Mercurial > hg > nginx-quic
annotate auto/types/sizeof @ 4617:972642646f06
Rewrite: fixed escaping and possible segfault (ticket #162).
The following code resulted in incorrect escaping of uri and possible
segfault:
location / {
rewrite ^(.*) $1?c=$1;
return 200 "$uri";
}
If there were arguments in a rewrite's replacement string, and length was
actually calculated (due to duplicate captures as in the example above,
or variables present), the is_args flag was set and incorrectly copied
after length calculation. This resulted in escaping applied to the uri part
of the replacement, resulting in incorrect escaping. Additionally, buffer
was allocated without escaping expected, thus this also resulted in buffer
overrun and possible segfault.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Fri, 11 May 2012 13:19:22 +0000 |
parents | 3a99980ac221 |
children | 434548349838 |
rev | line source |
---|---|
444
42d11f017717
nginx-0.1.0-2004-09-29-20:00:49 import; remove years from copyright
Igor Sysoev <igor@sysoev.ru>
parents:
370
diff
changeset
|
1 |
42d11f017717
nginx-0.1.0-2004-09-29-20:00:49 import; remove years from copyright
Igor Sysoev <igor@sysoev.ru>
parents:
370
diff
changeset
|
2 # Copyright (C) Igor Sysoev |
4412 | 3 # Copyright (C) Nginx, Inc. |
444
42d11f017717
nginx-0.1.0-2004-09-29-20:00:49 import; remove years from copyright
Igor Sysoev <igor@sysoev.ru>
parents:
370
diff
changeset
|
4 |
193
dd66383796a5
nginx-0.0.1-2003-11-20-20:36:43 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
5 |
455 | 6 echo $ngx_n "checking for $ngx_type size ...$ngx_c" |
7 | |
8 cat << END >> $NGX_AUTOCONF_ERR | |
9 | |
10 ---------------------------------------- | |
11 checking for $ngx_type size | |
12 | |
13 END | |
193
dd66383796a5
nginx-0.0.1-2003-11-20-20:36:43 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
14 |
370
54f76b0b8dca
nginx-0.0.7-2004-06-27-22:01:57 import
Igor Sysoev <igor@sysoev.ru>
parents:
250
diff
changeset
|
15 ngx_size= |
210
00cafae0bdf1
nginx-0.0.1-2003-12-14-23:10:27 import
Igor Sysoev <igor@sysoev.ru>
parents:
196
diff
changeset
|
16 |
00cafae0bdf1
nginx-0.0.1-2003-12-14-23:10:27 import
Igor Sysoev <igor@sysoev.ru>
parents:
196
diff
changeset
|
17 cat << END > $NGX_AUTOTEST.c |
193
dd66383796a5
nginx-0.0.1-2003-11-20-20:36:43 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
18 |
242
5d4f49dc8de5
nginx-0.0.1-2004-01-28-18:22:37 import
Igor Sysoev <igor@sysoev.ru>
parents:
210
diff
changeset
|
19 #include <sys/types.h> |
210
00cafae0bdf1
nginx-0.0.1-2003-12-14-23:10:27 import
Igor Sysoev <igor@sysoev.ru>
parents:
196
diff
changeset
|
20 #include <sys/time.h> |
455 | 21 $NGX_INCLUDE_UNISTD_H |
370
54f76b0b8dca
nginx-0.0.7-2004-06-27-22:01:57 import
Igor Sysoev <igor@sysoev.ru>
parents:
250
diff
changeset
|
22 #include <signal.h> |
4543
51744fa997c7
Fixed compilation warnings in configuration C tests.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
23 #include <stdio.h> |
210
00cafae0bdf1
nginx-0.0.1-2003-12-14-23:10:27 import
Igor Sysoev <igor@sysoev.ru>
parents:
196
diff
changeset
|
24 #include <sys/resource.h> |
455 | 25 $NGX_INCLUDE_INTTYPES_H |
26 $NGX_INCLUDE_AUTO_CONFIG_H | |
193
dd66383796a5
nginx-0.0.1-2003-11-20-20:36:43 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
27 |
210
00cafae0bdf1
nginx-0.0.1-2003-12-14-23:10:27 import
Igor Sysoev <igor@sysoev.ru>
parents:
196
diff
changeset
|
28 int main() { |
4544
3a99980ac221
Some older OSes (notably FreeBSD 4.x) did not have %zu
Ruslan Ermilov <ru@nginx.com>
parents:
4543
diff
changeset
|
29 printf("%d", (int) sizeof($ngx_type)); |
210
00cafae0bdf1
nginx-0.0.1-2003-12-14-23:10:27 import
Igor Sysoev <igor@sysoev.ru>
parents:
196
diff
changeset
|
30 return 0; |
00cafae0bdf1
nginx-0.0.1-2003-12-14-23:10:27 import
Igor Sysoev <igor@sysoev.ru>
parents:
196
diff
changeset
|
31 } |
193
dd66383796a5
nginx-0.0.1-2003-11-20-20:36:43 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
32 |
210
00cafae0bdf1
nginx-0.0.1-2003-12-14-23:10:27 import
Igor Sysoev <igor@sysoev.ru>
parents:
196
diff
changeset
|
33 END |
00cafae0bdf1
nginx-0.0.1-2003-12-14-23:10:27 import
Igor Sysoev <igor@sysoev.ru>
parents:
196
diff
changeset
|
34 |
455 | 35 |
583 | 36 ngx_test="$CC $CC_TEST_FLAGS $CC_AUX_FLAGS \ |
577 | 37 -o $NGX_AUTOTEST $NGX_AUTOTEST.c $NGX_LD_OPT $ngx_feature_libs" |
38 | |
455 | 39 eval "$ngx_test >> $NGX_AUTOCONF_ERR 2>&1" |
40 | |
210
00cafae0bdf1
nginx-0.0.1-2003-12-14-23:10:27 import
Igor Sysoev <igor@sysoev.ru>
parents:
196
diff
changeset
|
41 |
00cafae0bdf1
nginx-0.0.1-2003-12-14-23:10:27 import
Igor Sysoev <igor@sysoev.ru>
parents:
196
diff
changeset
|
42 if [ -x $NGX_AUTOTEST ]; then |
370
54f76b0b8dca
nginx-0.0.7-2004-06-27-22:01:57 import
Igor Sysoev <igor@sysoev.ru>
parents:
250
diff
changeset
|
43 ngx_size=`$NGX_AUTOTEST` |
54f76b0b8dca
nginx-0.0.7-2004-06-27-22:01:57 import
Igor Sysoev <igor@sysoev.ru>
parents:
250
diff
changeset
|
44 echo " $ngx_size bytes" |
193
dd66383796a5
nginx-0.0.1-2003-11-20-20:36:43 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
45 fi |
dd66383796a5
nginx-0.0.1-2003-11-20-20:36:43 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
46 |
455 | 47 |
48 rm -f $NGX_AUTOTEST | |
49 | |
193
dd66383796a5
nginx-0.0.1-2003-11-20-20:36:43 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
50 |
370
54f76b0b8dca
nginx-0.0.7-2004-06-27-22:01:57 import
Igor Sysoev <igor@sysoev.ru>
parents:
250
diff
changeset
|
51 case $ngx_size in |
193
dd66383796a5
nginx-0.0.1-2003-11-20-20:36:43 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
52 4) |
210
00cafae0bdf1
nginx-0.0.1-2003-12-14-23:10:27 import
Igor Sysoev <igor@sysoev.ru>
parents:
196
diff
changeset
|
53 if [ "$ngx_type"="long" ]; then |
370
54f76b0b8dca
nginx-0.0.7-2004-06-27-22:01:57 import
Igor Sysoev <igor@sysoev.ru>
parents:
250
diff
changeset
|
54 ngx_max_value=2147483647L |
195
8dee38ea9117
nginx-0.0.1-2003-11-25-23:44:56 import
Igor Sysoev <igor@sysoev.ru>
parents:
194
diff
changeset
|
55 else |
370
54f76b0b8dca
nginx-0.0.7-2004-06-27-22:01:57 import
Igor Sysoev <igor@sysoev.ru>
parents:
250
diff
changeset
|
56 ngx_max_value=2147483647 |
195
8dee38ea9117
nginx-0.0.1-2003-11-25-23:44:56 import
Igor Sysoev <igor@sysoev.ru>
parents:
194
diff
changeset
|
57 fi |
370
54f76b0b8dca
nginx-0.0.7-2004-06-27-22:01:57 import
Igor Sysoev <igor@sysoev.ru>
parents:
250
diff
changeset
|
58 |
657 | 59 ngx_max_len='(sizeof("-2147483648") - 1)' |
193
dd66383796a5
nginx-0.0.1-2003-11-20-20:36:43 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
60 ;; |
dd66383796a5
nginx-0.0.1-2003-11-20-20:36:43 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
61 |
dd66383796a5
nginx-0.0.1-2003-11-20-20:36:43 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
62 8) |
210
00cafae0bdf1
nginx-0.0.1-2003-12-14-23:10:27 import
Igor Sysoev <igor@sysoev.ru>
parents:
196
diff
changeset
|
63 if [ "$ngx_type"="long long" ]; then |
370
54f76b0b8dca
nginx-0.0.7-2004-06-27-22:01:57 import
Igor Sysoev <igor@sysoev.ru>
parents:
250
diff
changeset
|
64 ngx_max_value=9223372036854775807LL |
195
8dee38ea9117
nginx-0.0.1-2003-11-25-23:44:56 import
Igor Sysoev <igor@sysoev.ru>
parents:
194
diff
changeset
|
65 else |
370
54f76b0b8dca
nginx-0.0.7-2004-06-27-22:01:57 import
Igor Sysoev <igor@sysoev.ru>
parents:
250
diff
changeset
|
66 ngx_max_value=9223372036854775807L |
195
8dee38ea9117
nginx-0.0.1-2003-11-25-23:44:56 import
Igor Sysoev <igor@sysoev.ru>
parents:
194
diff
changeset
|
67 fi |
370
54f76b0b8dca
nginx-0.0.7-2004-06-27-22:01:57 import
Igor Sysoev <igor@sysoev.ru>
parents:
250
diff
changeset
|
68 |
657 | 69 ngx_max_len='(sizeof("-9223372036854775808") - 1)' |
193
dd66383796a5
nginx-0.0.1-2003-11-20-20:36:43 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
70 ;; |
dd66383796a5
nginx-0.0.1-2003-11-20-20:36:43 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
71 |
dd66383796a5
nginx-0.0.1-2003-11-20-20:36:43 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
72 *) |
210
00cafae0bdf1
nginx-0.0.1-2003-12-14-23:10:27 import
Igor Sysoev <igor@sysoev.ru>
parents:
196
diff
changeset
|
73 echo |
00cafae0bdf1
nginx-0.0.1-2003-12-14-23:10:27 import
Igor Sysoev <igor@sysoev.ru>
parents:
196
diff
changeset
|
74 echo "$0: error: can not detect $ngx_type size" |
455 | 75 |
76 echo "----------" >> $NGX_AUTOCONF_ERR | |
77 cat $NGX_AUTOTEST.c >> $NGX_AUTOCONF_ERR | |
78 echo "----------" >> $NGX_AUTOCONF_ERR | |
79 echo $ngx_test >> $NGX_AUTOCONF_ERR | |
80 echo "----------" >> $NGX_AUTOCONF_ERR | |
81 | |
193
dd66383796a5
nginx-0.0.1-2003-11-20-20:36:43 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
82 exit 1 |
dd66383796a5
nginx-0.0.1-2003-11-20-20:36:43 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
83 esac |
455 | 84 |