Mercurial > hg > nginx-quic
comparison src/mail/ngx_mail_ssl_module.c @ 8948:e32b48848add
SSL: improved validation of ssl_session_cache and ssl_ocsp_cache.
Now it properly detects invalid shared zone configuration with omitted size.
Previously it used to read outside of the buffer boundary.
Found with AddressSanitizer.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Mon, 17 Oct 2022 16:24:53 +0400 |
parents | dc955d274130 |
children | d1cf09451ae8 |
comparison
equal
deleted
inserted
replaced
8947:81b4326daac7 | 8948:e32b48848add |
---|---|
680 } | 680 } |
681 | 681 |
682 len++; | 682 len++; |
683 } | 683 } |
684 | 684 |
685 if (len == 0) { | 685 if (len == 0 || j == value[i].len) { |
686 goto invalid; | 686 goto invalid; |
687 } | 687 } |
688 | 688 |
689 name.len = len; | 689 name.len = len; |
690 name.data = value[i].data + sizeof("shared:") - 1; | 690 name.data = value[i].data + sizeof("shared:") - 1; |