nginx 0.5.8 *) Bugfix: a segmentation fault might occur if "client_body_in_file_only on" was used and a request body was small. *) Bugfix: a segmentation fault occurred if "client_body_in_file_only on" and "proxy_pass_request_body off" or "fastcgi_pass_request_body off" directives were used, and nginx switched to a next upstream. *) Bugfix: if the "proxy_buffering off" directive was used and a client connection was non-active, then the connection was closed after send timeout; bug appeared in 0.4.7. *) Bugfix: if the "epoll" method was used and a client closed a connection prematurely, then nginx closed the connection after a send timeout only. *) Bugfix: the "[alert] zero size buf" error when FastCGI server was used. *) Bugfixes in the "limit_zone" directive.

--- a/src/http/modules/ngx_http_limit_zone_module.c
+++ b/src/http/modules/ngx_http_limit_zone_module.c
@@ -179,7 +179,7 @@ ngx_http_limit_zone_handler(ngx_http_req
         do {
             lz = (ngx_http_limit_zone_node_t *) &node->color;
 
-            rc = ngx_memn2cmp(lz->data, vv->data, (size_t) lz->len, len);
+            rc = ngx_memn2cmp(vv->data, lz->data, len, (size_t) lz->len);
 
             if (rc == 0) {
                 if ((ngx_uint_t) lz->conn < lzcf->conn) {