[njs] Fixed heap-buffer-overflow while importing module.

Dmitry Volyntsev xeioex at nginx.com
Wed Jul 3 15:33:22 UTC 2019


details:   https://hg.nginx.org/njs/rev/5c57b9efd77e
branches:  
changeset: 1028:5c57b9efd77e
user:      Dmitry Volyntsev <xeioex at nginx.com>
date:      Wed Jul 03 18:30:59 2019 +0300
description:
Fixed heap-buffer-overflow while importing module.

This closes #187 issue on Github.

diffstat:

 njs/njs_module.c |  9 ++++-----
 1 files changed, 4 insertions(+), 5 deletions(-)

diffs (21 lines):

diff -r bf593c4b1c7f -r 5c57b9efd77e njs/njs_module.c
--- a/njs/njs_module.c	Wed Jul 03 17:16:40 2019 +0300
+++ b/njs/njs_module.c	Wed Jul 03 18:30:59 2019 +0300
@@ -341,13 +341,12 @@ njs_module_read(njs_vm_t *vm, int fd, nx
         goto fail;
     }
 
-    text->length = nxt_length(NJS_MODULE_START);
-
-    if (S_ISREG(sb.st_mode) && sb.st_size) {
-        text->length += sb.st_size;
+    if (!S_ISREG(sb.st_mode)) {
+        goto fail;
     }
 
-    text->length += nxt_length(NJS_MODULE_END);
+    text->length = nxt_length(NJS_MODULE_START) + sb.st_size
+                   + nxt_length(NJS_MODULE_END);
 
     text->start = nxt_mp_alloc(vm->mem_pool, text->length);
     if (text->start == NULL) {


More information about the nginx-devel mailing list