upstream/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2026-02-03 20:29:27 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

HTTP/2: extended guard for NULL buffer and zero length.
Some checks failed
buildbot / buildbot (push) Has been cancelled
Details

Browse source 
In addition to moving memcpy() under the length condition in 15bf6d8cc,
which addressed a reported UB due to string function conventions, this
is repeated for advancing an input buffer, to make the resulting code
more clean and readable.

Additionally, although considered harmless for both string functions and
additive operators, as previously discussed in GitHub PR 866, this fixes
the main source of annoying sanitizer reports in the module.

Prodded by UndefinedBehaviorSanitizer (pointer-overflow).
This commit is contained in:
Sergey Kandaurov 2025-11-14 18:14:18 +04:00 committed by Sergey Kandaurov
parent 9d04b6630a
commit 6ed1188411
1 changed files with 5 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
src/http/v2/ngx_http_v2.c
View file

@ -4113,15 +4113,14 @@ ngx_http_v2_process_request_body(ngx_http_request_t *r, u_char *pos,
n = size;
}
if (n > 0) {
rb->buf->last = ngx_cpymem(rb->buf->last, pos, n);
}
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
"http2 request body recv %uz", n);
pos += n;
size -= n;
if (n > 0) {
rb->buf->last = ngx_cpymem(rb->buf->last, pos, n);
pos += n;
size -= n;
}
if (size == 0 && last) {
rb->rest = 0;