fix bug in http_referer_module that using incorrect input string length in the regex matching process when header Referer starts with https://

Sergey Kandaurov pluknet at nginx.com
Tue Aug 13 15:25:13 UTC 2013


On Aug 12, 2013, at 9:27 AM, Liangbin Li <lilb.edwin at gmail.com> wrote:
> --- ngx_http_referer_module.c
> +++ ngx_http_referer_module.c
> @@ -147,10 +147,12 @@
>  
>          if (ngx_strncasecmp(ref, (u_char *) "http://", 7) == 0) {
>              ref += 7;
> +            len -= 7;
>              goto valid_scheme;
>  
>          } else if (ngx_strncasecmp(ref, (u_char *) "https://", 8) == 0) {
>              ref += 8;
> +            len -= 8;
>              goto valid_scheme;
>          }
>      }
> @@ -191,7 +193,7 @@
>          ngx_int_t  rc;
>          ngx_str_t  referer;
>  
> -        referer.len = len - 7;
> +        referer.len = len;
>          referer.data = ref;
>  
>          rc = ngx_regex_exec_array(rlcf->regex, &referer, r->connection->log);

Committed, thanks!

-- 
Sergey Kandaurov
pluknet at nginx.com



More information about the nginx mailing list