bugfix: applied the patch for nginx security advisory (CVE-2016-4450) to the nginx 1.9.15 core.

pull/177/merge
Yichun Zhang (agentzh) 9 years ago
parent d6a8907fc0
commit c47aef193f

@ -0,0 +1,14 @@
--- src/os/unix/ngx_files.c
+++ src/os/unix/ngx_files.c
@@ -356,6 +356,11 @@
n = 0;
for ( /* void */ ; cl; cl = cl->next) {
+
+ if (ngx_buf_special(cl->buf)) {
+ continue;
+ }
+
size = cl->buf->last - cl->buf->pos;
if (prev == cl->buf->pos) {

@ -46,6 +46,13 @@ if [ "$answer" = "N" ]; then
echo "$info_txt applying the patch for nginx security advisory (CVE-2016-4450)" echo "$info_txt applying the patch for nginx security advisory (CVE-2016-4450)"
patch -p0 < $root/patches/patch.2016.write2.txt || exit 1 patch -p0 < $root/patches/patch.2016.write2.txt || exit 1
echo echo
else
answer=`$root/util/ver-ge "$main_ver" 1.10.1`
if [ "$answer" = "N" ]; then
echo "$info_txt applying the patch for nginx security advisory (CVE-2016-4450)"
patch -p0 < $root/patches/patch.2016.write.txt || exit 1
echo
fi
fi fi
echo "$info_txt applying the upstream-pipelining patch for nginx" echo "$info_txt applying the upstream-pipelining patch for nginx"

Loading…
Cancel
Save