nginx.git/src/http/modules/ngx_http_rewrite_module.c, branch release-1.29.2

Rewrite: fixed "return" directive without response text.

2024-02-26T20:00:28+00:00

Previously, the response text wasn't initialized and the rewrite module
was sending response body set to NULL.

Found with UndefinedBehaviorSanitizer (pointer-overflow).

Signed-off-by: Piotr Sikora

Rewrite: disallow empty replacements.

2019-12-16T12:19:01+00:00

While empty replacements were caught at run-time, parsing code
of the "rewrite" directive expects that a minimum length of the
"replacement" argument is 1.

Rewrite: removed r->err_status special handling (ticket #1634).

2018-09-21T12:59:33+00:00

Trying to look into r->err_status in the "return" directive
makes it behave differently than real errors generated in other
parts of the code, and is an endless source of various problems.
This behaviour was introduced in 726:7b71936d5299 (0.4.4) with
the comment "fix: "return" always overrode "error_page" response code".
It is not clear if there were any real cases this was expected to fix,
but there are several cases which are broken due to this change, some
previously fixed (4147:7f64de1cc2c0).

In ticket #1634, the problem is that when r->err_status is set to
a non-special status code, it is not possible to return a response
by simply returning r->err_status.  If this is the case, the only
option is to return script's e->status instead.  An example
configuration:

    location / {
        error_page 404 =200 /err502;
        return 404;
    }

    location = /err502 {
        return 502;
    }

After the change, such a configuration will properly return
standard 502 error, much like it happens when a 502 error is
generated by proxy_pass.

This also fixes the following configuration to properly close
connection as clearly requested by "return 444":

    location / {
        error_page 404 /close;
        return 404;
    }

    location = /close {
        return 444;
    }

Previously, this required "error_page 404 = /close;" to work
as intended.

Variables: generic prefix variables.

2017-01-31T18:19:58+00:00

Style.

2016-03-30T08:52:16+00:00

Dynamic modules: changed ngx_modules to cycle->modules.

2016-02-04T15:30:21+00:00

Fixed segfault with incorrect location nesting.

2015-09-11T14:04:04+00:00

A configuration with a named location inside a zero-length prefix
or regex location used to trigger a segmentation fault, as
ngx_http_core_location() failed to properly detect if a nested location
was created.  Example configuration to reproduce the problem:

    location "" {
        location @foo {}
    }

Fix is to not rely on a parent location name length, but rather check
command type we are currently parsing.

Identical fix is also applied to ngx_http_rewrite_if(), which used to
incorrectly assume the "if" directive is on server{} level in such
locations.

Reported by Markus Linnala.
Found with afl-fuzz.

Variables: updated list of prefixes in ngx_http_rewrite_set().

2014-08-27T17:38:08+00:00

Added checks that disallow adding a variable with an empty name.

2012-12-17T19:03:33+00:00

Added variable name syntax checks to "geo" and "map" directives.

Fixed variable syntax checking in "set", "geo", "limit_conn_zone",

2012-12-13T15:05:19+00:00

and "perl_set" directives.