Opened 8 years ago

Closed 8 years ago

#370 closed defect (invalid)

Possible null pointer dereference?

Reported by: Tomasz Kojm Owned by:
Priority: major Milestone:
Component: nginx-core Version: 1.3.x
Keywords: Cc:
uname -a:
nginx -V: nginx 1.4.1

Description

It seems there's a possibility of a null pointer dereference in ngx_http_upstream.c, see the attached patch against 1.4.1.

Thanks for your great work,
Tomasz Kojm

Attachments (1)

ngx_http_upstream.c.diff (339 bytes ) - added by Tomasz Kojm 8 years ago.

Download all attachments as: .zip

Change History (4)

by Tomasz Kojm, 8 years ago

Attachment: ngx_http_upstream.c.diff added

comment:1 by Maxim Dounin, 8 years ago

The r->cache is only created if there is u->pipe, so there shouldn't be a problem. Do you see the null pointer dereference in real life, or it's just an assumption based on reading the code?

Thanks for ClamAV, BTW.

in reply to:  1 comment:2 by Tomasz Kojm, 8 years ago

Replying to Maxim Dounin:

The r->cache is only created if there is u->pipe, so there shouldn't be a problem. Do you see the null pointer dereference in real life, or it's just an assumption based on reading the code?

Just based on the code - the other checks for u->pipe in that function misleaded me. Thanks for the quick feedback!

Thanks for ClamAV, BTW.

:-)

comment:3 by Maxim Dounin, 8 years ago

Resolution: invalid
Status: newclosed

Thanks, closing this.

Note: See TracTickets for help on using tickets.