nginx: 778d2cc03e22

changeset 4610:778d2cc03e22

Fixed segmentation fault in ngx_resolver_create_name_query(). If name passed for resolution was { 0, NULL } (e.g. as a result of name server returning CNAME pointing to ".") pointer wrapped to (void *) -1 resulting in segmentation fault on an attempt to dereference it. Reported by Lanshun Zhou.

author Ruslan Ermilov <ru@nginx.com>

date Thu, 26 Apr 2012 12:58:42 +0000

parents 22ab12943ed6

children 2b6cb7528409

files src/core/ngx_resolver.c

diffstat

1 files changed, 4 insertions(+), 0 deletions(-) [+]

line wrap: on

line diff

--- a/src/core/ngx_resolver.c
+++ b/src/core/ngx_resolver.c
@@ -1834,6 +1834,10 @@ ngx_resolver_create_name_query(ngx_resol
     p--;
     *p-- = '\0';
 
+    if (ctx->name.len == 0)  {
+        return NGX_DECLINED;
+    }
+
     for (s = ctx->name.data + ctx->name.len - 1; s >= ctx->name.data; s--) {
         if (*s != '.') {
             *p = *s;