Mercurial > hg > nginx
comparison src/http/ngx_http_variables.c @ 7121:924b6ef942bf
Fixed handling of unix sockets in $binary_remote_addr.
Previously, unix sockets were treated as AF_INET ones, and this may
result in buffer overread on Linux, where unbound unix sockets have
2-byte addresses.
Note that it is not correct to use just sun_path as a binary representation
for unix sockets. This will result in an empty string for unbound unix
sockets, and thus behaviour of limit_req and limit_conn will change when
switching from $remote_addr to $binary_remote_addr. As such, normal text
representation is used.
Reported by Stephan Dollberg.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Wed, 04 Oct 2017 21:19:42 +0300 |
| parents | 2a288909abc6 |
| children | 6ba68ad8b24c |
comparison
equal
deleted
inserted
replaced
| 7120:874171c3c71a | 7121:924b6ef942bf |
|---|---|
| 1238 v->data = sin6->sin6_addr.s6_addr; | 1238 v->data = sin6->sin6_addr.s6_addr; |
| 1239 | 1239 |
| 1240 break; | 1240 break; |
| 1241 #endif | 1241 #endif |
| 1242 | 1242 |
| 1243 #if (NGX_HAVE_UNIX_DOMAIN) | |
| 1244 case AF_UNIX: | |
| 1245 | |
| 1246 v->len = r->connection->addr_text.len; | |
| 1247 v->valid = 1; | |
| 1248 v->no_cacheable = 0; | |
| 1249 v->not_found = 0; | |
| 1250 v->data = r->connection->addr_text.data; | |
| 1251 | |
| 1252 break; | |
| 1253 #endif | |
| 1254 | |
| 1243 default: /* AF_INET */ | 1255 default: /* AF_INET */ |
| 1244 sin = (struct sockaddr_in *) r->connection->sockaddr; | 1256 sin = (struct sockaddr_in *) r->connection->sockaddr; |
| 1245 | 1257 |
| 1246 v->len = sizeof(in_addr_t); | 1258 v->len = sizeof(in_addr_t); |
| 1247 v->valid = 1; | 1259 v->valid = 1; |