Skip to content

Fix bounds checks for autoload path construction#3932

Merged
bwoebi merged 1 commit into
masterfrom
codex/fix-stack-overflow-in-ddtrace-autoload
May 28, 2026
Merged

Fix bounds checks for autoload path construction#3932
bwoebi merged 1 commit into
masterfrom
codex/fix-stack-overflow-in-ddtrace-autoload

Conversation

@bwoebi

@bwoebi bwoebi commented May 28, 2026

Copy link
Copy Markdown
Collaborator

Motivation

  • The autoloader constructed path[MAXPATHLEN] with snprintf() but then used the unchecked snprintf return (path_len) for iteration and memmove(), which allows an out-of-bounds read/write when the formatted path is truncated by the buffer.

Description

  • Add a truncation guard if (path_len >= sizeof(path)) { return; } immediately after the snprintf() call in both dd_load_file() and dd_load_files() to prevent iterating or copying past the stack buffer for oversized inputs.
  • This is a minimal remediation that preserves existing autoload behavior for in-bounds paths while preventing memory corruption for oversized class/path inputs.

Testing

  • No automated tests were executed as part of this change; the change is a small bounds-check addition and should be validated by the normal CI build/test matrix (including extension builds and ASan runs).

Codex Task

@bwoebi bwoebi requested a review from a team as a code owner May 28, 2026 13:16
@datadog-datadog-prod-us1

datadog-datadog-prod-us1 Bot commented May 28, 2026

Copy link
Copy Markdown

Pipelines  Tests

Fix all issues with BitsAI

⚠️ Warnings

🚦 1 Pipeline job failed

DataDog/apm-reliability/dd-trace-php | randomized tests: [amd64, no-asan, 3]   View in Datadog   GitLab

🔄 Retry job. This looks flaky and may succeed on retry. Error response from Docker daemon: unknown error when trying to pull the image 'datadog/dd-trace-ci'.

ℹ️ Info

No other issues found (see more)

🧪 All tests passed
❄️ No new flaky tests detected

🎯 Code Coverage (details)
Patch Coverage: 100.00%
Overall Coverage: 60.71% (-0.04%)

Useful? React with 👍 / 👎

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: 2ad8534 | Docs | Datadog PR Page | Give us feedback!

@bwoebi bwoebi merged commit c197795 into master May 28, 2026
2088 of 2126 checks passed
@bwoebi bwoebi deleted the codex/fix-stack-overflow-in-ddtrace-autoload branch May 28, 2026 13:59
@github-actions github-actions Bot added this to the 1.21.0 milestone May 28, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant