commit 5e26ac35d9c1e1188889f79aabfd38d92139430a
author Maxim Dounin <mdounin@mdounin.ru> Thu Jul 18 18:27:54 2019 +0300
committer Maxim Dounin <mdounin@mdounin.ru> Thu Jul 18 18:27:54 2019 +0300
tree 34475060fce3c07c764774604aa9127c872ef9eb
parent 8d93e345418ca1a9e3bc5a1339490728af6a0b57

Xslt: fixed potential buffer overflow with null character.

Due to shortcomings of the ccv->zero flag implementation in complex value
interface, length of the resulting string from ngx_http_complex_value()
might either not include terminating null character or include it,
so the only safe way to work with the result is to use it as a
null-terminated string.

Reported by Patrick Wollgast.