From 514491d1da2832efafb51fa7694a93fd6af2339a Mon Sep 17 00:00:00 2001 From: Rohit Satardekar Date: Thu, 19 Sep 2024 07:41:15 +0530 Subject: [PATCH] [BugFix] fix BE crash when http api request for pprof/cmdline (#51077) Why I'm doing: BE crash when http api request for pprof/cmdline curl -s --location-trusted -uroot:"" 'http://127.0.0.1:8040/pprof/cmdline' What I'm doing: max field width should be specified in fscanf() so that it does not overflow the buffer curl -s --location-trusted -uroot:"" 'http://127.0.0.1:8040/pprof/cmdline' /opensource/deploystarrocks/123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678912345678901234567890123456789012345678901234567890123456/123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678912345678901234567890123456789012345678901234567890123456/123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678912345678901234567890123456789012345678901234567890123456/12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567891234567890123456789012345678 Fixes #51076 Signed-off-by: Rohit Satardekar (cherry picked from commit 3543f1dca54df67873a5fed08aceb91a3e4d8cd0) --- be/src/http/action/pprof_actions.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/be/src/http/action/pprof_actions.cpp b/be/src/http/action/pprof_actions.cpp index 07e65a6ae391b..c7eab3a112d3c 100644 --- a/be/src/http/action/pprof_actions.cpp +++ b/be/src/http/action/pprof_actions.cpp @@ -162,7 +162,7 @@ void CmdlineAction::handle(HttpRequest* req) { return; } char buf[1024]; - if (fscanf(fp, "%s ", buf) != 1) { + if (fscanf(fp, "%1023s ", buf) != 1) { strcpy(buf, "read cmdline failed"); } fclose(fp);