Mercurial > hg > nginx-quic
view auto/lib/pcre/makefile.owc @ 6409:71edd9192f24
Fixed buffer over-read while logging invalid request headers.
Since 667aaf61a778 (1.1.17) the ngx_http_parse_header_line() function can return
NGX_HTTP_PARSE_INVALID_HEADER when a header contains NUL character. In this
case the r->header_end pointer isn't properly initialized, but the log message
in ngx_http_process_request_headers() hasn't been adjusted. It used the pointer
in size calculation, which might result in up to 2k buffer over-read.
Found with afl-fuzz.
author | Valentin Bartenev <vbart@nginx.com> |
---|---|
date | Wed, 24 Feb 2016 16:01:23 +0300 |
parents | 670ceaba03d8 |
children |
line wrap: on
line source
# Copyright (C) Igor Sysoev # Copyright (C) Nginx, Inc. CFLAGS = -c -zq -bt=nt -ot -op -oi -oe -s -bm $(CPU_OPT) PCREFLAGS = -DHAVE_CONFIG_H -DPCRE_STATIC -DPOSIX_MALLOC_THRESHOLD=10 & -DSUPPORT_PCRE8 -DHAVE_MEMMOVE pcre.lib: cd $(PCRE) wcl386 $(CFLAGS) -i=. $(PCREFLAGS) pcre_*.c dir /b *.obj > pcre.lst wlib -n pcre.lib @pcre.lst pcre.h: cd $(PCRE) copy /y pcre.h.generic pcre.h copy /y config.h.generic config.h copy /y pcre_chartables.c.dist pcre_chartables.c