blob: 705d9edf2e0e03cdedebdbc88905907958f88168 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
From: nginx security <security@nginx.org>
Date: Wed May 14 2026
Subject: [PATCH] fix: CVE-2026-42945 - Buffer overflow in ngx_http_rewrite_module
Upstream-commit: https://nginx.org/download/nginx-1.30.1.tar.gz
Signed-off-by: infra_team <zhaiwenjie1@huawei.com>
---
src/http/ngx_http_script.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/http/ngx_http_script.c b/src/http/ngx_http_script.c
--- a/src/http/ngx_http_script.c
+++ b/src/http/ngx_http_script.c
@@ -1202,6 +1202,7 @@ ngx_http_script_regex_end_code(ngx_http_script_engine_t *e)
r = e->request;
+ e->is_args = 0;
e->quote = 0;
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http script regex end");
if (code->redirect) {
--
|
