openresty/patches/nginx-1.5.4-cve-2013-2070.p...

14 lines
232 B
Diff
Raw Normal View History

2013-08-30 23:02:05 +00:00
--- src/http/modules/ngx_http_proxy_module.c
+++ src/http/modules/ngx_http_proxy_module.c
@@ -1865,6 +1865,10 @@ data:
}
+ if (ctx->size < 0 || ctx->length < 0) {
+ goto invalid;
+ }
+
return rc;
done: