Following
2046b45aa0c6, this change introduces better control of memory
allocation flags for escaped values. Notably:
- The e->is_args flag is now explicitly reset on rewrite start.
If the flag was set prior to rewrite start, then buffer overflow
could happen before
2046b45aa0c6.
- The le->is_args flag value is now copied from e->is_args when
calculating complex value length for "if" and "set" directives.
If e->is_args was set, but le->is_args was not, then buffer overflow
could happen before
2046b45aa0c6.
return;
}
+ e->is_args = 0;
e->quote = code->redirect;
e->pos = e->buf.data;
le.ip = code->lengths->elts;
le.line = e->line;
le.request = e->request;
+ le.is_args = e->is_args;
le.quote = e->quote;
for (len = 0; *(uintptr_t *) le.ip; len += lcode(&le)) {