Core: fixed segfault with null in wildcard hash names.

A configuration like

    server { server_name .foo^@; }
    server { server_name .foo; }

resulted in a segmentation fault during construction of server names hash.

Reported by Markus Linnala.
Found with afl-fuzz.

diff --git a/src/core/ngx_hash.c b/src/core/ngx_hash.c
index 1a5d0be2efe8faa5a0a06706a5e58ef4761ee494..151e643047b3a19d0fa548eea458fc7127ac866c 100644 (file)
--- a/src/core/ngx_hash.c
+++ b/src/core/ngx_hash.c
@@ -743,6 +743,10 @@ ngx_hash_add_key(ngx_hash_keys_arrays_t *ha, ngx_str_t *key, void *value,
             if (key->data[i] == '.' && key->data[i + 1] == '.') {
                 return NGX_DECLINED;
             }
+
+            if (key->data[i] == '\0') {
+                return NGX_DECLINED;
+            }
         }
 
         if (key->len > 1 && key->data[0] == '.') {