diff options
author | joerg <joerg@pkgsrc.org> | 2016-05-31 19:44:47 +0000 |
---|---|---|
committer | joerg <joerg@pkgsrc.org> | 2016-05-31 19:44:47 +0000 |
commit | 2d452db900be172db01381b00047fbbf6a45796d (patch) | |
tree | 60b39836b61c811edf17233dd52b90a691ca68f7 /www/nginx | |
parent | 213126f3e538e6f9991c72508d064fc175d4602e (diff) | |
download | pkgsrc-2d452db900be172db01381b00047fbbf6a45796d.tar.gz |
Avoid CVE-2016-4450 (NULL dereference while saving client body to
temporary file). Bump revision.
Diffstat (limited to 'www/nginx')
-rw-r--r-- | www/nginx/Makefile | 4 | ||||
-rw-r--r-- | www/nginx/patches/patch-src_os_unix_ngx__files.c | 17 |
2 files changed, 19 insertions, 2 deletions
diff --git a/www/nginx/Makefile b/www/nginx/Makefile index 1e0365dc22e..68482ad6605 100644 --- a/www/nginx/Makefile +++ b/www/nginx/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.63 2016/03/05 11:29:38 jperkin Exp $ +# $NetBSD: Makefile,v 1.64 2016/05/31 19:44:47 joerg Exp $ DISTNAME= nginx-1.8.1 MAINTAINER= joerg@NetBSD.org -PKGREVISION= 1 +PKGREVISION= 2 .include "../../www/nginx/Makefile.common" diff --git a/www/nginx/patches/patch-src_os_unix_ngx__files.c b/www/nginx/patches/patch-src_os_unix_ngx__files.c new file mode 100644 index 00000000000..0585c479649 --- /dev/null +++ b/www/nginx/patches/patch-src_os_unix_ngx__files.c @@ -0,0 +1,17 @@ +$NetBSD: patch-src_os_unix_ngx__files.c,v 1.1 2016/05/31 19:44:47 joerg Exp $ + +--- src/os/unix/ngx_files.c.orig 2016-01-26 14:39:33.000000000 +0000 ++++ src/os/unix/ngx_files.c +@@ -292,6 +292,12 @@ ngx_write_chain_to_file(ngx_file_t *file + /* create the iovec and coalesce the neighbouring bufs */ + + while (cl && vec.nelts < IOV_MAX) { ++ ++ if (ngx_buf_special(cl->buf)) { ++ cl = cl->next; ++ continue; ++ } ++ + if (prev == cl->buf->pos) { + iov->iov_len += cl->buf->last - cl->buf->pos; + |