[PATCH] Fastcgi: core dump was caused by duplicated request header

Maxim Dounin mdounin at mdounin.ru
Sat Jun 11 16:30:03 MSD 2011


Hello!

On Fri, Jun 10, 2011 at 04:55:55PM +0800, Simon Liu wrote:

> Thanks!
> 
> I refactor the prev patch.
> 
> this is new patch:

[...]

> @@ -707,7 +769,10 @@
>      ignored = NULL;
> 
>      flcf = ngx_http_get_module_loc_conf(r, ngx_http_fastcgi_module);
> +    cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);
> 
> +    allow_underscores = cscf->underscores_in_headers;
> +

This is a layering violation.  This is also a good example of why 
layering violation is bad: this is incorrect as underscores may as 
well appear in headers with "ignore_invalid_headers off;", even if 
undescores_in_headers is off.

>      if (flcf->params_len) {
>          ngx_memzero(&le, sizeof(ngx_http_script_engine_t));
> 
> @@ -784,6 +849,14 @@
>                  }
> 
>                  if (ngx_hash_find(&flcf->headers_hash, hash, lowcase_key,
> n)) {
> +
> +                    if (header_params == flcf->header_params
> +                       || ngx_http_fastcgi_ignored_header(ignored,
> &header[i],
> +                           header_params, allow_underscores) == NGX_OK)
> +                    {
> +                        continue;
> +                    }
> +
>                      ignored[header_params++] = &header[i];

I would suggest using bitmask sized after number of headers in 
request instead.

Alternatively, nginx dynamically sized array or list may be used 
for ignored, this should be a bit closer to original code.  Though 
I personally think bitmask would be better.

Maxim Dounin



More information about the nginx-devel mailing list