- nginx-devel - mailman.nginx.org

by Dk Jack

Hi, I have a question related to internal redirect, I am hoping someone from this forum can clarify. The email is a bit long since I wanted to provide enough background for my situation. In my module, I am creating my module context and saving some state. Some of this state is allocated using ngx_palloc. I am releasing this memory by adding a pool clean up handler. In my module, for certain requests I am doing an internal redirect. My code for redirect looks something like this: ngx_http_internal_redirect(r, &new_uri, &r->args); ngx_http_finalize_request(r, NGX_DONE); According to the documentation http://nginx.org/en/docs/dev/development_guide.html#http_request_redirection it says, on calling internal_redirect, the module context will be erased to avoid inconsistencies. It also says, the processing returns to the NGX_HTTP_SERVER_REWRITE_PHASE. To understand the behavior better, I attached a debugger and added a breakpoint after the above two lines. When the debugger stopped at my breakpoint, my module context still seems to be valid. I added a second breakpoint in my rewrite-handler and allowed the debugger to continue. Now when the debugger stopped at the second breakpoint, my module context was erased which seems consistent with the documentation. So my question is, if my context is erased, what happens to the memory I allocated before my module invoked the internal redirect call? I put a log statement in my cleanup function and I observed that it is getting invoked only once at the end of the request processing. It is not getting called when my context is erased after an internal redirect. Since I need my context data after redirection, do I reallocate and recreate it? Since my clean up code is getting called only once. Would this lead to a memory leak if I reallocated after the internal redirect call because I'd be allocated once before redirect and once after redirect. Any help or clarification in this regard is greatly appreciated. Dk.

1 day, 7 hours

2
4
0 0

[nginx] Contrib: vim syntax adjusted to save cpoptions (ticket #2276).

by Maxim Dounin

details: https://hg.nginx.org/nginx/rev/5d88e2bf92b3 branches: changeset: 7996:5d88e2bf92b3 user: Maxim Dounin <mdounin(a)mdounin.ru> date: Sat Jan 22 00:28:51 2022 +0300 description: Contrib: vim syntax adjusted to save cpoptions (ticket #2276). Line continuation as used in the syntax file might be broken if "compatible" is set or "C" is added to cpoptions. Fix is to set the "cpoptions" option to vim default value at script start and restore it later, see ":help use-cpo-save". diffstat: contrib/vim/syntax/nginx.vim | 6 ++++++ 1 files changed, 6 insertions(+), 0 deletions(-) diffs (21 lines): diff -r 7752d8523066 -r 5d88e2bf92b3 contrib/vim/syntax/nginx.vim --- a/contrib/vim/syntax/nginx.vim Wed Jan 19 17:37:34 2022 -0800 +++ b/contrib/vim/syntax/nginx.vim Sat Jan 22 00:28:51 2022 +0300 @@ -5,6 +5,9 @@ if exists("b:current_syntax") finish end +let s:save_cpo = &cpo +set cpo&vim + " general syntax if has("patch-7.4.1142") @@ -2485,4 +2488,7 @@ hi def link ngxDirectiveThirdPartyDeprec hi def link ngxListenOptions Keyword hi def link ngxListenOptionsDeprecated Error +let &cpo = s:save_cpo +unlet s:save_cpo + let b:current_syntax = "nginx"

2 days, 5 hours

1
0
0 0

[PATCH] workers process making them traceable on FreeBSD 11.x and above

by David CARLIER

From 7f3194c36a9788d9b98630773ab907adb110cf6f Mon Sep 17 00:00:00 2001 From: David CARLIER <devnexen(a)gmail.com> Date: Thu, 20 Jan 2022 20:56:49 +0000 Subject: [PATCH] process worker, enabling process tracing and core dumping on FreeBSD 11.x and above using the procctl native API. Checking the version is enough as the functions and the flag we re interested in are available right off the bat. Signed-off-by: David CARLIER <devnexen(a)gmail.com> --- auto/os/freebsd | 11 +++++++++++ src/os/unix/ngx_freebsd_config.h | 4 ++++ src/os/unix/ngx_process_cycle.c | 10 ++++++++++ 3 files changed, 25 insertions(+) diff --git a/auto/os/freebsd b/auto/os/freebsd index 870bac4b..8bb086f0 100644 --- a/auto/os/freebsd +++ b/auto/os/freebsd @@ -103,3 +103,14 @@ if [ $version -ge 701000 ]; then echo " + cpuset_setaffinity() found" have=NGX_HAVE_CPUSET_SETAFFINITY . auto/have fi + +# procctl + + +# the procctl api and its PROC_TRACE_CTL* flags exists from +# FreeBSD 11.x + +if [ $version -ge 1100000 ]; then + echo " + procctl() found" + have=NGX_HAVE_PROCCTL . auto/have +fi diff --git a/src/os/unix/ngx_freebsd_config.h b/src/os/unix/ngx_freebsd_config.h index c641108b..04ed19ca 100644 --- a/src/os/unix/ngx_freebsd_config.h +++ b/src/os/unix/ngx_freebsd_config.h @@ -87,6 +87,10 @@ #include <sys/event.h> #endif +#if (NGX_HAVE_PROCCTL) +#include <sys/procctl.h> +#endif + #if (NGX_HAVE_FILE_AIO) diff --git a/src/os/unix/ngx_process_cycle.c b/src/os/unix/ngx_process_cycle.c index 07cd05e8..c0cf052f 100644 --- a/src/os/unix/ngx_process_cycle.c +++ b/src/os/unix/ngx_process_cycle.c @@ -869,6 +869,16 @@ ngx_worker_process_init(ngx_cycle_t *cycle, ngx_int_t worker) #endif +#if (NGX_HAVE_PROCCTL) + /* allow the process being traceable and producing a coredump in FreeBSD 11.x */ + ngx_int_t ctl = PROC_TRACE_CTL_ENABLE; + + if (procctl(P_PID, 0, PROC_TRACE_CTL, &ctl) == -1) { + ngx_log_error(NGX_LOG_ALERT, cycle->log, ngx_errno, + "procctl(PROC_TRACE_CTL_ENABLE) failed"); + } +#endif + if (ccf->working_directory.len) { if (chdir((char *) ccf->working_directory.data) == -1) { ngx_log_error(NGX_LOG_ALERT, cycle->log, ngx_errno, -- 2.34.1

2 days, 10 hours

2
2
0 0

[njs] Fixed recursive async function calls.

by Dmitry Volyntsev

details: https://hg.nginx.org/njs/rev/d776b59196c5 branches: changeset: 1814:d776b59196c5 user: Dmitry Volyntsev <xeioex(a)nginx.com> date: Fri Jan 21 14:31:30 2022 +0000 description: Fixed recursive async function calls. Previously, PromiseCapability record was stored (function->context) directly in function object during a function invocation. This is not correct, because PromiseCapability record should be linked to current execution context. As a result, function->context is overwritten with consecutive recursive calls which results in use-after-free. This closes #451 issue on Github. diffstat: src/njs_async.c | 15 ++------------- src/njs_function.c | 8 +++++--- src/njs_function.h | 3 ++- src/njs_value.h | 1 - src/njs_vm.c | 2 +- src/njs_vmcode.c | 18 ++++++++---------- src/njs_vmcode.h | 3 ++- test/js/async_recursive_last.t.js | 26 ++++++++++++++++++++++++++ test/js/async_recursive_mid.t.js | 26 ++++++++++++++++++++++++++ 9 files changed, 72 insertions(+), 30 deletions(-) diffs (264 lines): diff -r 620418b1a641 -r d776b59196c5 src/njs_async.c --- a/src/njs_async.c Wed Jan 19 14:03:49 2022 +0000 +++ b/src/njs_async.c Fri Jan 21 14:31:30 2022 +0000 @@ -29,9 +29,7 @@ njs_async_function_frame_invoke(njs_vm_t return NJS_ERROR; } - frame->function->context = capability; - - ret = njs_function_lambda_call(vm); + ret = njs_function_lambda_call(vm, capability, NULL); if (ret == NJS_OK) { ret = njs_function_call(vm, njs_function(&capability->resolve), @@ -63,7 +61,6 @@ njs_await_fulfilled(njs_vm_t *vm, njs_va njs_int_t ret; njs_value_t **cur_local, **cur_closures, **cur_temp, *value; njs_frame_t *frame, *async_frame; - njs_function_t *function; njs_async_ctx_t *ctx; njs_native_frame_t *top, *async; @@ -78,8 +75,6 @@ njs_await_fulfilled(njs_vm_t *vm, njs_va async = &async_frame->native; async->previous = vm->top_frame; - function = async->function; - cur_local = vm->levels[NJS_LEVEL_LOCAL]; cur_closures = vm->levels[NJS_LEVEL_CLOSURE]; cur_temp = vm->levels[NJS_LEVEL_TEMP]; @@ -98,13 +93,7 @@ njs_await_fulfilled(njs_vm_t *vm, njs_va vm->top_frame->retval = &vm->retval; - function->context = ctx->capability; - function->await = ctx; - - ret = njs_vmcode_interpreter(vm, ctx->pc); - - function->context = NULL; - function->await = NULL; + ret = njs_vmcode_interpreter(vm, ctx->pc, ctx->capability, ctx); vm->levels[NJS_LEVEL_LOCAL] = cur_local; vm->levels[NJS_LEVEL_CLOSURE] = cur_closures; diff -r 620418b1a641 -r d776b59196c5 src/njs_function.c --- a/src/njs_function.c Wed Jan 19 14:03:49 2022 +0000 +++ b/src/njs_function.c Fri Jan 21 14:31:30 2022 +0000 @@ -608,7 +608,7 @@ njs_function_call2(njs_vm_t *vm, njs_fun njs_int_t -njs_function_lambda_call(njs_vm_t *vm) +njs_function_lambda_call(njs_vm_t *vm, void *promise_cap, void *async_ctx) { uint32_t n; njs_int_t ret; @@ -622,6 +622,8 @@ njs_function_lambda_call(njs_vm_t *vm) frame = (njs_frame_t *) vm->top_frame; function = frame->native.function; + njs_assert(function->context == NULL); + if (function->global && !function->closure_copied) { ret = njs_function_capture_global_closures(vm, function); if (njs_slow_path(ret != NJS_OK)) { @@ -698,7 +700,7 @@ njs_function_lambda_call(njs_vm_t *vm) } } - ret = njs_vmcode_interpreter(vm, lambda->start); + ret = njs_vmcode_interpreter(vm, lambda->start, promise_cap, async_ctx); /* Restore current level. */ vm->levels[NJS_LEVEL_LOCAL] = cur_local; @@ -775,7 +777,7 @@ njs_function_frame_invoke(njs_vm_t *vm, return njs_function_native_call(vm); } else { - return njs_function_lambda_call(vm); + return njs_function_lambda_call(vm, NULL, NULL); } } diff -r 620418b1a641 -r d776b59196c5 src/njs_function.h --- a/src/njs_function.h Wed Jan 19 14:03:49 2022 +0000 +++ b/src/njs_function.h Fri Jan 21 14:31:30 2022 +0000 @@ -112,7 +112,8 @@ njs_int_t njs_function_lambda_frame(njs_ njs_int_t njs_function_call2(njs_vm_t *vm, njs_function_t *function, const njs_value_t *this, const njs_value_t *args, njs_uint_t nargs, njs_value_t *retval, njs_bool_t ctor); -njs_int_t njs_function_lambda_call(njs_vm_t *vm); +njs_int_t njs_function_lambda_call(njs_vm_t *vm, void *promise_cap, + void *async_ctx); njs_int_t njs_function_native_call(njs_vm_t *vm); njs_native_frame_t *njs_function_frame_alloc(njs_vm_t *vm, size_t size); void njs_function_frame_free(njs_vm_t *vm, njs_native_frame_t *frame); diff -r 620418b1a641 -r d776b59196c5 src/njs_value.h --- a/src/njs_value.h Wed Jan 19 14:03:49 2022 +0000 +++ b/src/njs_value.h Fri Jan 21 14:31:30 2022 +0000 @@ -270,7 +270,6 @@ struct njs_function_s { } u; void *context; - void *await; njs_value_t *bound; }; diff -r 620418b1a641 -r d776b59196c5 src/njs_vm.c --- a/src/njs_vm.c Wed Jan 19 14:03:49 2022 +0000 +++ b/src/njs_vm.c Fri Jan 21 14:31:30 2022 +0000 @@ -490,7 +490,7 @@ njs_vm_start(njs_vm_t *vm) return ret; } - ret = njs_vmcode_interpreter(vm, vm->start); + ret = njs_vmcode_interpreter(vm, vm->start, NULL, NULL); return (ret == NJS_ERROR) ? NJS_ERROR : NJS_OK; } diff -r 620418b1a641 -r d776b59196c5 src/njs_vmcode.c --- a/src/njs_vmcode.c Wed Jan 19 14:03:49 2022 +0000 +++ b/src/njs_vmcode.c Fri Jan 21 14:31:30 2022 +0000 @@ -42,7 +42,8 @@ static njs_jump_off_t njs_vmcode_debugge static njs_jump_off_t njs_vmcode_return(njs_vm_t *vm, njs_value_t *invld, njs_value_t *retval); -static njs_jump_off_t njs_vmcode_await(njs_vm_t *vm, njs_vmcode_await_t *await); +static njs_jump_off_t njs_vmcode_await(njs_vm_t *vm, njs_vmcode_await_t *await, + njs_promise_capability_t *pcap, njs_async_ctx_t *actx); static njs_jump_off_t njs_vmcode_try_start(njs_vm_t *vm, njs_value_t *value, njs_value_t *offset, u_char *pc); @@ -77,7 +78,8 @@ static njs_jump_off_t njs_function_frame njs_int_t -njs_vmcode_interpreter(njs_vm_t *vm, u_char *pc) +njs_vmcode_interpreter(njs_vm_t *vm, u_char *pc, void *promise_cap, + void *async_ctx) { u_char *catch; double num, exponent; @@ -826,7 +828,7 @@ next: case NJS_VMCODE_AWAIT: await = (njs_vmcode_await_t *) pc; - return njs_vmcode_await(vm, await); + return njs_vmcode_await(vm, await, promise_cap, async_ctx); case NJS_VMCODE_TRY_START: ret = njs_vmcode_try_start(vm, value1, value2, pc); @@ -1812,7 +1814,8 @@ njs_vmcode_return(njs_vm_t *vm, njs_valu static njs_jump_off_t -njs_vmcode_await(njs_vm_t *vm, njs_vmcode_await_t *await) +njs_vmcode_await(njs_vm_t *vm, njs_vmcode_await_t *await, + njs_promise_capability_t *pcap, njs_async_ctx_t *ctx) { size_t size; njs_int_t ret; @@ -1820,7 +1823,6 @@ njs_vmcode_await(njs_vm_t *vm, njs_vmcod njs_value_t ctor, val, on_fulfilled, on_rejected, *value; njs_promise_t *promise; njs_function_t *fulfilled, *rejected; - njs_async_ctx_t *ctx; njs_native_frame_t *active; active = &vm->active_frame->native; @@ -1837,8 +1839,6 @@ njs_vmcode_await(njs_vm_t *vm, njs_vmcod return NJS_ERROR; } - ctx = active->function->await; - if (ctx == NULL) { ctx = njs_mp_alloc(vm->mem_pool, sizeof(njs_async_ctx_t)); if (njs_slow_path(ctx == NULL)) { @@ -1854,9 +1854,7 @@ njs_vmcode_await(njs_vm_t *vm, njs_vmcod } ctx->await = fulfilled->context; - ctx->capability = active->function->context; - - active->function->context = NULL; + ctx->capability = pcap; ret = njs_function_frame_save(vm, ctx->await, NULL); if (njs_slow_path(ret != NJS_OK)) { diff -r 620418b1a641 -r d776b59196c5 src/njs_vmcode.h --- a/src/njs_vmcode.h Wed Jan 19 14:03:49 2022 +0000 +++ b/src/njs_vmcode.h Fri Jan 21 14:31:30 2022 +0000 @@ -437,7 +437,8 @@ typedef struct { } njs_vmcode_await_t; -njs_int_t njs_vmcode_interpreter(njs_vm_t *vm, u_char *pc); +njs_int_t njs_vmcode_interpreter(njs_vm_t *vm, u_char *pc, + void *promise_cap, void *async_ctx); njs_object_t *njs_function_new_object(njs_vm_t *vm, njs_value_t *constructor); diff -r 620418b1a641 -r d776b59196c5 test/js/async_recursive_last.t.js --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/js/async_recursive_last.t.js Fri Jan 21 14:31:30 2022 +0000 @@ -0,0 +1,26 @@ +/*--- +includes: [compareArray.js] +flags: [async] +---*/ + +let stages = []; + +async function f(v) { + if (v == 3) { + return; + } + + stages.push(`f>${v}`); + + f(v + 1); + + stages.push(`f<${v}`); + + await "X"; +} + +f(0) +.then(v => { + assert.compareArray(stages, ['f>0', 'f>1', 'f>2', 'f<2', 'f<1', 'f<0']); +}) +.then($DONE, $DONE); diff -r 620418b1a641 -r d776b59196c5 test/js/async_recursive_mid.t.js --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/js/async_recursive_mid.t.js Fri Jan 21 14:31:30 2022 +0000 @@ -0,0 +1,26 @@ +/*--- +includes: [compareArray.js] +flags: [async] +---*/ + +let stages = []; + +async function f(v) { + if (v == 3) { + return; + } + + stages.push(`f>${v}`); + + await "X"; + + f(v + 1); + + stages.push(`f<${v}`); +} + +f(0) +.then(v => { + assert.compareArray(stages, ['f>0','f>1','f<0','f>2','f<1']); +}) +.then($DONE, $DONE);

2 days, 12 hours

1
0
0 0

[PATCH] SSL: always renewing tickets with TLSv1.3 (ticket #1892)

by Maxim Dounin

# HG changeset patch # User Maxim Dounin <mdounin(a)mdounin.ru> # Date 1642737110 -10800 # Fri Jan 21 06:51:50 2022 +0300 # Node ID cff51689a4a182cb11cba2eb9303e2bc21815432 # Parent 96ae8e57b3dd1b10f29d3060bbad93b7f9357b92 SSL: always renewing tickets with TLSv1.3 (ticket #1892). Chrome only use TLS session tickets once with TLS 1.3, likely following RFC 8446 Appendix C.4 recommendation. With OpenSSL, this works fine with built-in session tickets, since these are explicitly renewed in case of TLS 1.3 on each session reuse, but results in only two connections being reused after an initial handshake when using ssl_session_ticket_key. Fix is to always renew TLS session tickets in case of TLS 1.3 when using ssl_session_ticket_key, similarly to how it is done by OpenSSL internally. diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c --- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -4448,7 +4448,21 @@ ngx_ssl_session_ticket_key_callback(ngx_ return -1; } - return (i == 0) ? 1 : 2 /* renew */; + /* renew if TLSv1.3 */ + +#ifdef TLS1_3_VERSION + if (SSL_version(ssl_conn) == TLS1_3_VERSION) { + return 2; + } +#endif + + /* renew if non-default key */ + + if (i != 0) { + return 2; + } + + return 1; } }

2 days, 23 hours

1
0
0 0

[nginx] Core: simplify reader lock release.

by Pavel Pautov

details: https://hg.nginx.org/nginx/rev/7752d8523066 branches: changeset: 7995:7752d8523066 user: Pavel Pautov <p.pautov(a)f5.com> date: Wed Jan 19 17:37:34 2022 -0800 description: Core: simplify reader lock release. diffstat: src/core/ngx_rwlock.c | 18 +++--------------- 1 files changed, 3 insertions(+), 15 deletions(-) diffs (29 lines): diff -r aeab41dfd260 -r 7752d8523066 src/core/ngx_rwlock.c --- a/src/core/ngx_rwlock.c Mon Jan 17 17:05:12 2022 +0300 +++ b/src/core/ngx_rwlock.c Wed Jan 19 17:37:34 2022 -0800 @@ -89,22 +89,10 @@ ngx_rwlock_rlock(ngx_atomic_t *lock) void ngx_rwlock_unlock(ngx_atomic_t *lock) { - ngx_atomic_uint_t readers; - - readers = *lock; - - if (readers == NGX_RWLOCK_WLOCK) { + if (*lock == NGX_RWLOCK_WLOCK) { (void) ngx_atomic_cmp_set(lock, NGX_RWLOCK_WLOCK, 0); - return; - } - - for ( ;; ) { - - if (ngx_atomic_cmp_set(lock, readers, readers - 1)) { - return; - } - - readers = *lock; + } else { + (void) ngx_atomic_fetch_add(lock, -1); } }

3 days, 3 hours

1
0
0 0

[PATCH] Add ipv4=off option in resolver like ipv6=off (ticket #1330)

by Lukas Lihotzki

# HG changeset patch # User Lukas Lihotzki <lukas(a)lihotzki.de> # Date 1642618053 -3600 # Wed Jan 19 19:47:33 2022 +0100 # Node ID e9f06dc2d6a4a1aa61c15009b84ceedcaf5983b2 # Parent aeab41dfd2606dd36cabbf01f1472726e27e8aea Add ipv4=off option in resolver like ipv6=off (ticket #1330). IPv6-only hosts (ticket #1330) and upstreams with IPv6 bind address (ticket #1535) need to disable resolving to IPv4 addresses. Ticket #1330 mentions ipv4=off is the proper fix. diff -r aeab41dfd260 -r e9f06dc2d6a4 src/core/ngx_resolver.c --- a/src/core/ngx_resolver.c Mon Jan 17 17:05:12 2022 +0300 +++ b/src/core/ngx_resolver.c Wed Jan 19 19:47:33 2022 +0100 @@ -122,10 +122,13 @@ static ngx_int_t ngx_resolver_cmp_srvs(const void *one, const void *two); #if (NGX_HAVE_INET6) +#define ngx_ipv4_enabled(r) r->ipv4 static void ngx_resolver_rbtree_insert_addr6_value(ngx_rbtree_node_t *temp, ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel); static ngx_resolver_node_t *ngx_resolver_lookup_addr6(ngx_resolver_t *r, struct in6_addr *addr, uint32_t hash); +#else +#define ngx_ipv4_enabled(r) 1 #endif @@ -175,6 +178,7 @@ ngx_queue_init(&r->addr_expire_queue); #if (NGX_HAVE_INET6) + r->ipv4 = 1; r->ipv6 = 1; ngx_rbtree_init(&r->addr6_rbtree, &r->addr6_sentinel, @@ -225,6 +229,23 @@ } #if (NGX_HAVE_INET6) + if (ngx_strncmp(names[i].data, "ipv4=", 5) == 0) { + + if (ngx_strcmp(&names[i].data[5], "on") == 0) { + r->ipv4 = 1; + + } else if (ngx_strcmp(&names[i].data[5], "off") == 0) { + r->ipv4 = 0; + + } else { + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, + "invalid parameter: %V", &names[i]); + return NULL; + } + + continue; + } + if (ngx_strncmp(names[i].data, "ipv6=", 5) == 0) { if (ngx_strcmp(&names[i].data[5], "on") == 0) { @@ -273,6 +294,13 @@ } } +#if (NGX_HAVE_INET6) + if (!r->ipv4 && !r->ipv6) { + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "both ipv4 and ipv6 disabled"); + return NULL; + } +#endif + if (n && r->connections.nelts == 0) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "no name servers defined"); return NULL; @@ -836,7 +864,7 @@ r->last_connection = 0; } - rn->naddrs = (u_short) -1; + rn->naddrs = ngx_ipv4_enabled(r) ? (u_short) -1 : 0; rn->tcp = 0; #if (NGX_HAVE_INET6) rn->naddrs6 = r->ipv6 ? (u_short) -1 : 0; @@ -3644,7 +3672,7 @@ len = sizeof(ngx_resolver_hdr_t) + nlen + sizeof(ngx_resolver_qs_t); #if (NGX_HAVE_INET6) - p = ngx_resolver_alloc(r, r->ipv6 ? len * 2 : len); + p = ngx_resolver_alloc(r, len * (r->ipv4 + r->ipv6)); #else p = ngx_resolver_alloc(r, len); #endif @@ -3657,19 +3685,21 @@ #if (NGX_HAVE_INET6) if (r->ipv6) { - rn->query6 = p + len; + rn->query6 = p + len * r->ipv4; } #endif query = (ngx_resolver_hdr_t *) p; - ident = ngx_random(); - - ngx_log_debug2(NGX_LOG_DEBUG_CORE, r->log, 0, - "resolve: \"%V\" A %i", name, ident & 0xffff); - - query->ident_hi = (u_char) ((ident >> 8) & 0xff); - query->ident_lo = (u_char) (ident & 0xff); + if (ngx_ipv4_enabled(r)) { + ident = ngx_random(); + + ngx_log_debug2(NGX_LOG_DEBUG_CORE, r->log, 0, + "resolve: \"%V\" A %i", name, ident & 0xffff); + + query->ident_hi = (u_char) ((ident >> 8) & 0xff); + query->ident_lo = (u_char) (ident & 0xff); + } /* recursion query */ query->flags_hi = 1; query->flags_lo = 0; diff -r aeab41dfd260 -r e9f06dc2d6a4 src/core/ngx_resolver.h --- a/src/core/ngx_resolver.h Mon Jan 17 17:05:12 2022 +0300 +++ b/src/core/ngx_resolver.h Wed Jan 19 19:47:33 2022 +0100 @@ -176,7 +176,8 @@ ngx_queue_t addr_expire_queue; #if (NGX_HAVE_INET6) - ngx_uint_t ipv6; /* unsigned ipv6:1; */ + unsigned ipv4:1; + unsigned ipv6:1; ngx_rbtree_t addr6_rbtree; ngx_rbtree_node_t addr6_sentinel; ngx_queue_t addr6_resend_queue;

4 days, 8 hours

1
0
0 0

[njs] Fixed Function.prototype.apply() with slow arrays.

by Dmitry Volyntsev

details: https://hg.nginx.org/njs/rev/620418b1a641 branches: changeset: 1813:620418b1a641 user: Dmitry Volyntsev <xeioex(a)nginx.com> date: Wed Jan 19 14:03:49 2022 +0000 description: Fixed Function.prototype.apply() with slow arrays. Previously, the function had two issues: * array->start was referenced without checking for fast array flag * the created arguments list was not sanity-checked for its length, which can be very large. The fix is to remove micro-optimization for arrays and introduce limit size for arguments list. This closes #449 issue in Github. diffstat: src/njs_function.c | 17 +++++++---------- src/test/njs_unit_test.c | 4 ++++ 2 files changed, 11 insertions(+), 10 deletions(-) diffs (50 lines): diff -r c419a4e34998 -r 620418b1a641 src/njs_function.c --- a/src/njs_function.c Wed Jan 19 13:12:09 2022 +0000 +++ b/src/njs_function.c Wed Jan 19 14:03:49 2022 +0000 @@ -1385,18 +1385,10 @@ njs_function_prototype_apply(njs_vm_t *v if (njs_is_null_or_undefined(arr_like)) { length = 0; - goto activate; - - } else if (njs_is_array(arr_like)) { - arr = arr_like->data.u.array; + } - args = arr->start; - length = arr->length; - - goto activate; - - } else if (njs_slow_path(!njs_is_object(arr_like))) { + if (njs_slow_path(!njs_is_object(arr_like))) { njs_type_error(vm, "second argument is not an array-like object"); return NJS_ERROR; } @@ -1406,6 +1398,11 @@ njs_function_prototype_apply(njs_vm_t *v return ret; } + if (njs_slow_path(length > 1024)) { + njs_internal_error(vm, "argument list is too long"); + return NJS_ERROR; + } + arr = njs_array_alloc(vm, 1, length, NJS_ARRAY_SPARE); if (njs_slow_path(arr == NULL)) { return NJS_ERROR; diff -r c419a4e34998 -r 620418b1a641 src/test/njs_unit_test.c --- a/src/test/njs_unit_test.c Wed Jan 19 13:12:09 2022 +0000 +++ b/src/test/njs_unit_test.c Wed Jan 19 14:03:49 2022 +0000 @@ -10063,6 +10063,10 @@ static njs_unit_test_t njs_test[] = "f.apply(123, {})"), njs_str("123") }, + { njs_str("(function(index, ...rest){ return rest[index];})" + ".apply({}, [1022].concat(Array(1023).fill(1).map((v,i)=>i.toString(16))))"), + njs_str("3fe") }, + { njs_str("String.prototype.concat.apply('a', " "{length:2, 0:{toString:function() {return 'b'}}, 1:'c'})"), njs_str("abc") },

4 days, 9 hours

1
0
0 0

[PATCH] Prefer address family matching to local address in resolver (ticket #1535)

by Lukas Lihotzki

# HG changeset patch # User Lukas Lihotzki <lukas(a)lihotzki.de> # Date 1642576371 -3600 # Wed Jan 19 08:12:51 2022 +0100 # Node ID f922980f06b1162ae933c99c03bef09cfc12582f # Parent aeab41dfd2606dd36cabbf01f1472726e27e8aea Prefer address family matching to local address in resolver (ticket #1535). Without this change, upstream connections fail randomly for dual-stack host names when specifying a proxy_bind address (ticket #1535). This changeset adds two flags for avoiding resolving to either IPv4 or IPv6 addresses. stream and http set these flags based on the proxy_bind address. Avoided addresses are still returned if there are none of the other family, so the same error message as before is produced when connecting is impossible. diff -r aeab41dfd260 -r f922980f06b1 src/core/ngx_resolver.c --- a/src/core/ngx_resolver.c Mon Jan 17 17:05:12 2022 +0300 +++ b/src/core/ngx_resolver.c Wed Jan 19 08:12:51 2022 +0100 @@ -113,7 +113,7 @@ static void ngx_resolver_free_locked(ngx_resolver_t *r, void *p); static void *ngx_resolver_dup(ngx_resolver_t *r, void *src, size_t size); static ngx_resolver_addr_t *ngx_resolver_export(ngx_resolver_t *r, - ngx_resolver_node_t *rn, ngx_uint_t rotate); + ngx_resolver_node_t *rn, ngx_uint_t rotate, sa_family_t af, ngx_uint_t *na); static void ngx_resolver_report_srv(ngx_resolver_t *r, ngx_resolver_ctx_t *ctx); static u_char *ngx_resolver_log_error(ngx_log_t *log, u_char *buf, size_t len); static void ngx_resolver_resolve_srv_names(ngx_resolver_ctx_t *ctx, @@ -580,6 +580,7 @@ ngx_str_t *name) { uint32_t hash; + sa_family_t sa; ngx_int_t rc; ngx_str_t cname; ngx_uint_t i, naddrs; @@ -634,7 +635,15 @@ addrs = NULL; } else { - addrs = ngx_resolver_export(r, rn, 1); + sa = AF_UNSPEC; +#if (NGX_HAVE_INET6) + if (ctx->avoid_ipv4 && rn->naddrs6) { + sa = AF_INET6; + } else if (ctx->avoid_ipv6 && rn->naddrs) { + sa = AF_INET; + } +#endif + addrs = ngx_resolver_export(r, rn, 1, sa, &naddrs); if (addrs == NULL) { return NGX_ERROR; } @@ -2403,7 +2412,7 @@ addrs = NULL; } else { - addrs = ngx_resolver_export(r, rn, 0); + addrs = ngx_resolver_export(r, rn, 0, AF_UNSPEC, &naddrs); if (addrs == NULL) { goto failed; } @@ -2425,7 +2434,7 @@ ctx = next; ctx->state = NGX_OK; ctx->valid = rn->valid; - ctx->naddrs = naddrs; + ctx->naddrs = (ctx->avoid_ipv6 && rn->naddrs) ? rn->naddrs : naddrs; if (addrs == NULL) { ctx->addrs = &ctx->addr; @@ -2437,6 +2446,12 @@ } else { ctx->addrs = addrs; +#if (NGX_HAVE_INET6) + if (ctx->avoid_ipv4 && rn->naddrs6) { + ctx->addrs = addrs + rn->naddrs; + ctx->naddrs = rn->naddrs6; + } +#endif } next = ctx->next; @@ -4183,7 +4198,7 @@ static ngx_resolver_addr_t * ngx_resolver_export(ngx_resolver_t *r, ngx_resolver_node_t *rn, - ngx_uint_t rotate) + ngx_uint_t rotate, sa_family_t af, ngx_uint_t *na) { ngx_uint_t d, i, j, n; in_addr_t *addr; @@ -4197,7 +4212,11 @@ n = rn->naddrs; #if (NGX_HAVE_INET6) - n += rn->naddrs6; + if (af == AF_INET6) { + n = rn->naddrs6; + } else if (af != AF_INET) { + n += rn->naddrs6; + } #endif dst = ngx_resolver_calloc(r, n * sizeof(ngx_resolver_addr_t)); @@ -4214,7 +4233,11 @@ i = 0; d = rotate ? ngx_random() % n : 0; - if (rn->naddrs) { + if (rn->naddrs +#if (NGX_HAVE_INET6) + && af != AF_INET6 +#endif + ) { j = rotate ? ngx_random() % rn->naddrs : 0; addr = (rn->naddrs == 1) ? &rn->u.addr : rn->u.addrs; @@ -4237,7 +4260,7 @@ } #if (NGX_HAVE_INET6) - if (rn->naddrs6) { + if (rn->naddrs6 && af != AF_INET) { j = rotate ? ngx_random() % rn->naddrs6 : 0; addr6 = (rn->naddrs6 == 1) ? &rn->u6.addr6 : rn->u6.addrs6; @@ -4260,6 +4283,7 @@ } #endif + *na = n; return dst; } diff -r aeab41dfd260 -r f922980f06b1 src/core/ngx_resolver.h --- a/src/core/ngx_resolver.h Mon Jan 17 17:05:12 2022 +0300 +++ b/src/core/ngx_resolver.h Wed Jan 19 08:12:51 2022 +0100 @@ -221,6 +221,8 @@ unsigned quick:1; unsigned async:1; unsigned cancelable:1; + unsigned avoid_ipv4:1; + unsigned avoid_ipv6:1; ngx_uint_t recursion; ngx_event_t *event; }; diff -r aeab41dfd260 -r f922980f06b1 src/http/ngx_http_upstream.c --- a/src/http/ngx_http_upstream.c Mon Jan 17 17:05:12 2022 +0300 +++ b/src/http/ngx_http_upstream.c Wed Jan 19 08:12:51 2022 +0100 @@ -770,6 +770,18 @@ ctx->handler = ngx_http_upstream_resolve_handler; ctx->data = r; ctx->timeout = clcf->resolver_timeout; +#if (NGX_HAVE_INET6) + if (u->peer.local) { + switch (u->peer.local->sockaddr->sa_family) { + case AF_INET: + ctx->avoid_ipv6 = 1; + break; + case AF_INET6: + ctx->avoid_ipv4 = 1; + break; + } + } +#endif u->resolved->ctx = ctx; diff -r aeab41dfd260 -r f922980f06b1 src/stream/ngx_stream_proxy_module.c --- a/src/stream/ngx_stream_proxy_module.c Mon Jan 17 17:05:12 2022 +0300 +++ b/src/stream/ngx_stream_proxy_module.c Wed Jan 19 08:12:51 2022 +0100 @@ -547,6 +547,18 @@ ctx->handler = ngx_stream_proxy_resolve_handler; ctx->data = s; ctx->timeout = cscf->resolver_timeout; +#if (NGX_HAVE_INET6) + if (u->peer.local) { + switch (u->peer.local->sockaddr->sa_family) { + case AF_INET: + ctx->avoid_ipv6 = 1; + break; + case AF_INET6: + ctx->avoid_ipv4 = 1; + break; + } + } +#endif u->resolved->ctx = ctx;

4 days, 10 hours

2
1
0 0

[njs] Fixed type confusion bug while resolving promises.

by Dmitry Volyntsev

details: https://hg.nginx.org/njs/rev/c419a4e34998 branches: changeset: 1812:c419a4e34998 user: Dmitry Volyntsev <xeioex(a)nginx.com> date: Wed Jan 19 13:12:09 2022 +0000 description: Fixed type confusion bug while resolving promises. Previously, the internal function njs_promise_perform_then() which implements PerformPromiseThen() expects its first argument to always be a promise instance. This assertion might be invalid because the functions corresponding to Promise.prototype.then() and Promise.resolve() incorrectly verified their arguments. Specifically, the functions recognized their first argument as promise if it was an object which was an Promise or had Promise object in its prototype chain. The later condition is not correct because internal slots are not inherited according to the spec. This closes #447 issue in Github. diffstat: src/njs_promise.c | 33 ++++++------------- src/njs_vmcode.c | 2 +- test/js/promise_prototype_reject_type_confusion.t.js | 11 ++++++ test/js/promise_prototype_then_type_confusion.t.js | 11 ++++++ 4 files changed, 34 insertions(+), 23 deletions(-) diffs (109 lines): diff -r 79b109076c13 -r c419a4e34998 src/njs_promise.c --- a/src/njs_promise.c Tue Jan 18 15:37:11 2022 +0000 +++ b/src/njs_promise.c Wed Jan 19 13:12:09 2022 +0000 @@ -771,25 +771,19 @@ njs_promise_resolve(njs_vm_t *vm, njs_va { njs_int_t ret; njs_value_t value; - njs_object_t *object; njs_promise_capability_t *capability; static const njs_value_t string_constructor = njs_string("constructor"); - if (njs_is_object(x)) { - object = njs_object_proto_lookup(njs_object(x), NJS_PROMISE, - njs_object_t); + if (njs_is_promise(x)) { + ret = njs_value_property(vm, x, njs_value_arg(&string_constructor), + &value); + if (njs_slow_path(ret == NJS_ERROR)) { + return NULL; + } - if (object != NULL) { - ret = njs_value_property(vm, x, njs_value_arg(&string_constructor), - &value); - if (njs_slow_path(ret == NJS_ERROR)) { - return NULL; - } - - if (njs_values_same(&value, constructor)) { - return njs_promise(x); - } + if (njs_values_same(&value, constructor)) { + return njs_promise(x); } } @@ -875,19 +869,12 @@ njs_promise_prototype_then(njs_vm_t *vm, { njs_int_t ret; njs_value_t *promise, *fulfilled, *rejected, constructor; - njs_object_t *object; njs_function_t *function; njs_promise_capability_t *capability; promise = njs_argument(args, 0); - if (njs_slow_path(!njs_is_object(promise))) { - goto failed; - } - - object = njs_object_proto_lookup(njs_object(promise), NJS_PROMISE, - njs_object_t); - if (njs_slow_path(object == NULL)) { + if (njs_slow_path(!njs_is_promise(promise))) { goto failed; } @@ -933,6 +920,8 @@ njs_promise_perform_then(njs_vm_t *vm, n njs_promise_data_t *data; njs_promise_reaction_t *fulfilled_reaction, *rejected_reaction; + njs_assert(njs_is_promise(value)); + if (!njs_is_function(fulfilled)) { fulfilled = njs_value_arg(&njs_value_undefined); } diff -r 79b109076c13 -r c419a4e34998 src/njs_vmcode.c --- a/src/njs_vmcode.c Tue Jan 18 15:37:11 2022 +0000 +++ b/src/njs_vmcode.c Wed Jan 19 13:12:09 2022 +0000 @@ -1895,7 +1895,7 @@ njs_vmcode_await(njs_vm_t *vm, njs_vmcod rejected->args_count = 1; rejected->u.native = njs_await_rejected; - njs_set_object(&val, &promise->object); + njs_set_promise(&val, promise); njs_set_function(&on_fulfilled, fulfilled); njs_set_function(&on_rejected, rejected); diff -r 79b109076c13 -r c419a4e34998 test/js/promise_prototype_reject_type_confusion.t.js --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/js/promise_prototype_reject_type_confusion.t.js Wed Jan 19 13:12:09 2022 +0000 @@ -0,0 +1,11 @@ +/*--- +includes: [] +flags: [async] +---*/ + +Symbol.__proto__ = new Promise(()=>{}); + +Promise.reject(Symbol) +.then(v => $DONOTEVALUATE()) +.catch(err => assert.sameValue(err.name, 'Symbol')) +.then($DONE, $DONE); diff -r 79b109076c13 -r c419a4e34998 test/js/promise_prototype_then_type_confusion.t.js --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/js/promise_prototype_then_type_confusion.t.js Wed Jan 19 13:12:09 2022 +0000 @@ -0,0 +1,11 @@ +/*--- +includes: [] +flags: [async] +---*/ + +Symbol.__proto__ = new Promise(()=>{}); + +Promise.resolve(Symbol) +.then(v => $DONOTEVALUATE()) +.catch(err => assert.sameValue(err.name, 'TypeError')) +.then($DONE, $DONE);

4 days, 13 hours

1
0
0 0

2022

nginx-devel ----- 2022 ----- January 2022

nginx-devel