From 70415c290f9c0279837a00564e546caa1d6e7a07 Mon Sep 17 00:00:00 2001 From: LazyTeenStudios Date: Sun, 13 Aug 2023 19:49:37 -0500 Subject: [PATCH 1/4] changed insecure "std::getenv()" functions to "_dupenv_s" functions instead. --- include/openai/openai.hpp | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/include/openai/openai.hpp b/include/openai/openai.hpp index 18ae49f..dc28f85 100644 --- a/include/openai/openai.hpp +++ b/include/openai/openai.hpp @@ -372,12 +372,16 @@ class OpenAI { OpenAI(const std::string& token = "", const std::string& organization = "", bool throw_exception = true, const std::string& api_base_url = "") : session_{throw_exception}, token_{token}, organization_{organization}, throw_exception_{throw_exception} { if (token.empty()) { - if(const char* env_p = std::getenv("OPENAI_API_KEY")) { + char* env_p; + size_t len; + if(_dupenv_s(&env_p, &len, "OPENAI_API_KEY") == 0) { token_ = std::string{env_p}; } } if (api_base_url.empty()) { - if(const char* env_p = std::getenv("OPENAI_API_BASE")) { + char* env_p; + size_t len; + if(_dupenv_s(&env_p, &len, "OPENAI_API_BASE") == 0) { base_url = std::string{env_p} + "/"; } else { From 127d90a6fcc06c0bd9b611b2b38173efd64b29ca Mon Sep 17 00:00:00 2001 From: LazyTeenStudios Date: Sun, 13 Aug 2023 21:08:47 -0500 Subject: [PATCH 2/4] fixed enviroment variable search bug --- include/openai/openai.hpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/openai/openai.hpp b/include/openai/openai.hpp index dc28f85..e7208d1 100644 --- a/include/openai/openai.hpp +++ b/include/openai/openai.hpp @@ -374,14 +374,14 @@ class OpenAI { if (token.empty()) { char* env_p; size_t len; - if(_dupenv_s(&env_p, &len, "OPENAI_API_KEY") == 0) { + if(_dupenv_s(&env_p, &len, "OPENAI_API_KEY") == 0 && env_p != NULL) { token_ = std::string{env_p}; } } if (api_base_url.empty()) { char* env_p; size_t len; - if(_dupenv_s(&env_p, &len, "OPENAI_API_BASE") == 0) { + if(_dupenv_s(&env_p, &len, "OPENAI_API_BASE") == 0 && env_p != NULL) { base_url = std::string{env_p} + "/"; } else { From e407d335da3923c2fdb98344741b081d767a642a Mon Sep 17 00:00:00 2001 From: LazyTeenStudios Date: Sun, 13 Aug 2023 21:15:09 -0500 Subject: [PATCH 3/4] simplify code and remove length variable --- include/openai/openai.hpp | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/include/openai/openai.hpp b/include/openai/openai.hpp index e7208d1..9793cdc 100644 --- a/include/openai/openai.hpp +++ b/include/openai/openai.hpp @@ -373,15 +373,13 @@ class OpenAI { : session_{throw_exception}, token_{token}, organization_{organization}, throw_exception_{throw_exception} { if (token.empty()) { char* env_p; - size_t len; - if(_dupenv_s(&env_p, &len, "OPENAI_API_KEY") == 0 && env_p != NULL) { + if(_dupenv_s(&env_p, NULL, "OPENAI_API_KEY") == 0 && env_p != NULL) { token_ = std::string{env_p}; } } if (api_base_url.empty()) { char* env_p; - size_t len; - if(_dupenv_s(&env_p, &len, "OPENAI_API_BASE") == 0 && env_p != NULL) { + if(_dupenv_s(&env_p, NULL, "OPENAI_API_BASE") == 0 && env_p != NULL) { base_url = std::string{env_p} + "/"; } else { From 89a56b9c9b322f26963be92d4c67c5c69be25958 Mon Sep 17 00:00:00 2001 From: LazyTeenStudios Date: Sun, 13 Aug 2023 21:18:09 -0500 Subject: [PATCH 4/4] prevent a memory leak --- include/openai/openai.hpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/openai/openai.hpp b/include/openai/openai.hpp index 9793cdc..73c9fc9 100644 --- a/include/openai/openai.hpp +++ b/include/openai/openai.hpp @@ -376,6 +376,7 @@ class OpenAI { if(_dupenv_s(&env_p, NULL, "OPENAI_API_KEY") == 0 && env_p != NULL) { token_ = std::string{env_p}; } + free(env_p); } if (api_base_url.empty()) { char* env_p; @@ -385,6 +386,7 @@ class OpenAI { else { base_url = "https://api.openai.com/v1/"; } + free(env_p); } else { base_url = api_base_url;