mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-06-12 21:52:41 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

A bounds check of %N format on Windows.

Browse Source 
Thanks to Joe Bialek, Adam Zabrocki and Microsoft Vulnerability Research.
This commit is contained in:
Igor Sysoev 2015-01-27 15:38:15 +03:00
parent 7e1eba5faa
commit 415c8ec4b4
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/core/ngx_string.c
View File

@ -429,8 +429,12 @@ ngx_vslprintf(u_char *buf, u_char *last, const char *fmt, va_list args)
case 'N': case 'N':
#if (NGX_WIN32) #if (NGX_WIN32)
*buf++ = CR; *buf++ = CR;
#endif if (buf < last) {
*buf++ = LF;
}
#else
*buf++ = LF; *buf++ = LF;
#endif
fmt++; fmt++;
continue; continue;