details: http://hg.nginx.org/nginx/rev/b6ffe53f9c3d branches: changeset: 5264:b6ffe53f9c3d user: Vladimir Homutov <v...@nginx.com> date: Thu Jul 11 19:50:19 2013 +0400 description: Core: fixed possible use of an uninitialized variable.
The call to ngx_sock_ntop() in ngx_connection_local_sockaddr() might be performed with the uninitialized "len" variable. The fix is to initialize variable to the size of corresponding socket address type. The issue was introduced in commit 05ba5bce31e0. diffstat: src/core/ngx_connection.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diffs (19 lines): diff -r 05ba5bce31e0 -r b6ffe53f9c3d src/core/ngx_connection.c --- a/src/core/ngx_connection.c Thu Jul 11 16:07:25 2013 +0400 +++ b/src/core/ngx_connection.c Thu Jul 11 19:50:19 2013 +0400 @@ -1034,6 +1034,7 @@ ngx_connection_local_sockaddr(ngx_connec #if (NGX_HAVE_INET6) case AF_INET6: sin6 = (struct sockaddr_in6 *) c->local_sockaddr; + len = sizeof(struct sockaddr_in6); for (addr = 0, i = 0; addr == 0 && i < 16; i++) { addr |= sin6->sin6_addr.s6_addr[i]; @@ -1044,6 +1045,7 @@ ngx_connection_local_sockaddr(ngx_connec default: /* AF_INET */ sin = (struct sockaddr_in *) c->local_sockaddr; + len = sizeof(struct sockaddr_in); addr = sin->sin_addr.s_addr; break; } _______________________________________________ nginx-devel mailing list nginx-devel@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-devel