Changes with nginx 1.4.7 18 Mar 2014v1.4.7 nginx-1.4

*) Security: a heap memory buffer overflow might occur in a worker process while handling a specially crafted request by ngx_http_spdy_module, potentially resulting in arbitrary code execution (CVE-2014-0133). Thanks to Lucas Molas, researcher at Programa STIC, Fundación Dr. Manuel Sadosky, Buenos Aires, Argentina. *) Bugfix: in the "fastcgi_next_upstream" directive. Thanks to Lucas Molas.
author: nginx <nginx@nginx.org> 2014-03-18 16:43:46 +0000
committer: Jon Kolb <kolbyjack@gmail.com> 2014-03-18 16:43:46 +0000
commit: 47c4fba86c48d7b8556c7f4d6d3773a25ab162fe (patch)
tree: f45083ebcdfde566c3775457bfc35053af34b759 /src/http/ngx_http_spdy.c
parent: 483f0cd547195b96550760fc5ab510eb67ec0160 (diff)
download: nginx-1.4.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/http/ngx_http_spdy.c b/src/http/ngx_http_spdy.c
index f4f610a82..99afbfca1 100644
--- a/src/http/ngx_http_spdy.c
+++ b/src/http/ngx_http_spdy.c
@@ -1465,7 +1465,7 @@ static u_char *
 ngx_http_spdy_state_save(ngx_http_spdy_connection_t *sc,
     u_char *pos, u_char *end, ngx_http_spdy_handler_pt handler)
 {
-#if (NGX_DEBUG)
+#if 1
     if (end - pos > NGX_SPDY_STATE_BUFFER_SIZE) {
         ngx_log_error(NGX_LOG_ALERT, sc->connection->log, 0,
                       "spdy state buffer overflow: "
author	nginx <nginx@nginx.org>	2014-03-18 16:43:46 +0000
committer	Jon Kolb <kolbyjack@gmail.com>	2014-03-18 16:43:46 +0000
commit	47c4fba86c48d7b8556c7f4d6d3773a25ab162fe (patch)
tree	f45083ebcdfde566c3775457bfc35053af34b759 /src/http/ngx_http_spdy.c
parent	483f0cd547195b96550760fc5ab510eb67ec0160 (diff)
download	nginx-1.4.tar.gz