From a3d0f8ba215fd2fefa53c231dbeae5e8119f97e5 Mon Sep 17 00:00:00 2001 From: Iesan Remus Date: Tue, 9 Sep 2025 12:42:01 +0300 Subject: [PATCH 1/2] Fixed Snyk vulnerabilities from bucket_metadata.c, request.c and service_access_logging.c file --- src/bucket_metadata.c | 18 +++++++++++++++--- src/request.c | 7 +++++-- src/service_access_logging.c | 11 +++++++---- 3 files changed, 27 insertions(+), 9 deletions(-) diff --git a/src/bucket_metadata.c b/src/bucket_metadata.c index 05f3e67..0307545 100644 --- a/src/bucket_metadata.c +++ b/src/bucket_metadata.c @@ -164,7 +164,11 @@ void S3_get_acl(const S3BucketContext *bucketContext, const char *key, }; // Perform the request - request_perform(¶ms, requestContext); + if (!request_perform(¶ms, requestContext)) { + free(gaData); + (*(handler->completeCallback))(S3StatusRequestFailed, 0, callbackData); + return; + } } @@ -478,7 +482,11 @@ void S3_get_lifecycle(const S3BucketContext *bucketContext, }; // Perform the request - request_perform(¶ms, requestContext); + if (!request_perform(¶ms, requestContext)) { + free(gaData); + (*(handler->completeCallback))(S3StatusRequestFailed, 0, callbackData); + return; + } } @@ -602,7 +610,11 @@ void S3_set_lifecycle(const S3BucketContext *bucketContext, }; // Perform the request - request_perform(¶ms, requestContext); + if (!request_perform(¶ms, requestContext)) { + free(data); + (*(handler->completeCallback))(S3StatusRequestFailed, 0, callbackData); + return; + } #endif } diff --git a/src/request.c b/src/request.c index dd66863..6674a2c 100644 --- a/src/request.c +++ b/src/request.c @@ -834,6 +834,10 @@ static void sort_query_string(const char *queryString, char *result, // Where did strdup go?!?? int queryStringLen = strlen(queryString); char *buf = (char *) malloc(queryStringLen + 1); + if (!buf) { + result[0] = '\0'; + return; // <-- Add: free(buf); before return (but buf is NULL here, so it's safe) + } char *tok = buf; strcpy(tok, queryString); const char *token = NULL; @@ -865,9 +869,8 @@ static void sort_query_string(const char *queryString, char *result, if (len > 0) { result[len - 1] = 0; } -#undef append - free(buf); +#undef append } diff --git a/src/service_access_logging.c b/src/service_access_logging.c index ce7ae6b..959f4e8 100644 --- a/src/service_access_logging.c +++ b/src/service_access_logging.c @@ -142,13 +142,16 @@ static S3Status convertBlsXmlCallback(const char *elementPath, if (caData->emailAddress[0]) { grant->granteeType = S3GranteeTypeAmazonCustomerByEmail; - strcpy(grant->grantee.amazonCustomerByEmail.emailAddress, - caData->emailAddress); + strncpy(grant->grantee.amazonCustomerByEmail.emailAddress, caData->emailAddress, S3_MAX_GRANTEE_EMAIL_ADDRESS_SIZE - 1); + grant->grantee.amazonCustomerByEmail.emailAddress[S3_MAX_GRANTEE_EMAIL_ADDRESS_SIZE - 1] = '\0'; } else if (caData->userId[0] && caData->userDisplayName[0]) { grant->granteeType = S3GranteeTypeCanonicalUser; - strcpy(grant->grantee.canonicalUser.id, caData->userId); - strcpy(grant->grantee.canonicalUser.displayName, + strncpy(grant->grantee.canonicalUser.id, caData->userId, S3_MAX_GRANTEE_USER_ID_SIZE - 1); + grant->grantee.canonicalUser.id[S3_MAX_GRANTEE_USER_ID_SIZE - 1] = '\0'; + + strncpy(grant->grantee.canonicalUser.displayName, caData->userDisplayName, S3_MAX_GRANTEE_DISPLAY_NAME_SIZE - 1); + grant->grantee.canonicalUser.displayName[S3_MAX_GRANTEE_DISPLAY_NAME_SIZE - 1] = '\0'; caData->userDisplayName); } else if (caData->groupUri[0]) { From a82dfa3b855255dc5d1e17b938b0f50fddea5424 Mon Sep 17 00:00:00 2001 From: Iesan Remus Date: Tue, 9 Sep 2025 13:44:09 +0300 Subject: [PATCH 2/2] BAU-28173 Fixed the last Snyk vulnerabilities with 500+ score --- src/bucket.c | 2 ++ src/bucket_metadata.c | 21 ++++++--------------- src/general.c | 14 +++++++++----- 3 files changed, 17 insertions(+), 20 deletions(-) diff --git a/src/bucket.c b/src/bucket.c index 6d30674..5468a3c 100644 --- a/src/bucket.c +++ b/src/bucket.c @@ -324,6 +324,7 @@ void S3_create_bucket(S3Protocol protocol, const char *accessKeyId, }; // Perform the request + free(cbData); request_perform(¶ms, requestContext); } @@ -411,6 +412,7 @@ void S3_delete_bucket(S3Protocol protocol, S3UriStyle uriStyle, timeoutMs // timeoutMs }; + free(dbData); // Perform the request request_perform(¶ms, requestContext); } diff --git a/src/bucket_metadata.c b/src/bucket_metadata.c index 0307545..2f63818 100644 --- a/src/bucket_metadata.c +++ b/src/bucket_metadata.c @@ -163,12 +163,9 @@ void S3_get_acl(const S3BucketContext *bucketContext, const char *key, timeoutMs // timeoutMs }; + free(gaData); // Perform the request - if (!request_perform(¶ms, requestContext)) { - free(gaData); - (*(handler->completeCallback))(S3StatusRequestFailed, 0, callbackData); - return; - } + request_perform(¶ms, requestContext); } @@ -482,11 +479,8 @@ void S3_get_lifecycle(const S3BucketContext *bucketContext, }; // Perform the request - if (!request_perform(¶ms, requestContext)) { - free(gaData); - (*(handler->completeCallback))(S3StatusRequestFailed, 0, callbackData); - return; - } + free(gaData); + request_perform(¶ms, requestContext); } @@ -609,12 +603,9 @@ void S3_set_lifecycle(const S3BucketContext *bucketContext, timeoutMs // timeoutMs }; + free(data); // Perform the request - if (!request_perform(¶ms, requestContext)) { - free(data); - (*(handler->completeCallback))(S3StatusRequestFailed, 0, callbackData); - return; - } + request_perform(¶ms, requestContext); #endif } diff --git a/src/general.c b/src/general.c index 7876f58..5772c8b 100644 --- a/src/general.c +++ b/src/general.c @@ -385,14 +385,18 @@ static S3Status convertAclXmlCallback(const char *elementPath, if (caData->emailAddress[0]) { grant->granteeType = S3GranteeTypeAmazonCustomerByEmail; - strcpy(grant->grantee.amazonCustomerByEmail.emailAddress, - caData->emailAddress); + strncpy(grant->grantee.amazonCustomerByEmail.emailAddress, + caData->emailAddress, + S3_MAX_GRANTEE_EMAIL_ADDRESS_SIZE - 1); + grant->grantee.amazonCustomerByEmail.emailAddress[S3_MAX_GRANTEE_EMAIL_ADDRESS_SIZE - 1] = '\0'; } else if (caData->userId[0] && caData->userDisplayName[0]) { grant->granteeType = S3GranteeTypeCanonicalUser; - strcpy(grant->grantee.canonicalUser.id, caData->userId); - strcpy(grant->grantee.canonicalUser.displayName, - caData->userDisplayName); + strncpy(grant->grantee.canonicalUser.id, caData->userId, S3_MAX_GRANTEE_USER_ID_SIZE - 1); + grant->grantee.canonicalUser.id[S3_MAX_GRANTEE_USER_ID_SIZE - 1] = '\0'; + + strncpy(grant->grantee.canonicalUser.displayName, caData->userDisplayName, S3_MAX_GRANTEE_DISPLAY_NAME_SIZE - 1); + grant->grantee.canonicalUser.displayName[S3_MAX_GRANTEE_DISPLAY_NAME_SIZE - 1] = '\0'; } else if (caData->groupUri[0]) { if (!strcmp(caData->groupUri,