]> git.kaiwu.me - nginx.git/commitdiff
projects / nginx.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7e1eba5)
A bounds check of %N format on Windows.
authorIgor Sysoev <igor@sysoev.ru>
Tue, 27 Jan 2015 12:38:15 +0000 (15:38 +0300)
committerIgor Sysoev <igor@sysoev.ru>
Tue, 27 Jan 2015 12:38:15 +0000 (15:38 +0300)
Thanks to Joe Bialek, Adam Zabrocki and Microsoft Vulnerability Research.

src/core/ngx_string.c patch | blob | history

diff --git a/src/core/ngx_string.c b/src/core/ngx_string.c
index a41c38d37b4ff340f79c686d3b1df374444a542e..f8641b7abc05f0078adc71e3a7909afb2a21172e 100644 (file)
--- a/src/core/ngx_string.c
+++ b/src/core/ngx_string.c
@@ -429,8 +429,12 @@ ngx_vslprintf(u_char *buf, u_char *last, const char *fmt, va_list args)
             case 'N':
 #if (NGX_WIN32)
                 *buf++ = CR;
-#endif
+                if (buf < last) {
+                    *buf++ = LF;
+                }
+#else
                 *buf++ = LF;
+#endif
                 fmt++;
 
                 continue;
nginx upstream