From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Tue, 12 Apr 2022 13:41:08 +0000 (+0200)
Subject: proxy-protocol: Prevent a temporary allocation
X-Git-Tag: auth-4.8.0-alpha0~142^2~1
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=50e78f1dcb13ab1ce68fafba667739979da61bda;p=thirdparty%2Fpdns.git

proxy-protocol: Prevent a temporary allocation
---

diff --git a/pdns/proxy-protocol.cc b/pdns/proxy-protocol.cc
index b7c7270e79..dc3e27c3ab 100644
--- a/pdns/proxy-protocol.cc
+++ b/pdns/proxy-protocol.cc
@@ -29,26 +29,27 @@
 
 static string proxymagic(PROXYMAGIC, PROXYMAGICLEN);
 
-static std::string makeSimpleHeader(uint8_t command, uint8_t protocol, uint16_t contentLen)
+static void makeSimpleHeader(uint8_t command, uint8_t protocol, uint16_t contentLen, std::string& out)
 {
-  std::string ret;
   const uint8_t versioncommand = (0x20 | command);
+  const size_t totalSize = proxymagic.size() + sizeof(versioncommand) + sizeof(protocol) + sizeof(contentLen) + contentLen;
+  if (out.capacity() < totalSize) {
+    out.reserve(totalSize);
+  }
 
-  ret.reserve(proxymagic.size() + sizeof(versioncommand) + sizeof(protocol) + sizeof(contentLen) + contentLen);
-
-  ret.append(proxymagic);
-
-  ret.append(reinterpret_cast<const char*>(&versioncommand), sizeof(versioncommand));
-  ret.append(reinterpret_cast<const char*>(&protocol), sizeof(protocol));
+  out.append(proxymagic);
 
-  ret.append(reinterpret_cast<const char*>(&contentLen), sizeof(contentLen));
+  out.append(reinterpret_cast<const char*>(&versioncommand), sizeof(versioncommand));
+  out.append(reinterpret_cast<const char*>(&protocol), sizeof(protocol));
 
-  return ret;
+  out.append(reinterpret_cast<const char*>(&contentLen), sizeof(contentLen));
 }
 
 std::string makeLocalProxyHeader()
 {
-  return makeSimpleHeader(0x00, 0, 0);
+  std::string out;
+  makeSimpleHeader(0x00, 0, 0, out);
+  return out;
 }
 
 std::string makeProxyHeader(bool tcp, const ComboAddress& source, const ComboAddress& destination, const std::vector<ProxyProtocolValue>& values)
@@ -80,7 +81,9 @@ std::string makeProxyHeader(bool tcp, const ComboAddress& source, const ComboAdd
   }
 
   const uint16_t contentlen = htons(static_cast<uint16_t>(total));
-  std::string ret = makeSimpleHeader(command, protocol, contentlen);
+  std::string ret;
+  ret.reserve(total);
+  makeSimpleHeader(command, protocol, contentlen, ret);
 
   // We already established source and destination sin_family equivalence
   if (source.isIPv4()) {