SCGI Request format bug

Maxim Dounin mdounin at
Mon Jul 3 12:56:22 UTC 2017


On Sat, Jul 01, 2017 at 11:39:20AM -0600, Phil H wrote:

> I've got an SCGI project I'm working on.  My setup: buildroot, arm,
> 1.10.3.  I'm using auth_request to authorize any restricted resources,
> auth_request uses SCGI to my auth client.  99% of the time, I get normal,
> expected behavior.  Randomly an http resource will have a bad SCGI request
> format from Nginx to my auth client, which causes that resource to get
> denied.  It appears that Nginx has a problem formatting the SCGI request,
> has an invalid size at the front (per SCGI spec), which is typically 6-8
> bytes larger than the bytes sent over the socket.  Looks like a string
> handling bug.  Here are some SCGI requests that come in bad ( 2 examples,
> each one has good on top, bad below)

Please provide:

- "nginx -V" output;

- full configuration which triggers the problem (a minimal 
  configuration enough to reproduce the problem would be a plus);

- a debugging log (;

- dump of the traffic between nginx and the backend for a 
  problematic request ("tcpdump -Xs0" should be fine).

Maxim Dounin

More information about the nginx-devel mailing list