nginx.git, branch release-1.17.2

nginx-1.17.2-RELEASE

2019-07-23T12:01:47+00:00

Core: fixed memory leak on error, missed in c3f60d618c17.

2019-07-19T14:50:00+00:00

Found by Coverity (CID 1451664).

Xslt: fixed potential buffer overflow with null character.

2019-07-18T15:27:54+00:00

Due to shortcomings of the ccv->zero flag implementation in complex value
interface, length of the resulting string from ngx_http_complex_value()
might either not include terminating null character or include it,
so the only safe way to work with the result is to use it as a
null-terminated string.

Reported by Patrick Wollgast.

SSI: avoid potential buffer overflow.

2019-07-18T15:27:53+00:00

When "-" follows a parameter of maximum length, a single byte buffer
overflow happens, since the error branch does not check parameter length.
Fix is to avoid saving "-" to the parameter key, and instead use an error
message with "-" explicitly written.  The message is mostly identical to
one used in similar cases in the preequal state.

Reported by Patrick Wollgast.

Upstream: fixed EOF handling in unbuffered and upgraded modes.

2019-07-18T15:27:52+00:00

With level-triggered event methods it is important to specify
the NGX_CLOSE_EVENT flag to ngx_handle_read_event(), otherwise
the event won't be removed, resulting in CPU hog.

Reported by Patrick Wollgast.

HTTP/2: return error on output on closed stream.

2019-07-18T15:27:50+00:00

Without this, an (incorrect) output on a closed stream could result in
a socket leak.

Core: fixed segfault with too large bucket sizes (ticket #1806).

2019-07-18T15:27:44+00:00

To save memory hash code uses u_short to store resulting bucket sizes,
so maximum bucket size is limited to 65536 minus ngx_cacheline_size (larger
values will be aligned to 65536 which will overflow u_short).  However,
there were no checks to enforce this, and using larger bucket sizes
resulted in overflows and segmentation faults.

Appropriate safety checks to enforce this added to ngx_hash_init().

Perl: removed unused variable, forgotten in 975d7ab37b39.

2019-07-17T14:00:57+00:00

Gzip: use zlib to write header and trailer.

2019-07-12T10:43:08+00:00

When nginx is used with zlib patched with [1], which provides
integration with the future IBM Z hardware deflate acceleration, it ends
up computing CRC32 twice: one time in hardware, which always does this,
and one time in software by explicitly calling crc32().

crc32() calls were added in changesets 133:b27548f540ad ("nginx-0.0.1-
2003-09-24-23:51:12 import") and 134:d57c6835225c ("nginx-0.0.1-
2003-09-26-09:45:21 import") as part of gzip wrapping feature - back
then zlib did not support it.

However, since then gzip wrapping was implemented in zlib v1.2.0.4,
and it's already being used by nginx for log compression.

This patch replaces hand-written gzip wrapping with the one provided by
zlib. It simplifies the code, and makes it avoid computing CRC32 twice
when using hardware acceleration.

[1] https://github.com/madler/zlib/pull/410

Perl: named locations in $r->internal_redirect().

2019-07-12T12:39:28+00:00