Mercurial > hg > nginx-quic
annotate conf/fastcgi.conf @ 7145:83600ce25995 stable-1.12
Fixed buffer overread with unix sockets after accept().
Some OSes (notably macOS, NetBSD, and Solaris) allow unix socket addresses
larger than struct sockaddr_un. Moreover, some of them (macOS, Solaris)
return socklen of the socket address before it was truncated to fit the
buffer provided. As such, on these systems socklen must not be used without
additional check that it is within the buffer provided.
Appropriate checks added to ngx_event_accept() (after accept()),
ngx_event_recvmsg() (after recvmsg()), and ngx_set_inherited_sockets()
(after getsockname()).
We also obtain socket addresses via getsockname() in
ngx_connection_local_sockaddr(), but it does not need any checks as
it is only used for INET and INET6 sockets (as there can be no
wildcard unix sockets).
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Wed, 04 Oct 2017 21:19:33 +0300 |
parents | 62869a9b2e7d |
children |
rev | line source |
---|---|
537 | 1 |
3383 | 2 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; |
537 | 3 fastcgi_param QUERY_STRING $query_string; |
4 fastcgi_param REQUEST_METHOD $request_method; | |
5 fastcgi_param CONTENT_TYPE $content_type; | |
6 fastcgi_param CONTENT_LENGTH $content_length; | |
7 | |
8 fastcgi_param SCRIPT_NAME $fastcgi_script_name; | |
9 fastcgi_param REQUEST_URI $request_uri; | |
10 fastcgi_param DOCUMENT_URI $document_uri; | |
11 fastcgi_param DOCUMENT_ROOT $document_root; | |
12 fastcgi_param SERVER_PROTOCOL $server_protocol; | |
6168
62869a9b2e7d
Added the REQUEST_SCHEME parameter.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4379
diff
changeset
|
13 fastcgi_param REQUEST_SCHEME $scheme; |
4379
4e2551a83291
Added the HTTPS fastcgi_param to fastcgi.conf.
Valentin Bartenev <vbart@nginx.com>
parents:
3383
diff
changeset
|
14 fastcgi_param HTTPS $https if_not_empty; |
537 | 15 |
16 fastcgi_param GATEWAY_INTERFACE CGI/1.1; | |
1330 | 17 fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; |
537 | 18 |
19 fastcgi_param REMOTE_ADDR $remote_addr; | |
20 fastcgi_param REMOTE_PORT $remote_port; | |
21 fastcgi_param SERVER_ADDR $server_addr; | |
22 fastcgi_param SERVER_PORT $server_port; | |
23 fastcgi_param SERVER_NAME $server_name; | |
24 | |
25 # PHP only, required if PHP was built with --enable-force-cgi-redirect | |
26 fastcgi_param REDIRECT_STATUS 200; |