Mercurial > hg > nginx-vendor-current
comparison src/core/ngx_rbtree.c @ 670:ad45b044f1e5 NGINX_1_1_19
nginx 1.1.19
*) Security: specially crafted mp4 file might allow to overwrite memory
locations in a worker process if the ngx_http_mp4_module was used,
potentially resulting in arbitrary code execution (CVE-2012-2089).
Thanks to Matthew Daley.
*) Bugfix: nginx/Windows might be terminated abnormally.
Thanks to Vincent Lee.
*) Bugfix: nginx hogged CPU if all servers in an upstream were marked as
"backup".
*) Bugfix: the "allow" and "deny" directives might be inherited
incorrectly if they were used with IPv6 addresses.
*) Bugfix: the "modern_browser" and "ancient_browser" directives might
be inherited incorrectly.
*) Bugfix: timeouts might be handled incorrectly on Solaris/SPARC.
*) Bugfix: in the ngx_http_mp4_module.
| author | Igor Sysoev <http://sysoev.ru> |
|---|---|
| date | Thu, 12 Apr 2012 00:00:00 +0400 |
| parents | d0f7a625f27c |
| children |
comparison
equal
deleted
inserted
replaced
| 669:3f5d0be5ee74 | 670:ad45b044f1e5 |
|---|---|
| 134 * The comparison takes into account that overflow. | 134 * The comparison takes into account that overflow. |
| 135 */ | 135 */ |
| 136 | 136 |
| 137 /* node->key < temp->key */ | 137 /* node->key < temp->key */ |
| 138 | 138 |
| 139 p = ((ngx_rbtree_key_int_t) node->key - (ngx_rbtree_key_int_t) temp->key | 139 p = ((ngx_rbtree_key_int_t) (node->key - temp->key) < 0) |
| 140 < 0) | |
| 141 ? &temp->left : &temp->right; | 140 ? &temp->left : &temp->right; |
| 142 | 141 |
| 143 if (*p == sentinel) { | 142 if (*p == sentinel) { |
| 144 break; | 143 break; |
| 145 } | 144 } |