A bug with geo module which may cause Nginx segment fault.
姚伟斌
nbubingo at gmail.com
Thu Aug 16 08:46:05 UTC 2012
Hi,
We found a bug with geo module. If you use geo module with range
directive, but you don't add the default directive, it'll cause a
segment fault.
The test configure is like this:
http {
geo $geo {
ranges;
10.0.0.1-10.0.0.1 1;
}
server {
listen 80;
location / {
set $test $geo;
root html;
index index.html index.htm;
}
}
}
The reason is that configure structure value is assigned to the geo
structure before the default value initialized. You can see the code
in the geo module:
geo->u.high = ctx.high;
var->get_handler = ngx_http_geo_range_variable;
var->data = (uintptr_t) geo;
if (ctx.high.default_value == NULL) {
ctx.high.default_value = &ngx_http_variable_null_value;
}
The variable of ctx is allocated by stack. And the member variable
ctx.high is structure, not a pointer.
The attachment is our patch for this bug. The man who first found
this bug is Zhen Chen ( gongyuan.cz at taobao.com ) in our team.
Thanks.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: geo.patch
Type: application/octet-stream
Size: 797 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20120816/d9849b32/attachment.obj>
More information about the nginx-devel
mailing list