SSL: improved validation of ssl_session_cache and ssl_ocsp_cache.
Now it properly detects invalid shared zone configuration with omitted size. Previously it used to read outside of the buffer boundary. Found with AddressSanitizer.
This commit is contained in:
parent
be9d072dce
commit
a86de64900
|
@ -1093,7 +1093,7 @@ ngx_http_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
|
|||
len++;
|
||||
}
|
||||
|
||||
if (len == 0) {
|
||||
if (len == 0 || j == value[i].len) {
|
||||
goto invalid;
|
||||
}
|
||||
|
||||
|
@ -1183,7 +1183,7 @@ ngx_http_ssl_ocsp_cache(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
|
|||
len++;
|
||||
}
|
||||
|
||||
if (len == 0) {
|
||||
if (len == 0 || j == value[1].len) {
|
||||
goto invalid;
|
||||
}
|
||||
|
||||
|
|
|
@ -682,7 +682,7 @@ ngx_mail_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
|
|||
len++;
|
||||
}
|
||||
|
||||
if (len == 0) {
|
||||
if (len == 0 || j == value[i].len) {
|
||||
goto invalid;
|
||||
}
|
||||
|
||||
|
|
|
@ -1073,7 +1073,7 @@ ngx_stream_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
|
|||
len++;
|
||||
}
|
||||
|
||||
if (len == 0) {
|
||||
if (len == 0 || j == value[i].len) {
|
||||
goto invalid;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue