patch for #1416 xslt_stylesheet parameter only works on first request

Ruslan Ermilov ru at nginx.com
Thu Nov 16 10:14:57 UTC 2017


Hi,

On Wed, Nov 15, 2017 at 09:57:28PM +0100, Karim Malhas wrote:
> Hi all,
> 
> I recently discovered a bug [0] concerning the xslt_stylesheet directive as
> documented here [1].
> 
> The root cause of this issue is that the parser of the directive also
> modifies it instead of just reading it. 
> 
> I have created a patch which lets the parser work on a copy of that
> data, so that changes to it will not affect subsequent requests.
> 
> In my opinion this is merely a workaround, the parser probably should
> not modify the data it parsed from the configuration file, but I didn't
> feel comfortable to make such a big change.
> 
> Since this is my first time working with nginx I am seeking feedback on
> the approach I used.
> 
> 
> Kind regards,
> Karim Malhas
> 
> 
> 
> [0] https://trac.nginx.org/nginx/ticket/1416
> [1] https://nginx.org/en/docs/http/ngx_http_xslt_module.html#xslt_stylesheet

My patch has just got a positive review from Maxim Dounin, and
I'm going to commit it later today.  Here it is, for reference:

# HG changeset patch
# User Ruslan Ermilov <ru at nginx.com>
# Date 1510827158 -10800
#      Thu Nov 16 13:12:38 2017 +0300
# Node ID e8062e0dd60c8f594106cf4bee8761429702c8e5
# Parent  687a9344627a48bc307c942148e07a95fc893382
Xslt: fixed parameters parsing (ticket #1416).

If parameters were specified in xslt_stylesheet without variables,
any request except the first would cause an internal server error.

diff --git a/src/http/modules/ngx_http_xslt_filter_module.c b/src/http/modules/ngx_http_xslt_filter_module.c
--- a/src/http/modules/ngx_http_xslt_filter_module.c
+++ b/src/http/modules/ngx_http_xslt_filter_module.c
@@ -686,8 +686,19 @@ ngx_http_xslt_params(ngx_http_request_t 
          * specified in xslt_stylesheet directives
          */
 
-        p = string.data;
-        last = string.data + string.len;
+        if (param[i].value.lengths) {
+            p = string.data;
+
+        } else {
+            p = ngx_pnalloc(r->pool, string.len + 1);
+            if (p == NULL) {
+                return NGX_ERROR;
+            }
+
+            ngx_memcpy(p, string.data, string.len + 1);
+        }
+
+        last = p + string.len;
 
         while (p && *p) {
 


More information about the nginx-devel mailing list