diff options
| author | Max Romanov <max.romanov@nginx.com> | 2019-11-11 18:04:17 +0300 |
|---|---|---|
| committer | Max Romanov <max.romanov@nginx.com> | 2019-11-11 18:04:17 +0300 |
| commit | f2610d216059fd2dfced37442ea4e76f0b88a33b (patch) | |
| tree | 0bdb0abf7e5ff6bd0362909d4eace9b81c03734b /src/nxt_unit.c | |
| parent | ed3298a3c68bb257b43425c92b07e224c7f46be3 (diff) | |
| download | unit-f2610d216059fd2dfced37442ea4e76f0b88a33b.tar.gz unit-f2610d216059fd2dfced37442ea4e76f0b88a33b.tar.bz2 | |
Fixing libunit 'off by 2' issue in library.
Name and value in each header are 0-terminated, so additional 2 bytes
should be allocated for them. There were several attempts to add these
2 bytes to headers in language modules, but some modules weren't updated.
Also, adding these 2 bytes is specific to the implementation which may be
changed later, so extending this mechanics to modules may cause errors.
Diffstat (limited to 'src/nxt_unit.c')
| -rw-r--r-- | src/nxt_unit.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/src/nxt_unit.c b/src/nxt_unit.c index 8b1226f5..0cf32916 100644 --- a/src/nxt_unit.c +++ b/src/nxt_unit.c @@ -1316,8 +1316,12 @@ nxt_unit_response_init(nxt_unit_request_info_t *req, nxt_unit_req_debug(req, "duplicate response init"); } + /* + * Each field name and value 0-terminated by libunit, + * this is the reason of '+ 2' below. + */ buf_size = sizeof(nxt_unit_response_t) - + max_fields_count * sizeof(nxt_unit_field_t) + + max_fields_count * (sizeof(nxt_unit_field_t) + 2) + max_fields_size; if (nxt_slow_path(req->response_buf != NULL)) { @@ -1391,8 +1395,12 @@ nxt_unit_response_realloc(nxt_unit_request_info_t *req, return NXT_UNIT_ERROR; } + /* + * Each field name and value 0-terminated by libunit, + * this is the reason of '+ 2' below. + */ buf_size = sizeof(nxt_unit_response_t) - + max_fields_count * sizeof(nxt_unit_field_t) + + max_fields_count * (sizeof(nxt_unit_field_t) + 2) + max_fields_size; nxt_unit_req_debug(req, "realloc %"PRIu32"", buf_size); |