From 70e4e4801b592f683c963b79f267520633fa6172 Mon Sep 17 00:00:00 2001
From: Masaori Koshiba <masaori@apache.org>
Date: Wed, 16 Jun 2021 10:13:09 +0900
Subject: [PATCH 1/2] Fix dynamic-stack-buffer-overflow of cachekey plugin

---
 plugins/cachekey/cachekey.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugins/cachekey/cachekey.cc b/plugins/cachekey/cachekey.cc
index 5f128894bfa..44925b3db28 100644
--- a/plugins/cachekey/cachekey.cc
+++ b/plugins/cachekey/cachekey.cc
@@ -41,7 +41,7 @@ appendEncoded(String &target, const char *s, size_t len)
     return;
   }
 
-  char tmp[len * 2];
+  char tmp[len * 3 + 1];
   size_t written;
 
   /* The default table does not encode the comma, so we need to use our own table here. */

From 62d100b0c4beb8399e237575a5809346e2043e52 Mon Sep 17 00:00:00 2001
From: Masaori Koshiba <masaori@apache.org>
Date: Wed, 16 Jun 2021 15:09:21 +0900
Subject: [PATCH 2/2] Check dst_size include null termination

---
 proxy/logging/LogUtils.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/proxy/logging/LogUtils.cc b/proxy/logging/LogUtils.cc
index 0018a65d797..ef53445e4b5 100644
--- a/proxy/logging/LogUtils.cc
+++ b/proxy/logging/LogUtils.cc
@@ -360,7 +360,7 @@ escapify_url_common(Arena *arena, char *url, size_t len_in, int *len_out, char *
   //
   size_t out_len = len_in + 2 * count;
 
-  if (dst && out_len > dst_size) {
+  if (dst && (out_len + 1) > dst_size) {
     *len_out = 0;
     return nullptr;
   }