]> git.kaiwu.me - nginx.git/commit
Script: buffer overrun protection in direct script usage.
authorMaxim Dounin <mdounin@mdounin.ru>
Fri, 19 Jun 2026 19:54:46 +0000 (22:54 +0300)
committerRoman Arutyunyan <arutyunyan.roman@gmail.com>
Wed, 15 Jul 2026 15:51:22 +0000 (19:51 +0400)
commit25f920eca977139dc6fc7638b419169a602a0064
tree39cade6fe9cc0fe43e789efe668e222ef70df17b
parent4d32a2703c79f92b7a99ce3547759cc599d6f83e
Script: buffer overrun protection in direct script usage.

Following the previous change, this change adds script overrun
protection to direct script evaluation in the proxy, fastcgi, scgi,
uwsgi, grpc proxy, index, and try_files modules.

This change is a modified version of a patch by Maxim Dounin.  The
modifications include ngx_http_proxy_v2_module and hardened size checks.

Signed-off-by: Roman Arutyunyan <arut@nginx.com>
Origin: <https://freenginx.org/hg/nginx/rev/7e4d7feb4c77>
src/http/modules/ngx_http_fastcgi_module.c
src/http/modules/ngx_http_grpc_module.c
src/http/modules/ngx_http_index_module.c
src/http/modules/ngx_http_proxy_module.c
src/http/modules/ngx_http_proxy_v2_module.c
src/http/modules/ngx_http_scgi_module.c
src/http/modules/ngx_http_try_files_module.c
src/http/modules/ngx_http_uwsgi_module.c