Incident report on memory leak caused by Cloudflare parser bug -http://buff.ly/2lB3gCe
-
-
Both pointers were valid and pointer to data in Nginx buffer (which is why bug happened in the first place).
-
Blog says repeatedly "past the end of the buffer." Is that not accurate?
- 7 more replies
New conversation -
-
-
A pointer one past the end is valid and the blog post suggest that this is what is being used here?
-
No. pe is one past end, so == suffices. p went beyond even that.
- 1 more reply
New conversation -
-
-
Depends on the exact circumstances. If `++p` went _exactly_ one element past the buffer, then IT IS valid and defined.
-
Yes, one past end is valid and would have been caught by p == pe. In this case, pointer went beyond that.
- 1 more reply
New conversation -
-
-
That's why in general in C one doesn't use pointers for buffer bounds checks. Use index variables and check those.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Not by the standard, but most likely by implementation. This time. Unless overflow.
-
I don't remember where it says *creating* an invalid pointer is UB. >>
- 1 more reply
New conversation -
-
-
thanks for pointing this out. I noticed that too.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.