Fixed incorrect length handling in ngx_utf8_length(). Previously, ngx_utf8_decode() was called from ngx_utf8_length() with incorrect length, potentially resulting in out-of-bounds read when handling invalid UTF-8 strings. In practice out-of-bounds reads are not possible though, as autoindex, the only user of ngx_utf8_length(), provides null-terminated strings, and ngx_utf8_decode() anyway returns an errors when it sees a null in the middle of an UTF-8 sequence. Reported by Yunbin Liu.

/*
 * Copyright (C) Igor Sysoev
 * Copyright (C) Nginx, Inc.
 */


#ifndef _NGX_CRYPT_H_INCLUDED_
#define _NGX_CRYPT_H_INCLUDED_


#include <ngx_config.h>
#include <ngx_core.h>


ngx_int_t ngx_crypt(ngx_pool_t *pool, u_char *key, u_char *salt,
    u_char **encrypted);


#endif /* _NGX_CRYPT_H_INCLUDED_ */