Mercurial > hg > nginx

changeset 5082:42a888fdad0b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fixed potential segfault in ngx_http_keepalive_handler(). In case of error in the read event handling we close a connection by calling ngx_http_close_connection(), that also destroys connection pool. Thereafter, an attempt to free a buffer (added in r4892) that was allocated from the pool could cause SIGSEGV and is meaningless as well (the buffer already freed with the pool).
author Valentin Bartenev <vbart@nginx.com>
date Sat, 23 Feb 2013 13:23:48 +0000
parents bebcc2f837d3
children a805dc9c85cd
files src/http/ngx_http_request.c
diffstat 1 files changed, 1 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -2758,6 +2758,7 @@ ngx_http_keepalive_handler(ngx_event_t *
     if (n == NGX_AGAIN) {
         if (ngx_handle_read_event(rev, 0) != NGX_OK) {
             ngx_http_close_connection(c);
+            return;
         }
 
         /*