IntenseWebs/nginx
3
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity
An official read-only mirror of http://hg.nginx.org/nginx/ which is updated hourly. Pull requests on GitHub cannot be accepted and will be automatically closed. The proper way to submit changes to nginx is via the nginx development mailing list, see http://nginx.org/en/docs/contributing_changes.html
5,564 Commits 21 Branches 570 Tags 102 MiB
C 97.6%
Vim Script 1.8%
XS 0.4%
Perl 0.1%
1d294eea3e
Go to file
Valentin Bartenev 1d294eea3e Fixed buffer over-read while logging invalid request headers. 
Since 667aaf61a778 (1.1.17) the ngx_http_parse_header_line() function can return
NGX_HTTP_PARSE_INVALID_HEADER when a header contains NUL character.  In this
case the r->header_end pointer isn't properly initialized, but the log message
in ngx_http_process_request_headers() hasn't been adjusted.  It used the pointer
in size calculation, which might result in up to 2k buffer over-read.

Found with afl-fuzz.
2016-02-24 16:01:23 +03:00
auto Configure: added "build" target. 2016-02-19 18:13:54 +03:00
conf Added the REQUEST_SCHEME parameter. 2015-06-05 22:23:26 +03:00
contrib Contrib: add more directives to vim syntax. 2014-10-22 15:31:19 +02:00
docs nginx-1.9.11-RELEASE 2016-02-09 17:11:56 +03:00
misc Updated OpenSSL used for win32 builds. 2016-02-13 07:28:14 +03:00
src Fixed buffer over-read while logging invalid request headers. 2016-02-24 16:01:23 +03:00
.hgtags release-1.9.11 tag 2016-02-09 17:11:57 +03:00