Mercurial > hg > nginx-quic

view auto/lib/make @ 6409:71edd9192f24

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fixed buffer over-read while logging invalid request headers. Since 667aaf61a778 (1.1.17) the ngx_http_parse_header_line() function can return NGX_HTTP_PARSE_INVALID_HEADER when a header contains NUL character. In this case the r->header_end pointer isn't properly initialized, but the log message in ngx_http_process_request_headers() hasn't been adjusted. It used the pointer in size calculation, which might result in up to 2k buffer over-read. Found with afl-fuzz.
author Valentin Bartenev <vbart@nginx.com>
date Wed, 24 Feb 2016 16:01:23 +0300
parents d620f497c50f
children 39a806ccf21e
line wrap: on
line source


# Copyright (C) Igor Sysoev
# Copyright (C) Nginx, Inc.


if [ $PCRE != NONE -a $PCRE != NO -a $PCRE != YES ]; then
    . auto/lib/pcre/make
fi

if [ $MD5 != NONE -a $MD5 != NO -a $MD5 != YES ]; then
    . auto/lib/md5/make
fi

if [ $SHA1 != NONE -a $SHA1 != NO -a $SHA1 != YES ]; then
    . auto/lib/sha1/make
fi

if [ $OPENSSL != NONE -a $OPENSSL != NO -a $OPENSSL != YES ]; then
    . auto/lib/openssl/make
fi

if [ $ZLIB != NONE -a $ZLIB != NO -a $ZLIB != YES ]; then
    . auto/lib/zlib/make
fi

if [ $NGX_LIBATOMIC != NO -a $NGX_LIBATOMIC != YES ]; then
    . auto/lib/libatomic/make
fi

if [ $USE_PERL = YES ]; then
    . auto/lib/perl/make
fi