Apache Celix is a framework for C and C++14 to develop dynamic modular software applications using component and in-process service-oriented programming.
manifest->mainAttributes is dropped in manifest_clone.
manifest->attributes seems empty most of the time: the while loop after manifest_readAttributes(manifest, manifest->mainAttributes, file) seems NEVER entered.
manifest_readAttributes(manifest, manifest->mainAttributes, file);
// fgets almost always returns NULL
while (status==CELIX_SUCCESS && fgets(lbuf, sizeof(lbuf), file) != NULL) {
}
The line continuation logic may lead to stack overflow for malicious manifest.
I don't understand why is manifest->attributes there?
manifest->mainAttributesis dropped inmanifest_clone.manifest->attributesseems empty most of the time: the while loop aftermanifest_readAttributes(manifest, manifest->mainAttributes, file)seems NEVER entered.I don't understand why is
manifest->attributesthere?