Welcome! Log In Create A New Profile

Advanced

[nginx] A bounds check of %N format on Windows.

Previous Message Next Message
Forum List Message List New Topic Print View
Igor Sysoev
January 27, 2015 07:40AM
details: http://hg.nginx.org/nginx/rev/78271500b8de
branches:
changeset: 5965:78271500b8de
user: Igor Sysoev <igor@sysoev.ru>
date: Tue Jan 27 15:38:15 2015 +0300
description:
A bounds check of %N format on Windows.
Thanks to Joe Bialek, Adam Zabrocki and Microsoft Vulnerability Research.

diffstat:

src/core/ngx_string.c | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)

diffs (17 lines):

diff -r 0a198a517eaf -r 78271500b8de src/core/ngx_string.c
--- a/src/core/ngx_string.c Wed Jan 14 09:03:35 2015 +0300
+++ b/src/core/ngx_string.c Tue Jan 27 15:38:15 2015 +0300
@@ -429,8 +429,12 @@ ngx_vslprintf(u_char *buf, u_char *last,
case 'N':
#if (NGX_WIN32)
*buf++ = CR;
+ if (buf < last) {
+ *buf++ = LF;
+ }
+#else
+ *buf++ = LF;
#endif
- *buf++ = LF;
fmt++;

continue;

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Reply Quote
RSS
Subject Author Views Posted

[nginx] A bounds check of %N format on Windows.

Igor Sysoev 2495 January 27, 2015 07:40AM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 304
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready