openresty/patches/nginx-1.5.3-cve-2013-2070.p...

14 lines
232 B
Diff

--- src/http/modules/ngx_http_proxy_module.c
+++ src/http/modules/ngx_http_proxy_module.c
@@ -1865,6 +1865,10 @@ data:
}
+ if (ctx->size < 0 || ctx->length < 0) {
+ goto invalid;
+ }
+
return rc;
done: