Mercurial > hg > nginx-quic
view src/core/ngx_sha1.h @ 6463:5df5d7d771f6
Core: allow strings without null-termination in ngx_parse_url().
This fixes buffer over-read while using variables in the "proxy_pass",
"fastcgi_pass", "scgi_pass", and "uwsgi_pass" directives, where result
of string evaluation isn't null-terminated.
Found with MemorySanitizer.
Signed-off-by: Piotr Sikora <piotrsikora@google.com>
author | Piotr Sikora <piotrsikora@google.com> |
---|---|
date | Fri, 26 Feb 2016 17:30:27 -0800 |
parents | d620f497c50f |
children | 1064ea81ed3a |
line wrap: on
line source
/* * Copyright (C) Igor Sysoev * Copyright (C) Nginx, Inc. */ #ifndef _NGX_SHA1_H_INCLUDED_ #define _NGX_SHA1_H_INCLUDED_ #include <ngx_config.h> #include <ngx_core.h> #if (NGX_HAVE_OPENSSL_SHA1_H) #include <openssl/sha.h> #else #include <sha.h> #endif typedef SHA_CTX ngx_sha1_t; #define ngx_sha1_init SHA1_Init #define ngx_sha1_update SHA1_Update #define ngx_sha1_final SHA1_Final #endif /* _NGX_SHA1_H_INCLUDED_ */