nginx 0.8.41 segfaults in ngx_list_push

Maxim Dounin mdounin at
Tue Jun 22 02:10:32 MSD 2010


On Mon, Jun 21, 2010 at 02:44:17PM -0700, Roman Vasilyev wrote:

> Thank you Maxim for extended description.
> Seems like I need some extra advice :)
> Let me describe my architecture and may be you will see better solution.
> I have openvpn server which storing some information at login time
> to some temp file and sending throw DHCP local IP address to client.
> All 80 port transparently goes throw nginx as forward proxy, results

First of all - it's not a good idea to use nginx as forward proxy.  
It was never designed to be used as forward proxy and issues 
including security ones are expected.

> from nginx in comparing with apache even without keep-alive support
> on highly loaded server MUCH better. No problems with memory usage,
> cpu utilization, and we have 10% faster browsing. Thank you guys for
> perfect web/proxy server.
> So... temp file is simple comma separated fields. From nginx part
> I'm getting this file by file name which is equals to local IP
> address, parsing it and providing to some scripts like input
> headers. If this method is unsafe could you recommend me best way to
> give this fast changeable session data to my scripts?

The unsafe part is direct modification of r->headers_in.  As long 
as you'll use something like

   proxy_set_header  X-Your-Header  $variable_from_your_module;

instead - you are on the safe side.

Maxim Dounin

More information about the nginx mailing list