[nginx] Variables: fixed buffer over-read when evaluating "$arg_".
Sergey Kandaurov
pluknet at nginx.com
Fri May 8 16:22:47 UTC 2020
details: https://hg.nginx.org/nginx/rev/028b16e2798f
branches:
changeset: 7648:028b16e2798f
user: Sergey Kandaurov <pluknet at nginx.com>
date: Fri May 08 19:19:16 2020 +0300
description:
Variables: fixed buffer over-read when evaluating "$arg_".
diffstat:
src/http/ngx_http_variables.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diffs (12 lines):
diff -r 716eddd74bc2 -r 028b16e2798f src/http/ngx_http_variables.c
--- a/src/http/ngx_http_variables.c Thu Apr 23 15:10:26 2020 +0300
+++ b/src/http/ngx_http_variables.c Fri May 08 19:19:16 2020 +0300
@@ -1075,7 +1075,7 @@ ngx_http_variable_argument(ngx_http_requ
len = name->len - (sizeof("arg_") - 1);
arg = name->data + sizeof("arg_") - 1;
- if (ngx_http_arg(r, arg, len, &value) != NGX_OK) {
+ if (len == 0 || ngx_http_arg(r, arg, len, &value) != NGX_OK) {
v->not_found = 1;
return NGX_OK;
}
More information about the nginx-devel
mailing list