http2: avoid strstr() on data not zero terminated #2513

bagder · 2018-04-20T14:35:37Z

It's not strictly clear if the API contract allows us to call strstr()
on a string that isn't zero terminated even when we know it will find
the substring, and clang's ASAN check dislikes us for it.

Also added a check of the return code in case it fails, even if I can't
think of a situation how that can trigger.

Detected by OSS-Fuzz

Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7760

It's not strictly clear if the API contract allows us to call strstr() on a string that isn't zero terminated even when we know it will find the substring, and clang's ASAN check dislikes us for it. Also added a check of the return code in case it fails, even if I can't think of a situation how that can trigger. Detected by OSS-Fuzz Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7760

bagder added the HTTP/2 label Apr 20, 2018

bagder closed this in 1514c44 Apr 20, 2018

bagder deleted the bagder/http2-avoid-strstr-on-data branch April 20, 2018 20:17

lock bot locked as resolved and limited conversation to collaborators Jul 19, 2018

http2: avoid strstr() on data not zero terminated #2513

http2: avoid strstr() on data not zero terminated #2513

Conversation

bagder commented Apr 20, 2018