diff options
author | Axel Duch <axel.duch@nginx.com> | 2020-07-28 14:51:33 +0100 |
---|---|---|
committer | Axel Duch <axel.duch@nginx.com> | 2020-07-28 14:51:33 +0100 |
commit | c3e6901f5328ffaaf3201dc75262e21ee0eedc32 (patch) | |
tree | c875f0673b43c3853dc231b881b8dffa2d721417 /src | |
parent | f1e445bdef64ceba047d07b05d1b78137ddc2a7a (diff) | |
download | unit-c3e6901f5328ffaaf3201dc75262e21ee0eedc32.tar.gz unit-c3e6901f5328ffaaf3201dc75262e21ee0eedc32.tar.bz2 |
Configuration: fixed buffer over-read in pattern validation.
There was an undefined behavior in the validation function, caused by testing
one character after the string if a wildcard was at the end.
Diffstat (limited to '')
-rw-r--r-- | src/nxt_conf_validation.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/nxt_conf_validation.c b/src/nxt_conf_validation.c index 27a08861..a5e0663f 100644 --- a/src/nxt_conf_validation.c +++ b/src/nxt_conf_validation.c @@ -1454,7 +1454,7 @@ nxt_conf_vldt_match_pattern(nxt_conf_validation_t *vldt, nxt_conf_value_t *value) { nxt_str_t pattern; - nxt_uint_t i, first; + nxt_uint_t i, first, last; if (nxt_conf_type(value) != NXT_CONF_STRING) { return nxt_conf_vldt_error(vldt, "The \"match\" patterns for \"host\", " @@ -1468,8 +1468,9 @@ nxt_conf_vldt_match_pattern(nxt_conf_validation_t *vldt, } first = (pattern.start[0] == '!'); + last = pattern.length - 1; - for (i = first; i < pattern.length; i++) { + for (i = first; i < last; i++) { if (pattern.start[i] == '*' && pattern.start[i + 1] == '*') { return nxt_conf_vldt_error(vldt, "The \"match\" pattern must " "not contain double \"*\" markers."); |