# HG changeset patch
# User Valentin Bartenev <vbart@nginx.com>
# Date 1462978520 -10800
# Node ID b358d670c654b25990f7b3516ed8a4e25e4f02f9
# Parent  2f98b5709d7965e7c97cb74b8380014179c7bf0d
Core: fixed port handling in ngx_parse_inet6_url().

This fixes buffer over-read when no port is specified in cases
similar to 5df5d7d771f6, and catches missing port separator.

diff --git a/src/core/ngx_inet.c b/src/core/ngx_inet.c
--- a/src/core/ngx_inet.c
+++ b/src/core/ngx_inet.c
@@ -861,7 +861,12 @@ ngx_parse_inet6_url(ngx_pool_t *pool, ng
             last = uri;
         }
 
-        if (*port == ':') {
+        if (port < last) {
+            if (*port != ':') {
+                u->err = "invalid host";
+                return NGX_ERROR;
+            }
+
             port++;
 
             len = last - port;