Mercurial > hg > nginx
comparison src/http/modules/ngx_http_range_filter_module.c @ 7067:e3723f2a11b7
Parenthesized ASCII-related calculations.
This also fixes potential undefined behaviour in the range and slice filter
modules, caused by local overflows of signed integers in expressions.
| author | Valentin Bartenev <vbart@nginx.com> |
|---|---|
| date | Mon, 17 Jul 2017 17:23:51 +0300 |
| parents | 887c8c58ffeb |
| children | a2f5e25d6a28 |
comparison
equal
deleted
inserted
replaced
| 7066:a27e0c7e198c | 7067:e3723f2a11b7 |
|---|---|
| 313 while (*p >= '0' && *p <= '9') { | 313 while (*p >= '0' && *p <= '9') { |
| 314 if (start >= cutoff && (start > cutoff || *p - '0' > cutlim)) { | 314 if (start >= cutoff && (start > cutoff || *p - '0' > cutlim)) { |
| 315 return NGX_HTTP_RANGE_NOT_SATISFIABLE; | 315 return NGX_HTTP_RANGE_NOT_SATISFIABLE; |
| 316 } | 316 } |
| 317 | 317 |
| 318 start = start * 10 + *p++ - '0'; | 318 start = start * 10 + (*p++ - '0'); |
| 319 } | 319 } |
| 320 | 320 |
| 321 while (*p == ' ') { p++; } | 321 while (*p == ' ') { p++; } |
| 322 | 322 |
| 323 if (*p++ != '-') { | 323 if (*p++ != '-') { |
| 343 while (*p >= '0' && *p <= '9') { | 343 while (*p >= '0' && *p <= '9') { |
| 344 if (end >= cutoff && (end > cutoff || *p - '0' > cutlim)) { | 344 if (end >= cutoff && (end > cutoff || *p - '0' > cutlim)) { |
| 345 return NGX_HTTP_RANGE_NOT_SATISFIABLE; | 345 return NGX_HTTP_RANGE_NOT_SATISFIABLE; |
| 346 } | 346 } |
| 347 | 347 |
| 348 end = end * 10 + *p++ - '0'; | 348 end = end * 10 + (*p++ - '0'); |
| 349 } | 349 } |
| 350 | 350 |
| 351 while (*p == ' ') { p++; } | 351 while (*p == ' ') { p++; } |
| 352 | 352 |
| 353 if (*p != ',' && *p != '\0') { | 353 if (*p != ',' && *p != '\0') { |