[PATCH] fixing a dst-src-overlapping issue for memcpy in the core

Mon Jun 7 13:35:58 MSD 2010

Hi, Igor and others

Here's the patch for nginx 0.8.39's core to fix a dst-src-overlapping
issue for ngx_http_script.c:

    http://agentzh.org/misc/nginx/nginx-0.8.39-redirect_memcpy_overlap.patch

This issue affects at least the "rewrite" directive in the standard
ngx_rewrite module and was captured by valgrind's memcheck.

I've also pasted the full patch to the end of mail for convenience :)

Cheers,
-agentzh

--- nginx-0.8.39/src/http/ngx_http_script.c	2010-05-14 17:56:37.000000000 +0800
+++ nginx-0.8.39-patched/src/http/ngx_http_script.c	2010-06-07
17:15:27.399312041 +0800
@@ -983,7 +983,11 @@
                          NGX_UNESCAPE_REDIRECT);

         if (src < e->pos) {
-            dst = ngx_copy(dst, src, e->pos - src);
+            if (src != dst) {
+                memmove(dst, src, e->pos - src);
+            }
+
+            dst += e->pos - src;
         }

         e->pos = dst;

