[njs] Fixed heap-use-after-free in await frame.
Alexander Borisov
alexander.borisov at nginx.com
Mon Nov 1 15:34:02 UTC 2021
details: https://hg.nginx.org/njs/rev/360384498060
branches:
changeset: 1732:360384498060
user: Alexander Borisov <alexander.borisov at nginx.com>
date: Mon Nov 01 18:32:48 2021 +0300
description:
Fixed heap-use-after-free in await frame.
The bug was introduced in 92d10cd761e2 (0.7.0).
diffstat:
src/njs_async.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diffs (12 lines):
diff -r d2e23f936214 -r 360384498060 src/njs_async.c
--- a/src/njs_async.c Fri Oct 29 13:57:26 2021 +0000
+++ b/src/njs_async.c Mon Nov 01 18:32:48 2021 +0300
@@ -72,6 +72,8 @@ njs_await_fulfilled(njs_vm_t *vm, njs_va
}
async = ctx->await;
+ async->previous = vm->top_frame;
+
function = async->function;
cur_local = vm->levels[NJS_LEVEL_LOCAL];
More information about the nginx-devel
mailing list