Mercurial > hg > nginx-quic

view auto/lib/test @ 6409:71edd9192f24

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fixed buffer over-read while logging invalid request headers. Since 667aaf61a778 (1.1.17) the ngx_http_parse_header_line() function can return NGX_HTTP_PARSE_INVALID_HEADER when a header contains NUL character. In this case the r->header_end pointer isn't properly initialized, but the log message in ngx_http_process_request_headers() hasn't been adjusted. It used the pointer in size calculation, which might result in up to 2k buffer over-read. Found with afl-fuzz.
author Valentin Bartenev <vbart@nginx.com>
date Wed, 24 Feb 2016 16:01:23 +0300
parents 434548349838
children
line wrap: on
line source


# Copyright (C) Igor Sysoev
# Copyright (C) Nginx, Inc.


echo $ngx_n "checking for $ngx_lib ...$ngx_c"

cat << END >> $NGX_AUTOCONF_ERR

----------------------------------------
checking for $ngx_lib

END

ngx_found=no

cat << END > $NGX_AUTOTEST.c

$ngx_lib_incs

int main() {
    $ngx_lib_test;
    return 0;
}


eval "$CC $cc_test_flags $ngx_lib_cflags \
     -o $NGX_AUTOTEST $NGX_AUTOTEST.c $ngx_libs \
     >> $NGX_ERR 2>&1"

if [ -x $NGX_AUTOTEST ]; then
    echo " found"

    ngx_found=yes

else
    echo " not found"
fi

rm -rf $NGX_AUTOTEST*