git.kaiwu.me - nginx.git/commit

]> git.kaiwu.me - nginx.git/commit

projects / nginx.git / commit

summary | shortlog | log | commit | commitdiff | tree
(parent: d9a65e9) | patch

author	Maxim Dounin <mdounin@mdounin.ru>
	Mon, 4 Jun 2012 10:15:55 +0000 (10:15 +0000)
committer	Maxim Dounin <mdounin@mdounin.ru>
	Mon, 4 Jun 2012 10:15:55 +0000 (10:15 +0000)
commit	5f291006a65d7a7dbcfbb5d315f04eaf3917d868
tree	92cb65aa67c1436b77f9cb516b4aac12b7d24f51	tree \| snapshot
parent	d9a65e9874028c9a38dde1ea52ba744ec2a19d6d	commit \| diff

Merge of r4611, r4620: resolver fixes.

*) Fixed segmentation fault in ngx_resolver_create_name_query().

   If name passed for resolution was { 0, NULL } (e.g. as a result
   of name server returning CNAME pointing to ".") pointer wrapped
   to (void *) -1 resulting in segmentation fault on an attempt to
   dereference it.

   Reported by Lanshun Zhou.

*) Resolver: protection from duplicate responses.

   If we already had CNAME in resolver node (i.e. rn->cnlen and rn->u.cname
   set), and got additional response with A record, it resulted in rn->cnlen
   set and rn->u.cname overwritten by rn->u.addr (or rn->u.addrs), causing
   segmentation fault later in ngx_resolver_free_node() on an attempt to free
   overwritten rn->u.cname.  The opposite (i.e. CNAME got after A) might cause
   similar problems as well.

src/core/ngx_resolver.c

diff | blob | history

nginx upstream