diff options
| author | Sergey Kandaurov <pluknet@nginx.com> | 2022-10-17 16:24:53 +0400 |
|---|---|---|
| committer | Sergey Kandaurov <pluknet@nginx.com> | 2022-10-17 16:24:53 +0400 |
| commit | 35fce42269bf1c84eadef6660021cefa08a960d7 (patch) | |
| tree | 744e00a403f7b2df47544e78bd1bc43318212d21 /src/stream/ngx_stream_ssl_module.c | |
| parent | 5b23fe690f0ddd0fe4af1ed01d7a4df95aa54d10 (diff) | |
| download | nginx-35fce42269bf1c84eadef6660021cefa08a960d7.tar.gz nginx-35fce42269bf1c84eadef6660021cefa08a960d7.zip | |
SSL: improved validation of ssl_session_cache and ssl_ocsp_cache.
Now it properly detects invalid shared zone configuration with omitted size.
Previously it used to read outside of the buffer boundary.
Found with AddressSanitizer.
Diffstat (limited to 'src/stream/ngx_stream_ssl_module.c')
| -rw-r--r-- | src/stream/ngx_stream_ssl_module.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/stream/ngx_stream_ssl_module.c b/src/stream/ngx_stream_ssl_module.c index c5308322a..105aa1178 100644 --- a/src/stream/ngx_stream_ssl_module.c +++ b/src/stream/ngx_stream_ssl_module.c @@ -1073,7 +1073,7 @@ ngx_stream_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) len++; } - if (len == 0) { + if (len == 0 || j == value[i].len) { goto invalid; } |