|
 |
77eb1b |
commit 0f605245cf3f37c2efe4e225237ad17256ea2a34
|
|
|
77eb1b |
Author: Jeremy Sowden <jeremy.sowden@gmail.com>
|
|
|
77eb1b |
Date: Wed Jan 9 15:43:41 2013 +0000
|
|
|
77eb1b |
|
|
|
77eb1b |
Fix buffer-overrun when logging key to delete in binary protocol.
|
|
|
77eb1b |
|
|
|
77eb1b |
diff --git a/memcached.c b/memcached.c
|
|
|
77eb1b |
index 3a79fba..f7a140c 100644
|
|
|
77eb1b |
--- a/memcached.c
|
|
|
77eb1b |
+++ b/memcached.c
|
|
|
77eb1b |
@@ -2190,7 +2190,12 @@ static void process_bin_delete(conn *c) {
|
|
|
77eb1b |
assert(c != NULL);
|
|
|
77eb1b |
|
|
|
77eb1b |
if (settings.verbose > 1) {
|
|
|
77eb1b |
- fprintf(stderr, "Deleting %s\n", key);
|
|
|
77eb1b |
+ int ii;
|
|
|
77eb1b |
+ fprintf(stderr, "Deleting ");
|
|
|
77eb1b |
+ for (ii = 0; ii < nkey; ++ii) {
|
|
|
77eb1b |
+ fprintf(stderr, "%c", key[ii]);
|
|
|
77eb1b |
+ }
|
|
|
77eb1b |
+ fprintf(stderr, "\n");
|
|
|
77eb1b |
}
|
|
|
77eb1b |
|
|
|
77eb1b |
if (settings.detail_enabled) {
|
|
|
77eb1b |
commit fbe823d9a61b5149cd6e3b5e17bd28dd3b8dd760
|
|
|
77eb1b |
Author: dormando <dormando@rydia.net>
|
|
|
77eb1b |
Date: Fri Dec 20 13:25:43 2013 -0800
|
|
|
77eb1b |
|
|
|
77eb1b |
fix potential unbounded key prints
|
|
|
77eb1b |
|
|
|
77eb1b |
item key isn't necessarily null terminated. user submitted a patch for one,
|
|
|
77eb1b |
this clears two more.
|
|
|
77eb1b |
|
|
|
77eb1b |
diff --git a/items.c b/items.c
|
|
|
77eb1b |
index d70400c..65b1a24 100644
|
|
|
77eb1b |
--- a/items.c
|
|
|
77eb1b |
+++ b/items.c
|
|
|
77eb1b |
@@ -537,12 +537,16 @@ item *do_item_get(const char *key, const size_t nkey, const uint32_t hv) {
|
|
|
77eb1b |
int was_found = 0;
|
|
|
77eb1b |
|
|
|
77eb1b |
if (settings.verbose > 2) {
|
|
|
77eb1b |
+ int ii;
|
|
|
77eb1b |
if (it == NULL) {
|
|
|
77eb1b |
- fprintf(stderr, "> NOT FOUND %s", key);
|
|
|
77eb1b |
+ fprintf(stderr, "> NOT FOUND ");
|
|
|
77eb1b |
} else {
|
|
|
77eb1b |
- fprintf(stderr, "> FOUND KEY %s", ITEM_key(it));
|
|
|
77eb1b |
+ fprintf(stderr, "> FOUND KEY ");
|
|
|
77eb1b |
was_found++;
|
|
|
77eb1b |
}
|
|
|
77eb1b |
+ for (ii = 0; ii < nkey; ++ii) {
|
|
|
77eb1b |
+ fprintf(stderr, "%c", key[ii]);
|
|
|
77eb1b |
+ }
|
|
|
77eb1b |
}
|
|
|
77eb1b |
|
|
|
77eb1b |
if (it != NULL) {
|
|
|
77eb1b |
diff --git a/memcached.c b/memcached.c
|
|
|
77eb1b |
index f7a140c..6486ff2 100644
|
|
|
77eb1b |
--- a/memcached.c
|
|
|
77eb1b |
+++ b/memcached.c
|
|
|
77eb1b |
@@ -2856,8 +2856,14 @@ static inline void process_get_command(conn *c, token_t *tokens, size_t ntokens,
|
|
|
77eb1b |
}
|
|
|
77eb1b |
|
|
|
77eb1b |
|
|
|
77eb1b |
- if (settings.verbose > 1)
|
|
|
77eb1b |
- fprintf(stderr, ">%d sending key %s\n", c->sfd, ITEM_key(it));
|
|
|
77eb1b |
+ if (settings.verbose > 1) {
|
|
|
77eb1b |
+ int ii;
|
|
|
77eb1b |
+ fprintf(stderr, ">%d sending key ", c->sfd);
|
|
|
77eb1b |
+ for (ii = 0; ii < it->nkey; ++ii) {
|
|
|
77eb1b |
+ fprintf(stderr, "%c", key[ii]);
|
|
|
77eb1b |
+ }
|
|
|
77eb1b |
+ fprintf(stderr, "\n");
|
|
|
77eb1b |
+ }
|
|
|
77eb1b |
|
|
|
77eb1b |
/* item_get() has incremented it->refcount for us */
|
|
|
77eb1b |
pthread_mutex_lock(&c->thread->stats.mutex);
|