c057b0ffc2bbcbcb02829447b16 /vdslib | |
parent | d3cd3115fc79ed62774c21684b7d39e45c484ff2 (diff) |
ClusterState parsing not safe with non zero-terminated stringrefs
Use vespalib::string explicitly for now until numeric parsing has moved
away from C style atoi() parsing, which risks overrunning stringref
buffer if it is not created verbatim from a zero-terminated string.
Diffstat (limited to 'vdslib')
-rw-r--r-- | vdslib/src/vespa/vdslib/state/clusterstate.cpp | 2 | ||||
-rw-r--r-- | vdslib/src/vespa/vdslib/state/clusterstate.h | 4 |
2 files changed, 4 insertions, 2 deletions
diff --git a/vdslib/src/vespa/vdslib/state/clusterstate.cpp b/vdslib/src/vespa/vdslib/state/clusterstate.cpp index 9a69ed98c79..fbc9943e22d 100644 --- a/vdslib/src/vespa/vdslib/state/clusterstate.cpp +++ b/vdslib/src/vespa/vdslib/state/clusterstate.cpp @@ -55,7 +55,7 @@ struct NodeData { } }; -ClusterState::ClusterState(const vespalib::stringref & serialized) +ClusterState::ClusterState(const vespalib::string& serialized) : Printable(), _version(0), _clusterState(&State::UP), diff --git a/vdslib/src/vespa/vdslib/state/clusterstate.h b/vdslib/src/vespa/vdslib/state/clusterstate.h index b60f2f6f1cc..9e8dd0f292a 100644 --- a/vdslib/src/vespa/vdslib/state/clusterstate.h +++ b/vdslib/src/vespa/vdslib/state/clusterstate.h @@ -36,7 +36,9 @@ public: ClusterState(); ClusterState(const ClusterState&); - explicit ClusterState(const vespalib::stringref & serialized); + // FIXME make ClusterState parsing not require null termination of string, + // then move to vespalib::stringref + explicit ClusterState(const vespalib::string& serialized); ~ClusterState(); std::string getTextualDifference(const ClusterState& other) const; |