commit | 5e26ac35d9c1e1188889f79aabfd38d92139430a | [log] [tgz] |
---|---|---|
author | Maxim Dounin <mdounin@mdounin.ru> | Thu Jul 18 18:27:54 2019 +0300 |
committer | Maxim Dounin <mdounin@mdounin.ru> | Thu Jul 18 18:27:54 2019 +0300 |
tree | 34475060fce3c07c764774604aa9127c872ef9eb | |
parent | 8d93e345418ca1a9e3bc5a1339490728af6a0b57 [diff] |
Xslt: fixed potential buffer overflow with null character. Due to shortcomings of the ccv->zero flag implementation in complex value interface, length of the resulting string from ngx_http_complex_value() might either not include terminating null character or include it, so the only safe way to work with the result is to use it as a null-terminated string. Reported by Patrick Wollgast.