Mercurial > hg > nginx-vendor-current

diff src/http/modules/ngx_http_index_module.c @ 662:e5fa0a4a7d27 NGINX_1_1_15

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx 1.1.15 *) Feature: the "disable_symlinks" directive. *) Feature: the "proxy_cookie_domain" and "proxy_cookie_path" directives. *) Bugfix: nginx might log incorrect error "upstream prematurely closed connection" instead of correct "upstream sent too big header" one. Thanks to Feibo Li. *) Bugfix: nginx could not be built with the ngx_http_perl_module if the --with-openssl option was used. *) Bugfix: internal redirects to named locations were not limited. *) Bugfix: calling $r->flush() multiple times might cause errors in the ngx_http_gzip_filter_module. *) Bugfix: temporary files might be not removed if the "proxy_store" directive were used with SSI includes. *) Bugfix: in some cases non-cacheable variables (such as the $args variable) returned old empty cached value. *) Bugfix: a segmentation fault might occur in a worker process if too many SSI subrequests were issued simultaneously; the bug had appeared in 0.7.25.
author Igor Sysoev <http://sysoev.ru>
date Wed, 15 Feb 2012 00:00:00 +0400
parents d0f7a625f27c
children f5b859b2f097
line wrap: on
line diff
--- a/src/http/modules/ngx_http_index_module.c
+++ b/src/http/modules/ngx_http_index_module.c
@@ -209,6 +209,9 @@ ngx_http_index_handler(ngx_http_request_
         of.test_only = 1;
         of.errors = clcf->open_file_cache_errors;
         of.events = clcf->open_file_cache_events;
+#if (NGX_HAVE_OPENAT)
+        of.disable_symlinks = clcf->disable_symlinks;
+#endif
 
         if (ngx_open_cached_file(clcf->open_file_cache, &path, &of, r->pool)
             != NGX_OK)
@@ -220,6 +223,14 @@ ngx_http_index_handler(ngx_http_request_
                 return NGX_HTTP_INTERNAL_SERVER_ERROR;
             }
 
+#if (NGX_HAVE_OPENAT)
+            if (of.err == NGX_EMLINK
+                || of.err == NGX_ELOOP)
+            {
+                return NGX_HTTP_FORBIDDEN;
+            }
+#endif
+
             if (of.err == NGX_ENOTDIR
                 || of.err == NGX_ENAMETOOLONG
                 || of.err == NGX_EACCES)
@@ -296,12 +307,23 @@ ngx_http_index_test_dir(ngx_http_request
     of.test_only = 1;
     of.valid = clcf->open_file_cache_valid;
     of.errors = clcf->open_file_cache_errors;
+#if (NGX_HAVE_OPENAT)
+    of.disable_symlinks = clcf->disable_symlinks;
+#endif
 
     if (ngx_open_cached_file(clcf->open_file_cache, &dir, &of, r->pool)
         != NGX_OK)
     {
         if (of.err) {
 
+#if (NGX_HAVE_OPENAT)
+            if (of.err == NGX_EMLINK
+                || of.err == NGX_ELOOP)
+            {
+                return NGX_HTTP_FORBIDDEN;
+            }
+#endif
+
             if (of.err == NGX_ENOENT) {
                 *last = c;
                 return ngx_http_index_error(r, clcf, dir.data, NGX_ENOENT);