How to reproduce issue CVE-2016-4450?

石磊 shilei at
Mon Jun 6 01:50:28 UTC 2016

Thank you very much for the quick response.
So can I say that if the nginx do not read the request body, it will not have the “CVE-2016-4450” issue?


From: 石磊
Sent: Friday, June 03, 2016 2:55 PM
To: 'nginx at'
Subject: How to reproduce issue CVE-2016-4450?


I am working on the fixing of issue CVE-2016-4450, it seems that if the request body is neither saved in the memory nor in file, it might crash when save the request body to the temp file.
Could you instruct me what kind of request body can trigger this issue? I want to reproduce it, and evaluate the whether upgrade our nginx server.

Refer to CVE-2016-4450:
A problem was identified in nginx code responsible for saving
client request body to a temporary file.  A specially crafted request
might result in worker process crash due to a NULL pointer dereference
while writing client request body to a temporary file (CVE-2016-4450).


石  磊


手机:+86 138 1180 3496
传真:+86 10 6267 7000
邮箱:shilei at<mailto:shilei at>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 25521 bytes
Desc: image001.jpg
URL: <>

More information about the nginx mailing list