From: Valentin Bartenev <vbart@nginx.com>
Date: Sat, 23 Feb 2013 13:23:48 +0000 (+0000)
Subject: Fixed potential segfault in ngx_http_keepalive_handler().
X-Git-Tag: release-1.3.14~16
X-Git-Url: http://www.kaiwu.me/postgresql/commit/?a=commitdiff_plain;h=f1d5d03eee7917430c44c9ee8dcaba4efbb79cab;p=nginx.git

Fixed potential segfault in ngx_http_keepalive_handler().

In case of error in the read event handling we close a connection
by calling ngx_http_close_connection(), that also destroys connection
pool. Thereafter, an attempt to free a buffer (added in r4892) that
was allocated from the pool could cause SIGSEGV and is meaningless
as well (the buffer already freed with the pool).
---

diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c
index 763e7bf11..5dc6942b0 100644
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -2758,6 +2758,7 @@ ngx_http_keepalive_handler(ngx_event_t *rev)
     if (n == NGX_AGAIN) {
         if (ngx_handle_read_event(rev, 0) != NGX_OK) {
             ngx_http_close_connection(c);
+            return;
         }
 
         /*