From: Willy Tarreau Date: Thu, 26 Aug 2021 14:48:53 +0000 (+0200) Subject: BUG/MINOR: lua: use strlcpy2() not strncpy() to copy sample keywords X-Git-Tag: v2.5-dev5~14 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5ef965606b5bacb12769c97f85b2cfd1c4e4ffe7;p=thirdparty%2Fhaproxy.git BUG/MINOR: lua: use strlcpy2() not strncpy() to copy sample keywords The lua initialization code which creates the Lua mapping of all converters and sample fetch keywords makes use of strncpy(), and as such can take ages to start with large values of tune.bufsize because it spends its time zeroing gigabytes of memory for nothing. A test performed with an extreme value of 16 MB takes roughly 4 seconds, so it's possible that some users with huge 1 MB buffers (e.g. for payload analysis) notice a small startup latency. However this does not affect config checks since the Lua stack is not yet started. Let's replace this with strlcpy2(). This should be backported to all supported versions. --- diff --git a/src/hlua.c b/src/hlua.c index ea9d31cdbd..7b280884db 100644 --- a/src/hlua.c +++ b/src/hlua.c @@ -11372,8 +11372,7 @@ lua_State *hlua_init_state(int thread_num) /* gL.Tua doesn't support '.' and '-' in the function names, replace it * by an underscore. */ - strncpy(trash.area, sf->kw, trash.size); - trash.area[trash.size - 1] = '\0'; + strlcpy2(trash.area, sf->kw, trash.size); for (p = trash.area; *p; p++) if (*p == '.' || *p == '-' || *p == '+') *p = '_'; @@ -11411,8 +11410,7 @@ lua_State *hlua_init_state(int thread_num) /* gL.Tua doesn't support '.' and '-' in the function names, replace it * by an underscore. */ - strncpy(trash.area, sc->kw, trash.size); - trash.area[trash.size - 1] = '\0'; + strlcpy2(trash.area, sc->kw, trash.size); for (p = trash.area; *p; p++) if (*p == '.' || *p == '-' || *p == '+') *p = '_';