diff options
| author |   robert <robert@openbsd.org> | 2013-05-15 18:52:00 +0000 |
|---|---|---|
| committer | robert <robert@openbsd.org> | 2013-05-15 18:52:00 +0000 |
| commit | 49441a589f6db81e98f5e4d768fa450ad95e475e (patch) | |
| tree | 81419fcc72e53dc86e81dea971d84ca916e1c4b8 /usr.sbin/nginx/src/http/modules/ngx_http_proxy_module.c | |
| parent | Don't let cursor position overflow when reflowing, from Christopher (diff) | |
| download | wireguard-openbsd-49441a589f6db81e98f5e4d768fa450ad95e475e.tar.xz wireguard-openbsd-49441a589f6db81e98f5e4d768fa450ad95e475e.zip | |
update to 1.2.9; several bugfixes and security fix for CVE-2013-2070
Diffstat (limited to 'usr.sbin/nginx/src/http/modules/ngx_http_proxy_module.c')
| -rw-r--r-- | usr.sbin/nginx/src/http/modules/ngx_http_proxy_module.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/usr.sbin/nginx/src/http/modules/ngx_http_proxy_module.c b/usr.sbin/nginx/src/http/modules/ngx_http_proxy_module.c index 977bed73c76..0566213db83 100644 --- a/usr.sbin/nginx/src/http/modules/ngx_http_proxy_module.c +++ b/usr.sbin/nginx/src/http/modules/ngx_http_proxy_module.c @@ -1865,6 +1865,10 @@ data: } + if (ctx->size < 0 || ctx->length < 0) { + goto invalid; + } + return rc; done: |