Mercurial > hg > nginx

changeset 4191:08d8af70760c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Improved access log escaping to better protect other software. Some character sets (notably ISO-8859-1) have C1 control characters in upper half, make sure to escape them. Reported by Jesus Olmos Gonzalez.
author Maxim Dounin <mdounin@mdounin.ru>
date Tue, 11 Oct 2011 17:54:38 +0000
parents d434191a147f
children 61e4af19df9f
files src/http/modules/ngx_http_log_module.c
diffstat 1 files changed, 5 insertions(+), 5 deletions(-) [+]
line wrap: on
line diff
--- a/src/http/modules/ngx_http_log_module.c
+++ b/src/http/modules/ngx_http_log_module.c
@@ -690,12 +690,12 @@ ngx_http_log_escape(u_char *dst, u_char 
         0x10000000, /* 0001 0000 0000 0000  0000 0000 0000 0000 */
 
                     /*  ~}| {zyx wvut srqp  onml kjih gfed cba` */
-        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */
+        0x80000000, /* 1000 0000 0000 0000  0000 0000 0000 0000 */
 
-        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */
-        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */
-        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */
-        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */
+        0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
+        0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
+        0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
+        0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
     };