git.kaiwu.me - nginx.git/commit

]> git.kaiwu.me - nginx.git/commit

projects / nginx.git / commit

summary | shortlog | log | commit | commitdiff | tree
(parent: 98fc3bb) | patch

author	Andrew Clayton <a.clayton@nginx.com>
	Thu, 19 Mar 2026 04:21:21 +0000 (04:21 +0000)
committer	Andrew Clayton <a.clayton@nginx.com>
	Mon, 20 Apr 2026 18:56:40 +0000 (19:56 +0100)
commit	b0a4d0fb823b2d4820b333ed4ea4a2c0ad9a56c8
tree	e89721a538e4189bf5cb28f996b7f7b55b0cb932	tree \| snapshot
parent	98fc3bb78e8daef25c3d850c9cba8c2f787fb99e	commit \| diff

Avoid undefined behaviour in ngx_pstrdup()

In the third call to ngx_pstrdup() for setting cycle->conf_param.data in
ngx_init_cycle() we would pass in a nulled ngx_str_t in the case there
was no -g command line option passed to nginx.

This would result in a

memcpy(dst, NULL, 0)

which up to and including C23 is Undefined Behaviour.

Currently Clang and GCC (in this particular case) just treat this as a
no-op, so things just happen to work.

However some undefined behaviour sanitizers will throw an error when
this is hit, e.g. Clang and the zig compiler and it's probably best not
to rely on this behaviour.

It's worth noting that the next C standard will make this (and other
NULL related operations) defined behaviour.

Link: <https://www.open-std.org/jtc1/sc22/wg14/www/docs/n3322.pdf>
Closes: https://github.com/nginx/nginx/issues/1079

src/core/ngx_cycle.c

diff | blob | history

nginx upstream