[PATCH] Fixed handling of very long locations (ticket #2435)

Maxim Dounin mdounin at mdounin.ru
Thu Jan 26 02:30:19 UTC 2023


Hello!

On Wed, Jan 25, 2023 at 04:08:07PM +0400, Sergey Kandaurov wrote:

> > On 18 Jan 2023, at 23:50, Maxim Dounin <mdounin at mdounin.ru> wrote:
> > 
> > # HG changeset patch
> > # User Maxim Dounin <mdounin at mdounin.ru>
> > # Date 1674071317 -10800
> > #      Wed Jan 18 22:48:37 2023 +0300
> > # Node ID 4af6cc78dc72fbb15326e6ffbbd30935f0cb794b
> > # Parent  07b0bee87f32be91a33210bc06973e07c4c1dac9
> > Fixed handling of very long locations (ticket #2435).
> > 
> > Previously, location prefix length in ngx_http_location_tree_node_t was
> > stored as "u_char", and therefore location prefixes longer than 255 bytes
> > were handled incorrectly.
> > 
> > Fix is to use "u_short" instead.  With "u_short", prefixes up to 65535 bytes
> > can be safely used, and this isn't reachable due to NGX_CONF_BUFFER, which
> > is 4096 bytes.
> > 
> > diff --git a/src/http/ngx_http.c b/src/http/ngx_http.c
> > --- a/src/http/ngx_http.c
> > +++ b/src/http/ngx_http.c
> > @@ -1130,7 +1130,7 @@ ngx_http_create_locations_tree(ngx_conf_
> >     node->auto_redirect = (u_char) ((lq->exact && lq->exact->auto_redirect)
> >                            || (lq->inclusive && lq->inclusive->auto_redirect));
> > 
> > -    node->len = (u_char) len;
> > +    node->len = (u_short) len;
> >     ngx_memcpy(node->name, &lq->name->data[prefix], len);
> > 
> >     ngx_queue_split(locations, q, &tail);
> > diff --git a/src/http/ngx_http_core_module.h b/src/http/ngx_http_core_module.h
> > --- a/src/http/ngx_http_core_module.h
> > +++ b/src/http/ngx_http_core_module.h
> > @@ -463,8 +463,8 @@ struct ngx_http_location_tree_node_s {
> >     ngx_http_core_loc_conf_t        *exact;
> >     ngx_http_core_loc_conf_t        *inclusive;
> > 
> > +    u_short                          len;
> >     u_char                           auto_redirect;
> > -    u_char                           len;
> >     u_char                           name[1];
> > };
> > 
> 
> Looks good.

Thanks for the review, pushed to http://mdounin.ru/hg/nginx.

-- 
Maxim Dounin
http://mdounin.ru/


More information about the nginx-devel mailing list