Opened 13 years ago
Closed 13 years ago
#33 closed defect (invalid)
fix ngx_vslprintf(): invalid processing terminated %
Reported by: | Kuts Alexey (Куц Алексей) | Owned by: | somebody |
---|---|---|---|
Priority: | trivial | Milestone: | |
Component: | nginx-core | Version: | 1.0.x |
Keywords: | Cc: | ||
uname -a: | |||
nginx -V: |
Description
ngx_vslprintf(u_char *buf, u_char *last, const char *fmt, va_list args)
when fmt is terminated by '%',
there will be invalid write of zero byte to buf and unknown behaviour afterwards.
Correct behaviour is to write terminated '%' to buf
(for example, this approach is applied in linux kernel lib/vsprintf.c).
Attachments (1)
Change History (2)
by , 13 years ago
Attachment: | ngx_string_1.c added |
---|
comment:1 by , 13 years ago
Resolution: | → invalid |
---|---|
Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
This is at most feature, not a bug. Garbage in, garbage out. Even for standard printf() behaviour is undefined if format string isn't correct.
While it will be fine to handle such incorrect format strings, I don't like the particular approach of printing "%" in this case. It should just skip "%" consistently with processing of other incorrect format strings.
p.s. You may want to use nginx-devel@ mailing list instead of bug tracker to submit patches.