cloudfuse icon indicating copy to clipboard operation
cloudfuse copied to clipboard
verified publisher icon redbo

Buffer overflow with PKI tokens

Open olim7t opened this issue 12 years ago • 1 comments

Cloudfuse uses a 4KB buffer to build request headers.

Starting with the Grizzly version, OpenStack can be configured to use PKI tokens, which are significantly larger than UUIDs (~ 4700 bytes in our tests). The buffer overflows, the end of the token is truncated and authentication fails.

Quick fix: raise the max header size in cloudfsapi.h.

    #define MAX_HEADER_SIZE 8192

olim7t avatar Jun 13 '13 08:06 olim7t

Problem was solved in commit https://github.com/redbo/cloudfuse/commit/0a51180973ee825defa557a40c343c2b40f83b04

SoftDed avatar Apr 03 '14 15:04 SoftDed