diff options
| author | Roman Arutyunyan <arut@nginx.com> | 2018-06-01 16:53:02 +0300 |
|---|---|---|
| committer | Roman Arutyunyan <arut@nginx.com> | 2018-06-01 16:53:02 +0300 |
| commit | b1d88228ecb54140ec1f7d3f11f0fbb4d6ec5982 (patch) | |
| tree | e592fc1670f03fa72da1a23188a848a45f6cc30c /src/http/ngx_http_request.c | |
| parent | b0e5144c6d5096ad6220816854da4411a218f82c (diff) | |
| download | nginx-b1d88228ecb54140ec1f7d3f11f0fbb4d6ec5982.tar.gz nginx-b1d88228ecb54140ec1f7d3f11f0fbb4d6ec5982.tar.bz2 | |
Events: fixed handling zero-length client address.
On Linux recvmsg() syscall may return a zero-length client address when
receiving a datagram from an unbound unix datagram socket. It is usually
assumed that socket address has at least the sa_family member. Zero-length
socket address caused buffer over-read in functions which receive socket
address, for example ngx_sock_ntop(). Typically the over-read resulted in
unexpected socket family followed by session close. Now a fake socket address
is allocated instead of a zero-length client address.
Diffstat (limited to 'src/http/ngx_http_request.c')
0 files changed, 0 insertions, 0 deletions