Mercurial > hg > nginx-quic
diff docs/xslt/changes.xslt @ 6463:5df5d7d771f6
Core: allow strings without null-termination in ngx_parse_url().
This fixes buffer over-read while using variables in the "proxy_pass",
"fastcgi_pass", "scgi_pass", and "uwsgi_pass" directives, where result
of string evaluation isn't null-terminated.
Found with MemorySanitizer.
Signed-off-by: Piotr Sikora <piotrsikora@google.com>
author | Piotr Sikora <piotrsikora@google.com> |
---|---|
date | Fri, 26 Feb 2016 17:30:27 -0800 |
parents | db6d07dbef3c |
children | b7e02f47a339 |