eb526b7d7d9ee413b624a78373562183ececa738 - nginx

commit: eb526b7d7d9ee413b624a78373562183ececa738
[log] [tgz]
author: Maxim Dounin <mdounin@mdounin.ru>
Thu Mar 15 11:27:12 2012 +0000
committer: Maxim Dounin <mdounin@mdounin.ru>
Thu Mar 15 11:27:12 2012 +0000
tree: 6575e32c797edb0a2d7a5e45ac1c539fe919222b
parent: 030e235ec70868469cb6aaf01f25fc29d579e028 [diff]

Fixed incorrect ngx_cpystrn() usage in ngx_http_*_process_header().

This resulted in a disclosure of previously freed memory if upstream
server returned specially crafted response, potentially exposing
sensitive information.

Reported by Matthew Daley.

src/http/modules/ngx_http_fastcgi_module.c[diff]
src/http/modules/ngx_http_proxy_module.c[diff]
src/http/modules/ngx_http_scgi_module.c[diff]
src/http/modules/ngx_http_uwsgi_module.c[diff]

4 files changed

tree: 6575e32c797edb0a2d7a5e45ac1c539fe919222b

auto/
conf/
contrib/
docs/
misc/
src/
.hgtags