Mercurial > hg > nginx-quic
annotate src/os/unix/ngx_user.c @ 4964:2464ccebdb52
Upstream: fixed SIGSEGV with the "if" directive.
Configuration like
location / {
set $true 1;
if ($true) {
proxy_pass http://backend;
}
if ($true) {
# nothing
}
}
resulted in segmentation fault due to NULL pointer dereference as the
upstream configuration wasn't initialized in an implicit location created
by the last if(), but the r->content_handler was set due to first if().
Instead of committing a suicide by dereferencing a NULL pointer, return
500 (Internal Server Error) in such cases, i.e. if uscf is NULL. Better
fix would be to avoid such cases by fixing the "if" directive handling,
but it's out of scope of this patch.
Prodded by Piotr Sikora.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Thu, 13 Dec 2012 16:05:59 +0000 |
parents | 778ef9c3fd2d |
children | 6ccd3a50b40f |
rev | line source |
---|---|
503 | 1 |
2 /* | |
3 * Copyright (C) Igor Sysoev | |
4412 | 4 * Copyright (C) Nginx, Inc. |
503 | 5 */ |
6 | |
7 | |
8 #include <ngx_config.h> | |
9 #include <ngx_core.h> | |
10 | |
11 | |
12 /* | |
13 * Solaris has thread-safe crypt() | |
14 * Linux has crypt_r(); "struct crypt_data" is more than 128K | |
15 * FreeBSD needs the mutex to protect crypt() | |
16 * | |
17 * TODO: | |
18 * ngx_crypt_init() to init mutex | |
19 */ | |
20 | |
21 | |
22 #if (NGX_CRYPT) | |
23 | |
527 | 24 #if (NGX_HAVE_GNU_CRYPT_R) |
503 | 25 |
26 ngx_int_t | |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
3796
diff
changeset
|
27 ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
503 | 28 { |
29 char *value; | |
30 size_t len; | |
509 | 31 ngx_err_t err; |
503 | 32 struct crypt_data cd; |
33 | |
509 | 34 ngx_set_errno(0); |
35 | |
36 cd.initialized = 0; | |
529 | 37 /* work around the glibc bug */ |
38 cd.current_salt[0] = ~salt[0]; | |
509 | 39 |
503 | 40 value = crypt_r((char *) key, (char *) salt, &cd); |
41 | |
509 | 42 err = ngx_errno; |
43 | |
44 if (err == 0) { | |
3796
7dec2852e8fd
allocate last zero byte in ngx_crypt()
Igor Sysoev <igor@sysoev.ru>
parents:
2049
diff
changeset
|
45 len = ngx_strlen(value) + 1; |
503 | 46 |
2049 | 47 *encrypted = ngx_pnalloc(pool, len); |
503 | 48 if (*encrypted) { |
3796
7dec2852e8fd
allocate last zero byte in ngx_crypt()
Igor Sysoev <igor@sysoev.ru>
parents:
2049
diff
changeset
|
49 ngx_memcpy(*encrypted, value, len); |
503 | 50 return NGX_OK; |
51 } | |
52 } | |
53 | |
509 | 54 ngx_log_error(NGX_LOG_CRIT, pool->log, err, "crypt_r() failed"); |
55 | |
503 | 56 return NGX_ERROR; |
57 } | |
58 | |
59 #else | |
60 | |
61 ngx_int_t | |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
3796
diff
changeset
|
62 ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
503 | 63 { |
64 char *value; | |
65 size_t len; | |
509 | 66 ngx_err_t err; |
503 | 67 |
68 #if (NGX_THREADS && NGX_NONREENTRANT_CRYPT) | |
69 | |
4499
778ef9c3fd2d
Fixed spelling in single-line comments.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
70 /* crypt() is a time consuming function, so we only try to lock */ |
503 | 71 |
72 if (ngx_mutex_trylock(ngx_crypt_mutex) != NGX_OK) { | |
73 return NGX_AGAIN; | |
74 } | |
75 | |
76 #endif | |
77 | |
509 | 78 ngx_set_errno(0); |
503 | 79 |
80 value = crypt((char *) key, (char *) salt); | |
81 | |
82 if (value) { | |
3796
7dec2852e8fd
allocate last zero byte in ngx_crypt()
Igor Sysoev <igor@sysoev.ru>
parents:
2049
diff
changeset
|
83 len = ngx_strlen(value) + 1; |
503 | 84 |
2049 | 85 *encrypted = ngx_pnalloc(pool, len); |
503 | 86 if (*encrypted) { |
3796
7dec2852e8fd
allocate last zero byte in ngx_crypt()
Igor Sysoev <igor@sysoev.ru>
parents:
2049
diff
changeset
|
87 ngx_memcpy(*encrypted, value, len); |
503 | 88 } |
509 | 89 |
90 #if (NGX_THREADS && NGX_NONREENTRANT_CRYPT) | |
91 ngx_mutex_unlock(ngx_crypt_mutex); | |
92 #endif | |
93 return NGX_OK; | |
503 | 94 } |
95 | |
509 | 96 err = ngx_errno; |
97 | |
503 | 98 #if (NGX_THREADS && NGX_NONREENTRANT_CRYPT) |
99 ngx_mutex_unlock(ngx_crypt_mutex); | |
100 #endif | |
101 | |
509 | 102 ngx_log_error(NGX_LOG_CRIT, pool->log, err, "crypt() failed"); |
103 | |
104 return NGX_ERROR; | |
503 | 105 } |
106 | |
107 #endif | |
108 | |
109 #endif /* NGX_CRYPT */ |