[nginx] Core: added NGX_REGEX_MULTILINE for 3rd party modules.

Maxim Dounin mdounin at mdounin.ru
Fri Dec 24 22:11:37 UTC 2021 

details:   https://hg.nginx.org/nginx/rev/d07456044b61
branches:  
changeset: 7983:d07456044b61
user:      Maxim Dounin <mdounin at mdounin.ru>
date:      Sat Dec 25 01:07:18 2021 +0300
description:
Core: added NGX_REGEX_MULTILINE for 3rd party modules.

Notably, NAXSI is known to misuse ngx_regex_compile() with rc.options set
to PCRE_CASELESS | PCRE_MULTILINE.  With PCRE2 support, and notably binary
compatibility changes, it is no longer possible to set PCRE[2]_MULTILINE
option without using proper interface.  To facilitate correct usage,
this change adds the NGX_REGEX_MULTILINE option.

diffstat:

 src/core/ngx_regex.c |  12 ++++++++++--
 src/core/ngx_regex.h |   1 +
 2 files changed, 11 insertions(+), 2 deletions(-)

diffs (40 lines):

diff -r fbbb5ce52995 -r d07456044b61 src/core/ngx_regex.c
--- a/src/core/ngx_regex.c	Sat Dec 25 01:07:16 2021 +0300
+++ b/src/core/ngx_regex.c	Sat Dec 25 01:07:18 2021 +0300
@@ -159,7 +159,11 @@ ngx_regex_compile(ngx_regex_compile_t *r
         options |= PCRE2_CASELESS;
     }
 
-    if (rc->options & ~NGX_REGEX_CASELESS) {
+    if (rc->options & NGX_REGEX_MULTILINE) {
+        options |= PCRE2_MULTILINE;
+    }
+
+    if (rc->options & ~(NGX_REGEX_CASELESS|NGX_REGEX_MULTILINE)) {
         rc->err.len = ngx_snprintf(rc->err.data, rc->err.len,
                             "regex \"%V\" compilation failed: invalid options",
                             &rc->pattern)
@@ -275,7 +279,11 @@ ngx_regex_compile(ngx_regex_compile_t *r
         options |= PCRE_CASELESS;
     }
 
-    if (rc->options & ~NGX_REGEX_CASELESS) {
+    if (rc->options & NGX_REGEX_MULTILINE) {
+        options |= PCRE_MULTILINE;
+    }
+
+    if (rc->options & ~(NGX_REGEX_CASELESS|NGX_REGEX_MULTILINE)) {
         rc->err.len = ngx_snprintf(rc->err.data, rc->err.len,
                             "regex \"%V\" compilation failed: invalid options",
                             &rc->pattern)
diff -r fbbb5ce52995 -r d07456044b61 src/core/ngx_regex.h
--- a/src/core/ngx_regex.h	Sat Dec 25 01:07:16 2021 +0300
+++ b/src/core/ngx_regex.h	Sat Dec 25 01:07:18 2021 +0300
@@ -37,6 +37,7 @@ typedef struct {
 
 
 #define NGX_REGEX_CASELESS     0x00000001
+#define NGX_REGEX_MULTILINE    0x00000002
 
 
 typedef struct {

More information about the nginx-devel mailing list