Mercurial > hg > nginx
comparison src/http/modules/ngx_http_referer_module.c @ 5352:ec0be12c8e29
Referer: fixed hostname buffer overflow check.
Because of premature check the effective buffer size was 255 symbols
while the buffer is able to handle 256.
author | Valentin Bartenev <vbart@nginx.com> |
---|---|
date | Thu, 29 Aug 2013 22:35:54 +0400 |
parents | a2c772963b04 |
children | 2cd019520210 |
comparison
equal
deleted
inserted
replaced
5351:a2c772963b04 | 5352:ec0be12c8e29 |
---|---|
176 for (p = ref; p < last; p++) { | 176 for (p = ref; p < last; p++) { |
177 if (*p == '/' || *p == ':') { | 177 if (*p == '/' || *p == ':') { |
178 break; | 178 break; |
179 } | 179 } |
180 | 180 |
181 if (i == 256) { | |
182 goto invalid; | |
183 } | |
184 | |
181 buf[i] = ngx_tolower(*p); | 185 buf[i] = ngx_tolower(*p); |
182 key = ngx_hash(key, buf[i++]); | 186 key = ngx_hash(key, buf[i++]); |
183 | |
184 if (i == 256) { | |
185 goto invalid; | |
186 } | |
187 } | 187 } |
188 | 188 |
189 uri = ngx_hash_find_combined(&rlcf->hash, key, buf, p - ref); | 189 uri = ngx_hash_find_combined(&rlcf->hash, key, buf, p - ref); |
190 | 190 |
191 if (uri) { | 191 if (uri) { |