[njs] Fixed heap-buffer-overflow while importing module.
Dmitry Volyntsev
xeioex at nginx.com
Wed Jul 3 15:33:22 UTC 2019
details: https://hg.nginx.org/njs/rev/5c57b9efd77e
branches:
changeset: 1028:5c57b9efd77e
user: Dmitry Volyntsev <xeioex at nginx.com>
date: Wed Jul 03 18:30:59 2019 +0300
description:
Fixed heap-buffer-overflow while importing module.
This closes #187 issue on Github.
diffstat:
njs/njs_module.c | 9 ++++-----
1 files changed, 4 insertions(+), 5 deletions(-)
diffs (21 lines):
diff -r bf593c4b1c7f -r 5c57b9efd77e njs/njs_module.c
--- a/njs/njs_module.c Wed Jul 03 17:16:40 2019 +0300
+++ b/njs/njs_module.c Wed Jul 03 18:30:59 2019 +0300
@@ -341,13 +341,12 @@ njs_module_read(njs_vm_t *vm, int fd, nx
goto fail;
}
- text->length = nxt_length(NJS_MODULE_START);
-
- if (S_ISREG(sb.st_mode) && sb.st_size) {
- text->length += sb.st_size;
+ if (!S_ISREG(sb.st_mode)) {
+ goto fail;
}
- text->length += nxt_length(NJS_MODULE_END);
+ text->length = nxt_length(NJS_MODULE_START) + sb.st_size
+ + nxt_length(NJS_MODULE_END);
text->start = nxt_mp_alloc(vm->mem_pool, text->length);
if (text->start == NULL) {
More information about the nginx-devel
mailing list