[nginx] svn commit: r4973 - in trunk/src/http: . modules modules/perl
ru at nginx.com
ru at nginx.com
Mon Dec 17 19:03:33 UTC 2012
Author: ru
Date: 2012-12-17 19:03:33 +0000 (Mon, 17 Dec 2012)
New Revision: 4973
URL: http://trac.nginx.org/nginx/changeset/4973/nginx
Log:
Added checks that disallow adding a variable with an empty name.
Added variable name syntax checks to "geo" and "map" directives.
Modified:
trunk/src/http/modules/ngx_http_geo_module.c
trunk/src/http/modules/ngx_http_limit_conn_module.c
trunk/src/http/modules/ngx_http_map_module.c
trunk/src/http/modules/ngx_http_rewrite_module.c
trunk/src/http/modules/ngx_http_split_clients_module.c
trunk/src/http/modules/perl/ngx_http_perl_module.c
trunk/src/http/ngx_http_variables.c
Modified: trunk/src/http/modules/ngx_http_geo_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_geo_module.c 2012-12-17 12:08:53 UTC (rev 4972)
+++ trunk/src/http/modules/ngx_http_geo_module.c 2012-12-17 19:03:33 UTC (rev 4973)
@@ -325,7 +325,7 @@
name = value[1];
- if (name.len < 2 || name.data[0] != '$') {
+ if (name.data[0] != '$') {
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
"invalid variable name \"%V\"", &name);
return NGX_CONF_ERROR;
@@ -342,6 +342,13 @@
}
name = value[2];
+
+ if (name.data[0] != '$') {
+ ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+ "invalid variable name \"%V\"", &name);
+ return NGX_CONF_ERROR;
+ }
+
name.len--;
name.data++;
Modified: trunk/src/http/modules/ngx_http_limit_conn_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_limit_conn_module.c 2012-12-17 12:08:53 UTC (rev 4972)
+++ trunk/src/http/modules/ngx_http_limit_conn_module.c 2012-12-17 19:03:33 UTC (rev 4973)
@@ -540,7 +540,7 @@
continue;
}
- if (value[i].len > 1 && value[i].data[0] == '$') {
+ if (value[i].data[0] == '$') {
value[i].len--;
value[i].data++;
@@ -613,7 +613,7 @@
value = cf->args->elts;
- if (value[2].len < 2 || value[2].data[0] != '$') {
+ if (value[2].data[0] != '$') {
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
"invalid variable name \"%V\"", &value[2]);
return NGX_CONF_ERROR;
Modified: trunk/src/http/modules/ngx_http_map_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_map_module.c 2012-12-17 12:08:53 UTC (rev 4972)
+++ trunk/src/http/modules/ngx_http_map_module.c 2012-12-17 19:03:33 UTC (rev 4973)
@@ -209,6 +209,13 @@
}
name = value[2];
+
+ if (name.data[0] != '$') {
+ ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+ "invalid variable name \"%V\"", &name);
+ return NGX_CONF_ERROR;
+ }
+
name.len--;
name.data++;
Modified: trunk/src/http/modules/ngx_http_rewrite_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_rewrite_module.c 2012-12-17 12:08:53 UTC (rev 4972)
+++ trunk/src/http/modules/ngx_http_rewrite_module.c 2012-12-17 19:03:33 UTC (rev 4973)
@@ -908,7 +908,7 @@
value = cf->args->elts;
- if (value[1].len < 2 || value[1].data[0] != '$') {
+ if (value[1].data[0] != '$') {
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
"invalid variable name \"%V\"", &value[1]);
return NGX_CONF_ERROR;
Modified: trunk/src/http/modules/ngx_http_split_clients_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_split_clients_module.c 2012-12-17 12:08:53 UTC (rev 4972)
+++ trunk/src/http/modules/ngx_http_split_clients_module.c 2012-12-17 19:03:33 UTC (rev 4973)
@@ -139,7 +139,7 @@
name = value[2];
- if (name.len < 2 || name.data[0] != '$') {
+ if (name.data[0] != '$') {
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
"invalid variable name \"%V\"", &name);
return NGX_CONF_ERROR;
Modified: trunk/src/http/modules/perl/ngx_http_perl_module.c
===================================================================
--- trunk/src/http/modules/perl/ngx_http_perl_module.c 2012-12-17 12:08:53 UTC (rev 4972)
+++ trunk/src/http/modules/perl/ngx_http_perl_module.c 2012-12-17 19:03:33 UTC (rev 4973)
@@ -968,7 +968,7 @@
value = cf->args->elts;
- if (value[1].len < 2 || value[1].data[0] != '$') {
+ if (value[1].data[0] != '$') {
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
"invalid variable name \"%V\"", &value[1]);
return NGX_CONF_ERROR;
Modified: trunk/src/http/ngx_http_variables.c
===================================================================
--- trunk/src/http/ngx_http_variables.c 2012-12-17 12:08:53 UTC (rev 4972)
+++ trunk/src/http/ngx_http_variables.c 2012-12-17 19:03:33 UTC (rev 4973)
@@ -330,6 +330,12 @@
ngx_http_variable_t *v;
ngx_http_core_main_conf_t *cmcf;
+ if (name->len == 0) {
+ ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+ "invalid variable name \"$\"");
+ return NULL;
+ }
+
cmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_core_module);
key = cmcf->variables_keys->keys.elts;
@@ -393,6 +399,12 @@
ngx_http_variable_t *v;
ngx_http_core_main_conf_t *cmcf;
+ if (name->len == 0) {
+ ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+ "invalid variable name \"$\"");
+ return NGX_ERROR;
+ }
+
cmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_core_module);
v = cmcf->variables.elts;
More information about the nginx-devel
mailing list