Skip to content

Commit

Permalink
[atlesn] Fix usage of uninitialized memory during snapshoting
Browse files Browse the repository at this point in the history
  • Loading branch information
atlesn committed Mar 23, 2024
1 parent 515b97b commit e99dde7
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 5 deletions.
11 changes: 9 additions & 2 deletions src/configuration.c
Original file line number Diff line number Diff line change
Expand Up @@ -282,9 +282,12 @@ size_t configurationEncodedSize(const struct raft_configuration *c)
return bytePad64(n);
}

void configurationEncodeToBuf(const struct raft_configuration *c, void *buf)
void configurationEncodeToBuf(const struct raft_configuration *c,
void *buf,
size_t buf_len)
{
uint8_t *cursor = buf;
uint8_t *end = cursor + buf_len;
unsigned i;

/* Encoding format version */
Expand All @@ -301,6 +304,10 @@ void configurationEncodeToBuf(const struct raft_configuration *c, void *buf)
assert(server->role < 255);
bytePut8(&cursor, (uint8_t)server->role);
};

assert(cursor <= end);

memset(cursor, 0, (size_t) (end - cursor));
}

int configurationEncode(const struct raft_configuration *c,
Expand All @@ -321,7 +328,7 @@ int configurationEncode(const struct raft_configuration *c,
goto err;
}

configurationEncodeToBuf(c, buf->base);
configurationEncodeToBuf(c, buf->base, buf->len);

return 0;

Expand Down
6 changes: 4 additions & 2 deletions src/configuration.h
Original file line number Diff line number Diff line change
Expand Up @@ -96,8 +96,10 @@ int configurationCopy(const struct raft_configuration *src,
size_t configurationEncodedSize(const struct raft_configuration *c);

/* Encode the given configuration object to the given pre-allocated buffer,
* which is assumed to be at least configurationEncodedSize(c) bytes. */
void configurationEncodeToBuf(const struct raft_configuration *c, void *buf);
* which must be at least configurationEncodedSize(c) bytes. */
void configurationEncodeToBuf(const struct raft_configuration *c,
void *buf,
size_t buf_len);

/* Encode the given configuration object. The memory of the returned buffer is
* allocated using raft_malloc(), and client code is responsible for releasing
Expand Down
2 changes: 1 addition & 1 deletion src/uv_encoding.c
Original file line number Diff line number Diff line change
Expand Up @@ -180,7 +180,7 @@ static void encodeInstallSnapshot(const struct raft_install_snapshot *p,
bytePut64(&cursor, p->conf_index); /* Configuration's index */
bytePut64(&cursor, conf_size); /* Length of configuration */

configurationEncodeToBuf(&p->conf, cursor); /* Configuration data */
configurationEncodeToBuf(&p->conf, cursor, conf_size); /* Configuration data */
cursor = (uint8_t *)cursor + conf_size;

bytePut64(&cursor, p->data.len); /* Length of snapshot data */
Expand Down

0 comments on commit e99dde7

Please sign in to comment.