mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2024-11-24 04:49:01 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
The official NGINX Open Source repository.
5,564 Commits 21 Branches 567 Tags 83 MiB
C 97.6%
Vim Script 1.8%
XS 0.4%
Perl 0.1%
1d294eea3e
Go to file
Valentin Bartenev 1d294eea3e Fixed buffer over-read while logging invalid request headers. 
Since 667aaf61a778 (1.1.17) the ngx_http_parse_header_line() function can return
NGX_HTTP_PARSE_INVALID_HEADER when a header contains NUL character.  In this
case the r->header_end pointer isn't properly initialized, but the log message
in ngx_http_process_request_headers() hasn't been adjusted.  It used the pointer
in size calculation, which might result in up to 2k buffer over-read.

Found with afl-fuzz.
2016-02-24 16:01:23 +03:00
auto Configure: added "build" target. 2016-02-19 18:13:54 +03:00
conf Added the REQUEST_SCHEME parameter. 2015-06-05 22:23:26 +03:00
contrib Contrib: add more directives to vim syntax. 2014-10-22 15:31:19 +02:00
docs nginx-1.9.11-RELEASE 2016-02-09 17:11:56 +03:00
misc Updated OpenSSL used for win32 builds. 2016-02-13 07:28:14 +03:00
src Fixed buffer over-read while logging invalid request headers. 2016-02-24 16:01:23 +03:00
.hgtags release-1.9.11 tag 2016-02-09 17:11:57 +03:00