| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
|
|
Fixed compilation with -Wmissing-prototypes. Added a commented
out -Wmissing-prototypes to CFLAGS. It is commented out to not break
builds with 3rd party modules.
|
|
|
|
With previous code wildcard names were added to hash even if conflict
was detected. This resulted in identical names in hash and segfault
later in ngx_hash_wildcard_init().
|
|
*) Resolver: fixed format specification.
Patch by Yichun Zhang (agentzh).
*) Support for IPv6 literals and an optional port in resolver.
*) Fixed crash in ngx_resolver_cleanup_tree().
If sending a DNS request fails with an error (e.g., when mistakenly
trying to send it to a local IP broadcast), such a request is not
deleted if there are clients waiting on it. However, it was still
erroneously removed from the queue. Later ngx_resolver_cleanup_tree()
attempted to remove it from the queue again that resulted in a NULL
pointer dereference.
*) When "resolver" is configured with a domain name, only the first
resolved address was used. Now all addresses will be used.
*) Fixed segfault with poll and resolver used.
Poll event method needs ngx_cycle->files to work, and use of
ngx_exit_cycle without files set caused null pointer dereference in
resolver's cleanup on udp socket close.
|
|
|
|
Code reduction (no functional changes).
|
|
Fixed potential null pointer dereference in ngx_resolver_create().
While here, improved error message.
|
|
Removed historical and now redundant syntax pre-checks in ngx_parse_url().
|
|
Fixed the ngx_regex.h header file compatibility with C++. Fixed
building --with-cpp_test_module on some systems.
|
|
|
|
*) Fixed segmentation fault in ngx_resolver_create_name_query().
If name passed for resolution was { 0, NULL } (e.g. as a result
of name server returning CNAME pointing to ".") pointer wrapped
to (void *) -1 resulting in segmentation fault on an attempt to
dereference it.
Reported by Lanshun Zhou.
*) Resolver: protection from duplicate responses.
If we already had CNAME in resolver node (i.e. rn->cnlen and rn->u.cname
set), and got additional response with A record, it resulted in rn->cnlen
set and rn->u.cname overwritten by rn->u.addr (or rn->u.addrs), causing
segmentation fault later in ngx_resolver_free_node() on an attempt to free
overwritten rn->u.cname. The opposite (i.e. CNAME got after A) might cause
similar problems as well.
|
|
|
|
|
|
ngx_sprintf("%.2f", 0.999) incorrectly resulted in "0.100" instead of "1.00".
|
|
consists solely of one unterminated token (inspired by #150).
|
|
|
|
|
|
|
|
In collaboration with Maxim Dounin.
|
|
Integer overflow is undefined behaviour in C and this indeed caused
problems on Solaris/SPARC (at least in some cases). Fix is to
subtract unsigned integers instead, and then cast result to a signed
one, which is implementation-defined behaviour and used to work.
Strictly speaking, we should compare (unsigned) result with the maximum
value of the corresponding signed integer type instead, this will be
defined behaviour. This will require much more changes though, and
considered to be overkill for now.
|
|
|
|
the allowed range.
|
|
|
|
|
|
Found by Veracode.
|
|
|
|
|
|
|
|
|
|
|
|
Previous code incorrectly assumed that nodes with identical keys are linked
together. This might not be true after tree rebalance.
Patch by Lanshun Zhou.
|
|
The cycle->new_log.file may not be set before config parsing finished if
there are no error_log directive defined at global level. Fix is to
copy it after config parsing.
Patch by Roman Arutyunyan.
|
|
|
|
|
|
the last path component if "if_not_owner" parameter is used.
To prevent race condition we have to open a file before checking its owner and
there's no way to change access flags for already opened file descriptor, so
we disable symlinks for the last path component at all if flags allow creating
or truncating the file.
|
|
In collaboration with Ruslan Ermilov.
|
|
Solaris has AT_FDCWD defined to unsigned value, and comparison of a file
descriptor with it causes warnings in modern versions of gcc. Explicitly
cast AT_FDCWD to ngx_fd_t to resolve these warnings.
|
|
|
|
|
|
This includes non-absolute pathnames, multiple slashes and trailing
slashes. In collaboration with Valentin Bartenev.
|
|
Notably this fixes NGX_INVALID_FILE/NGX_FILE_ERROR mess, and adds
logging of close() errors. In collaboration with Valentin Bartenev.
|
|
To completely disable symlinks (disable_symlinks on)
we use openat(O_NOFOLLOW) for each path component
to avoid races.
To allow symlinks with the same owner (disable_symlinks if_not_owner),
use openat() (followed by fstat()) and fstatat(AT_SYMLINK_NOFOLLOW),
and then compare uids between fstat() and fstatat().
As there is a race between openat() and fstatat() we don't
know if openat() in fact opened symlink or not. Therefore,
we have to compare uids even if fstatat() reports the opened
component isn't a symlink (as we don't know whether it was
symlink during openat() or not).
Default value is off, i.e. symlinks are allowed.
|
|
No functional changes.
|
|
Nuke NGX_PARSE_LARGE_TIME, it's not used since 0.6.30. The only error
ngx_parse_time() can currently return is NGX_ERROR, check it explicitly
and make sure to cast it to appropriate type (either time_t or ngx_msec_t)
to avoid signedness warnings on platforms with unsigned time_t (notably QNX).
|
|
|
|
The PCRE JIT compiler uses mmap to allocate memory for its executable codes, so
we have to explicitly call the pcre_free_study() function to free this memory.
|
|
|
