Mercurial > hg > nginx
comparison src/core/ngx_string.c @ 7120:874171c3c71a
Fixed handling of non-null-terminated unix sockets.
At least FreeBSD, macOS, NetBSD, and OpenBSD can return unix sockets
with non-null-terminated sun_path. Additionally, the address may become
non-null-terminated if it does not fit into the buffer provided and was
truncated (may happen on macOS, NetBSD, and Solaris, which allow unix socket
addresess larger than struct sockaddr_un). As such, ngx_sock_ntop() might
overread the sockaddr provided, as it used "%s" format and thus assumed
null-terminated string.
To fix this, the ngx_strnlen() function was introduced, and it is now used
to calculate correct length of sun_path.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Wed, 04 Oct 2017 21:19:38 +0300 |
| parents | e3723f2a11b7 |
| children | 9ca82f273967 |
comparison
equal
deleted
inserted
replaced
| 7119:fef61d26da39 | 7120:874171c3c71a |
|---|---|
| 24 *dst = ngx_tolower(*src); | 24 *dst = ngx_tolower(*src); |
| 25 dst++; | 25 dst++; |
| 26 src++; | 26 src++; |
| 27 n--; | 27 n--; |
| 28 } | 28 } |
| 29 } | |
| 30 | |
| 31 | |
| 32 size_t | |
| 33 ngx_strnlen(u_char *p, size_t n) | |
| 34 { | |
| 35 size_t i; | |
| 36 | |
| 37 for (i = 0; i < n; i++) { | |
| 38 | |
| 39 if (p[i] == '\0') { | |
| 40 return i; | |
| 41 } | |
| 42 } | |
| 43 | |
| 44 return n; | |
| 29 } | 45 } |
| 30 | 46 |
| 31 | 47 |
| 32 u_char * | 48 u_char * |
| 33 ngx_cpystrn(u_char *dst, u_char *src, size_t n) | 49 ngx_cpystrn(u_char *dst, u_char *src, size_t n) |