From b5d43d4a1ce22e5a0371e66d99bddcef056d674d Mon Sep 17 00:00:00 2001
From: junji hashimoto <junjihashimoto@users.noreply.github.com>
Date: Mon, 16 Mar 2026 08:32:52 +0900
Subject: [PATCH 1/3] Potential fix for pull request finding

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
---
 helm/flare-operator/values.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/helm/flare-operator/values.yaml b/helm/flare-operator/values.yaml
index 3dffd28..b127c8f 100644
--- a/helm/flare-operator/values.yaml
+++ b/helm/flare-operator/values.yaml
@@ -1,3 +1,4 @@
+metricsPort: 9090
 # Default values for flare-operator.
 # This is a YAML-formatted file.
 # Declare variables to be passed into your templates.

From 6122fb0e311ab6a2df97e7a0dcdb5b1bf0648724 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 15 Mar 2026 23:32:52 +0000
Subject: [PATCH 2/3] Initial plan


From 393a1f88e72efebb1f786d6aa43859200e91ead4 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 15 Mar 2026 23:37:26 +0000
Subject: [PATCH 3/3] Fix FLARE_OPERATOR_PORT parsing: use strtol with range
 validation

Co-authored-by: junjihashimoto <2469618+junjihashimoto@users.noreply.github.com>
---
 src/flared/flared.cc | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/src/flared/flared.cc b/src/flared/flared.cc
index 746fc33..173cd10 100644
--- a/src/flared/flared.cc
+++ b/src/flared/flared.cc
@@ -44,6 +44,7 @@
 #endif
 
 #ifdef ENABLE_K8S_OPERATOR
+# include <cerrno>
 # include <cstdlib>
 #endif
 
@@ -220,13 +221,20 @@ int flared::startup(int argc, char **argv) {
 		const char* op_host = std::getenv("FLARE_OPERATOR_HOST");
 		const char* op_port = std::getenv("FLARE_OPERATOR_PORT");
 		if (op_host != NULL && op_port != NULL) {
-			k8s_index_servers.clear();
-			cluster::index_server s;
-			s.index_server_name = string(op_host);
-			s.index_server_port = atoi(op_port);
-			k8s_index_servers.push_back(s);
-			log_notice("K8s operator mode: using operator at %s:%d as index server",
-				op_host, atoi(op_port));
+			char* endptr = nullptr;
+			errno = 0;
+			long port_val = strtol(op_port, &endptr, 10);
+			if (errno != 0 || endptr == op_port || *endptr != '\0' || port_val < 1 || port_val > 65535) {
+				log_warning("K8s operator mode: invalid FLARE_OPERATOR_PORT value '%s', ignoring operator override", op_port);
+			} else {
+				k8s_index_servers.clear();
+				cluster::index_server s;
+				s.index_server_name = string(op_host);
+				s.index_server_port = static_cast<int>(port_val);
+				k8s_index_servers.push_back(s);
+				log_notice("K8s operator mode: using operator at %s:%d as index server",
+					op_host, static_cast<int>(port_val));
+			}
 		}
 		if (this->_cluster->startup_node(k8s_index_servers,
 																		 ini_option_object().get_proxy_prior_netmask()) < 0) {