openresty/patches/nginx-1.4.2-cve-2013-2070.p...

14 lines
232 B
Diff
Raw Normal View History

2013-08-07 05:29:52 +00:00
--- src/http/modules/ngx_http_proxy_module.c
+++ src/http/modules/ngx_http_proxy_module.c
@@ -1865,6 +1865,10 @@ data:
}
+ if (ctx->size < 0 || ctx->length < 0) {
+ goto invalid;
+ }
+
return rc;
done: