Mercurial > hg > nginx-quic
comparison src/core/ngx_string.c @ 5965:78271500b8de
A bounds check of %N format on Windows.
Thanks to Joe Bialek, Adam Zabrocki and Microsoft Vulnerability Research.
author | Igor Sysoev <igor@sysoev.ru> |
---|---|
date | Tue, 27 Jan 2015 15:38:15 +0300 |
parents | 33c08d7e2915 |
children | 15a15f6ae3a2 |
comparison
equal
deleted
inserted
replaced
5964:0a198a517eaf | 5965:78271500b8de |
---|---|
427 continue; | 427 continue; |
428 | 428 |
429 case 'N': | 429 case 'N': |
430 #if (NGX_WIN32) | 430 #if (NGX_WIN32) |
431 *buf++ = CR; | 431 *buf++ = CR; |
432 if (buf < last) { | |
433 *buf++ = LF; | |
434 } | |
435 #else | |
436 *buf++ = LF; | |
432 #endif | 437 #endif |
433 *buf++ = LF; | |
434 fmt++; | 438 fmt++; |
435 | 439 |
436 continue; | 440 continue; |
437 | 441 |
438 case '%': | 442 case '%': |