QueryString: fixed underflow in parse().

Previously, njs_query_string_append() might be provided with invalid
val_size value when value in a key-value pair was absent.

Found by UndefinedBehaviorSanitizer.

diff --git a/external/njs_query_string_module.c b/external/njs_query_string_module.c
index b30ffe84393505739778c80916d08b71f8d63a9b..c927d8e464a98453ba0c1cc13ac767e14f53bf90 100644 (file)
--- a/external/njs_query_string_module.c
+++ b/external/njs_query_string_module.c
@@ -506,7 +506,7 @@ njs_query_string_parser(njs_vm_t *vm, u_char *query, u_char *end,
 
         size = val - key;
 
-        if (val != end) {
+        if (val != part) {
             val += eq->length;
         }