--- /dev/null
+From 9f1dcb0c0473641730b871dee984016ff19d2c53 Mon Sep 17 00:00:00 2001
+From: Maxim Dounin <mdounin@mdounin.ru>
+Date: Tue, 25 May 2021 15:17:36 +0300
+Subject: [PATCH] Resolver: fixed off-by-one write in ngx_resolver_copy().
+
+Reported by Luis Merino, Markus Vervier, Eric Sesterhenn, X41 D-Sec GmbH.
+
+[peter@korsgaard.com: backport from upstream]
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ src/core/ngx_resolver.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/src/core/ngx_resolver.c b/src/core/ngx_resolver.c
+index 79390701..63b26193 100644
+--- a/src/core/ngx_resolver.c
++++ b/src/core/ngx_resolver.c
+@@ -4008,15 +4008,15 @@ done:
+ n = *src++;
+
+ } else {
++ if (dst != name->data) {
++ *dst++ = '.';
++ }
++
+ ngx_strlow(dst, src, n);
+ dst += n;
+ src += n;
+
+ n = *src++;
+-
+- if (n != 0) {
+- *dst++ = '.';
+- }
+ }
+
+ if (n == 0) {
+--
+2.20.1
+
host-pkgconf \
$(if $(BR2_PACKAGE_LIBXCRYPT),libxcrypt)
+# 0010-Resolver-fixed-off-by-one-write-in-ngx_resolver_copy.patch
+NGINX_IGNORE_CVES += CVE-2021-23017
+
NGINX_CONF_OPTS = \
--crossbuild=Linux::$(BR2_ARCH) \
--with-cc="$(TARGET_CC)" \
projects / buildroot.git / commitdiff