Segfault in NGINX - testcase
Maxim Dounin
mdounin at mdounin.ru
Sat Mar 20 04:00:51 MSK 2010
Hello!
On Fri, Mar 19, 2010 at 04:19:43PM -0400, double wrote:
> Hello,
>
> NGINX will segfault, if you delete the root node in an rbtree with
> two elements. Testcase:
> http://doppelbauer.name/nginx-testcase.c
>
> A patch is attached below.
>From what I see it's your function ngx_rbtree_next() which
segfaults, not nginx. It tries to identify root node via checking
it's parent against NULL - which is not correct way to do it, you
should instead compare node pointer against tree root pointer.
If you do still think that nginx is affected - please provide
another test case. The one which uses nginx, not code borrowed
from it, is preffered - see http://mdounin.ru/hg/nginx-tests/ for
some framework and test samples.
Maxim Dounin
More information about the nginx
mailing list