Hello,
Below are two patches, created by results of running nginx-tests with
GCC undefined behaviour sanitizer enabled.
The first one is about memcpy() with NULL second argument calls, which
are considere undefined behaviour by sanitizer. While the actual harm
is arguable, having such calls is not a good practice.
Most of them are results of passing empty ngx_str_t, either for logging
or in some other cases.
I've decided to test arguments in ngx_resolver_dup() as it seems that
adding checks to the calling code will introduce to much changes. YMMV.
In ngx_http_variables_request_body() all buffers are copied to output,
which may include special. Probably the check must be ngx_buf_special() ?
Other cases are obvious checks that allow to skip copy if there is
nothing to do actually.
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx-devel