nginx: conf/fastcgi_params annotate

annotate conf/fastcgi_params @ 7094:c7d4017c8876

Secure link: fixed stack buffer overflow. When secure link checksum has length of 23 or 24 bytes, decoded base64 value could occupy 17 or 18 bytes which is more than 16 bytes previously allocated for it on stack. The buffer overflow does not have any security implications since only one local variable was corrupted and this variable was not used in this case. The fix is to increase buffer size up to 18 bytes. Useless buffer size initialization is removed as well.

author	Roman Arutyunyan <arut@nginx.com>
date	Tue, 22 Aug 2017 21:22:59 +0300
parents	62869a9b2e7d
children

rev	line source
537 c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	1
c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	2 fastcgi_param QUERY_STRING $query_string;
c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	3 fastcgi_param REQUEST_METHOD $request_method;
c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	4 fastcgi_param CONTENT_TYPE $content_type;
c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	5 fastcgi_param CONTENT_LENGTH $content_length;
c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	6
c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	7 fastcgi_param SCRIPT_NAME $fastcgi_script_name;
c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	8 fastcgi_param REQUEST_URI $request_uri;
c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	9 fastcgi_param DOCUMENT_URI $document_uri;
c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	10 fastcgi_param DOCUMENT_ROOT $document_root;
c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	11 fastcgi_param SERVER_PROTOCOL $server_protocol;
6168 62869a9b2e7d Added the REQUEST_SCHEME parameter. Maxim Dounin <mdounin@mdounin.ru> parents: 4333 diff changeset	12 fastcgi_param REQUEST_SCHEME $scheme;
4333 352a7b025f2e Added HTTPS param with Apache-like behaviour to fastcgi/scgi/uwsgi_params (fixes #38). Valentin Bartenev <vbart@nginx.com> parents: 1330 diff changeset	13 fastcgi_param HTTPS $https if_not_empty;
537 c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	14
c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	15 fastcgi_param GATEWAY_INTERFACE CGI/1.1;
1330 badefafbf7f3 add $nginx_version Igor Sysoev <igor@sysoev.ru> parents: 537 diff changeset	16 fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
537 c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	17
c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	18 fastcgi_param REMOTE_ADDR $remote_addr;
c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	19 fastcgi_param REMOTE_PORT $remote_port;
c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	20 fastcgi_param SERVER_ADDR $server_addr;
c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	21 fastcgi_param SERVER_PORT $server_port;
c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	22 fastcgi_param SERVER_NAME $server_name;
c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	23
c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	24 # PHP only, required if PHP was built with --enable-force-cgi-redirect
c9ad0d9c7d59 nginx-0.1.43-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	25 fastcgi_param REDIRECT_STATUS 200;

Mercurial > hg > nginx

annotate conf/fastcgi_params @ 7094:c7d4017c8876