[njs] Fixed 1-byte memory over-read introduced in previous commit.

Dmitry Volyntsev xeioex at nginx.com
Fri Dec 24 16:58:35 UTC 2021


details:   https://hg.nginx.org/njs/rev/53510b595bb5
branches:  
changeset: 1780:53510b595bb5
user:      Dmitry Volyntsev <xeioex at nginx.com>
date:      Thu Dec 23 14:28:12 2021 +0000
description:
Fixed 1-byte memory over-read introduced in previous commit.

sizeof("\0") returns 2 because of the implicit zero byte added at
the end of string literals. Instead njs_length() was intended to be
used.

diffstat:

 external/njs_fs.c |  2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diffs (12 lines):

diff -r 9e1fd062a1d8 -r 53510b595bb5 external/njs_fs.c
--- a/external/njs_fs.c	Thu Dec 23 13:30:44 2021 +0000
+++ b/external/njs_fs.c	Thu Dec 23 14:28:12 2021 +0000
@@ -2153,7 +2153,7 @@ njs_ftw(char *path, njs_file_tree_walk_c
             }
 
             path[base] = '/';
-            memcpy(&path[base + 1], d_name, length + sizeof("\0"));
+            memcpy(&path[base + 1], d_name, length + njs_length("\0"));
 
             if (fd_limit != 0) {
                 ret = njs_ftw(path, cb, fd_limit - 1, flags, &trace);


More information about the nginx-devel mailing list