diff options
author | Arjun <pkillarjun@protonmail.com> | 2024-08-23 09:15:18 +0530 |
---|---|---|
committer | Andrew Clayton <a.clayton@nginx.com> | 2024-08-26 15:18:12 +0100 |
commit | 932b914618791b6c9648b1066e0cfe4ee6d25cff (patch) | |
tree | 38d355962e28113cf61415be73589c223e674e9b /src/nxt_polarssl.c | |
parent | 719207693ef42953e50b1422c59fafc497320d41 (diff) | |
download | unit-932b914618791b6c9648b1066e0cfe4ee6d25cff.tar.gz unit-932b914618791b6c9648b1066e0cfe4ee6d25cff.tar.bz2 |
socket: Prevent buffer under-read in nxt_inet_addr()
This was found via ASan.
Given a listener address like ":" (or any address where the first
character is a colon) we can end up under-reading the addr->start
buffer here
if (nxt_slow_path(*(buf + length - 1) == '.')) {
due to length (essentially the position of the ":" in the string) being
0.
Seeing as any address that starts with a ":" is invalid Unit config
wise, we should simply reject the address if length == 0 in
nxt_sockaddr_inet_parse().
Link: <https://clang.llvm.org/docs/AddressSanitizer.html>
Signed-off-by: Arjun <pkillarjun@protonmail.com>
[ Commit message - Andrew ]
Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
Diffstat (limited to '')
0 files changed, 0 insertions, 0 deletions