Mercurial > hg > nginx-quic
comparison src/http/modules/perl/nginx.xs @ 7528:0cb693b4cbbb
Perl: disabled unrelated calls from variable handlers.
Variable handlers are not expected to send anything to the client, cannot
sleep or read body, and are not expected to modify the request. Added
appropriate protection to prevent accidental foot shooting.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Fri, 12 Jul 2019 15:35:31 +0300 |
| parents | 02cd116ebe2a |
| children | fd9252844ec1 |
comparison
equal
deleted
inserted
replaced
| 7527:02cd116ebe2a | 7528:0cb693b4cbbb |
|---|---|
| 108 ngx_http_request_t *r; | 108 ngx_http_request_t *r; |
| 109 ngx_http_perl_ctx_t *ctx; | 109 ngx_http_perl_ctx_t *ctx; |
| 110 | 110 |
| 111 ngx_http_perl_set_request(r, ctx); | 111 ngx_http_perl_set_request(r, ctx); |
| 112 | 112 |
| 113 if (ctx->variable) { | |
| 114 croak("status(): cannot be used in variable handler"); | |
| 115 } | |
| 116 | |
| 113 r->headers_out.status = SvIV(ST(1)); | 117 r->headers_out.status = SvIV(ST(1)); |
| 114 | 118 |
| 115 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | 119 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, |
| 116 "perl status: %d", r->headers_out.status); | 120 "perl status: %d", r->headers_out.status); |
| 117 | 121 |
| 129 | 133 |
| 130 ngx_http_perl_set_request(r, ctx); | 134 ngx_http_perl_set_request(r, ctx); |
| 131 | 135 |
| 132 if (ctx->error) { | 136 if (ctx->error) { |
| 133 croak("send_http_header(): called after error"); | 137 croak("send_http_header(): called after error"); |
| 138 } | |
| 139 | |
| 140 if (ctx->variable) { | |
| 141 croak("send_http_header(): cannot be used in variable handler"); | |
| 134 } | 142 } |
| 135 | 143 |
| 136 if (r->headers_out.status == 0) { | 144 if (r->headers_out.status == 0) { |
| 137 r->headers_out.status = NGX_HTTP_OK; | 145 r->headers_out.status = NGX_HTTP_OK; |
| 138 } | 146 } |
| 398 ngx_http_perl_ctx_t *ctx; | 406 ngx_http_perl_ctx_t *ctx; |
| 399 ngx_int_t rc; | 407 ngx_int_t rc; |
| 400 | 408 |
| 401 ngx_http_perl_set_request(r, ctx); | 409 ngx_http_perl_set_request(r, ctx); |
| 402 | 410 |
| 411 if (ctx->variable) { | |
| 412 croak("has_request_body(): cannot be used in variable handler"); | |
| 413 } | |
| 414 | |
| 403 if (ctx->next) { | 415 if (ctx->next) { |
| 404 croak("has_request_body(): another handler active"); | 416 croak("has_request_body(): another handler active"); |
| 405 } | 417 } |
| 406 | 418 |
| 407 if (r->headers_in.content_length_n <= 0 && !r->headers_in.chunked) { | 419 if (r->headers_in.content_length_n <= 0 && !r->headers_in.chunked) { |
| 524 ngx_http_perl_ctx_t *ctx; | 536 ngx_http_perl_ctx_t *ctx; |
| 525 ngx_int_t rc; | 537 ngx_int_t rc; |
| 526 | 538 |
| 527 ngx_http_perl_set_request(r, ctx); | 539 ngx_http_perl_set_request(r, ctx); |
| 528 | 540 |
| 541 if (ctx->variable) { | |
| 542 croak("discard_request_body(): cannot be used in variable handler"); | |
| 543 } | |
| 544 | |
| 529 rc = ngx_http_discard_request_body(r); | 545 rc = ngx_http_discard_request_body(r); |
| 530 | 546 |
| 531 if (rc != NGX_OK) { | 547 if (rc != NGX_OK) { |
| 532 ctx->error = 1; | 548 ctx->error = 1; |
| 533 ctx->status = rc; | 549 ctx->status = rc; |
| 547 | 563 |
| 548 ngx_http_perl_set_request(r, ctx); | 564 ngx_http_perl_set_request(r, ctx); |
| 549 | 565 |
| 550 if (ctx->error) { | 566 if (ctx->error) { |
| 551 croak("header_out(): called after error"); | 567 croak("header_out(): called after error"); |
| 568 } | |
| 569 | |
| 570 if (ctx->variable) { | |
| 571 croak("header_out(): cannot be used in variable handler"); | |
| 552 } | 572 } |
| 553 | 573 |
| 554 key = ST(1); | 574 key = ST(1); |
| 555 value = ST(2); | 575 value = ST(2); |
| 556 | 576 |
| 636 | 656 |
| 637 ngx_http_perl_set_request(r, ctx); | 657 ngx_http_perl_set_request(r, ctx); |
| 638 | 658 |
| 639 if (ctx->error) { | 659 if (ctx->error) { |
| 640 croak("print(): called after error"); | 660 croak("print(): called after error"); |
| 661 } | |
| 662 | |
| 663 if (ctx->variable) { | |
| 664 croak("print(): cannot be used in variable handler"); | |
| 641 } | 665 } |
| 642 | 666 |
| 643 if (items == 2) { | 667 if (items == 2) { |
| 644 | 668 |
| 645 /* | 669 /* |
| 748 | 772 |
| 749 if (ctx->error) { | 773 if (ctx->error) { |
| 750 croak("sendfile(): called after error"); | 774 croak("sendfile(): called after error"); |
| 751 } | 775 } |
| 752 | 776 |
| 777 if (ctx->variable) { | |
| 778 croak("sendfile(): cannot be used in variable handler"); | |
| 779 } | |
| 780 | |
| 753 filename = SvPV_nolen(ST(1)); | 781 filename = SvPV_nolen(ST(1)); |
| 754 | 782 |
| 755 if (filename == NULL) { | 783 if (filename == NULL) { |
| 756 croak("sendfile(): NULL filename"); | 784 croak("sendfile(): NULL filename"); |
| 757 } | 785 } |
| 850 | 878 |
| 851 if (ctx->error) { | 879 if (ctx->error) { |
| 852 croak("flush(): called after error"); | 880 croak("flush(): called after error"); |
| 853 } | 881 } |
| 854 | 882 |
| 883 if (ctx->variable) { | |
| 884 croak("flush(): cannot be used in variable handler"); | |
| 885 } | |
| 886 | |
| 855 b = ngx_calloc_buf(r->pool); | 887 b = ngx_calloc_buf(r->pool); |
| 856 if (b == NULL) { | 888 if (b == NULL) { |
| 857 ctx->error = 1; | 889 ctx->error = 1; |
| 858 croak("ngx_calloc_buf() failed"); | 890 croak("ngx_calloc_buf() failed"); |
| 859 } | 891 } |
| 880 ngx_http_perl_ctx_t *ctx; | 912 ngx_http_perl_ctx_t *ctx; |
| 881 SV *uri; | 913 SV *uri; |
| 882 ngx_uint_t i; | 914 ngx_uint_t i; |
| 883 | 915 |
| 884 ngx_http_perl_set_request(r, ctx); | 916 ngx_http_perl_set_request(r, ctx); |
| 917 | |
| 918 if (ctx->variable) { | |
| 919 croak("internal_redirect(): cannot be used in variable handler"); | |
| 920 } | |
| 885 | 921 |
| 886 uri = ST(1); | 922 uri = ST(1); |
| 887 | 923 |
| 888 if (ngx_http_perl_sv2str(aTHX_ r, &ctx->redirect_uri, uri) != NGX_OK) { | 924 if (ngx_http_perl_sv2str(aTHX_ r, &ctx->redirect_uri, uri) != NGX_OK) { |
| 889 ctx->error = 1; | 925 ctx->error = 1; |
| 908 | 944 |
| 909 ngx_http_request_t *r; | 945 ngx_http_request_t *r; |
| 910 ngx_http_perl_ctx_t *ctx; | 946 ngx_http_perl_ctx_t *ctx; |
| 911 | 947 |
| 912 ngx_http_perl_set_request(r, ctx); | 948 ngx_http_perl_set_request(r, ctx); |
| 949 | |
| 950 if (ctx->variable) { | |
| 951 croak("allow_ranges(): cannot be used in variable handler"); | |
| 952 } | |
| 913 | 953 |
| 914 r->allow_ranges = 1; | 954 r->allow_ranges = 1; |
| 915 | 955 |
| 916 | 956 |
| 917 void | 957 void |
| 1095 ngx_http_perl_ctx_t *ctx; | 1135 ngx_http_perl_ctx_t *ctx; |
| 1096 ngx_msec_t sleep; | 1136 ngx_msec_t sleep; |
| 1097 | 1137 |
| 1098 ngx_http_perl_set_request(r, ctx); | 1138 ngx_http_perl_set_request(r, ctx); |
| 1099 | 1139 |
| 1140 if (ctx->variable) { | |
| 1141 croak("sleep(): cannot be used in variable handler"); | |
| 1142 } | |
| 1143 | |
| 1100 if (ctx->next) { | 1144 if (ctx->next) { |
| 1101 croak("sleep(): another handler active"); | 1145 croak("sleep(): another handler active"); |
| 1102 } | 1146 } |
| 1103 | 1147 |
| 1104 sleep = (ngx_msec_t) SvIV(ST(1)); | 1148 sleep = (ngx_msec_t) SvIV(ST(1)); |