Security vulnerabilities and automated fixes for nginx issues
3 posts found
A critical buffer overflow vulnerability was discovered in the 51Degrees NGINX module (`ngx_http_51D_module.c`), where four uses of unbounded `strcpy()` allowed attackers to overflow fixed-size heap buffers by sending HTTP requests with oversized header names. The fix replaces all unsafe string operations with length-bounded NGINX-native alternatives (`ngx_memcpy` and `ngx_cpystrn`), preventing memory corruption without any change to functional behavior.
A critical heap buffer overflow vulnerability was discovered and patched in a Dubbo protocol module, where six unchecked `ngx_memcpy` calls could allow attackers to corrupt heap memory by sending crafted oversized string fields. This type of vulnerability — classified as CWE-120, a "Classic Buffer Copy Without Checking Size of Input" — is one of the oldest and most dangerous bug classes in C/C++ programming. Understanding how it works and how to prevent it is essential knowledge for any develope
A high-severity command injection vulnerability (CWE-78) was discovered and patched in an nginx harness maintenance script that used `subprocess.check_output()` without proper input sanitization. Because maintenance scripts like this frequently run with elevated privileges, an attacker who could influence the input arguments could execute arbitrary system commands as root. This post breaks down how the vulnerability works, how it was fixed, and what you can do to prevent similar issues in your o