Date: Tue, 29 Jan 2019 14:01:26 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 235296] www/nginx: spnego-http-auth-nginx-module crashes worker process due to read-after-free Message-ID: <bug-235296-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D235296 Bug ID: 235296 Summary: www/nginx: spnego-http-auth-nginx-module crashes worker process due to read-after-free Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: joneum@FreeBSD.org Reporter: topical@gmx.net Flags: maintainer-feedback?(joneum@FreeBSD.org) Assignee: joneum@FreeBSD.org The current version uses putenv() to pass the name of the keytab to GSS. Incorrectly, it assumes that putenv() creates a copy of the passed string. = This leads to corruption of environment variables and eventually to a core dump. Usually, this happens unnoticed due to the auto-recovery feature of nginx w= ork process. Actually, putenv isn't really needed anymore and the affected code can be removed safely. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-235296-7788>