Mercurial > hg > nginx
view auto/modules @ 4664:356c91151658 stable-1.2
Merge of r4618: rewrite escaping fix (ticket #162).
The following code resulted in incorrect escaping of uri and possible
segfault:
location / {
rewrite ^(.*) $1?c=$1;
return 200 "$uri";
}
If there were arguments in a rewrite's replacement string, and length was
actually calculated (due to duplicate captures as in the example above,
or variables present), the is_args flag was set and incorrectly copied
after length calculation. This resulted in escaping applied to the uri part
of the replacement, resulting in incorrect escaping. Additionally, buffer
was allocated without escaping expected, thus this also resulted in buffer
overrun and possible segfault.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Mon, 04 Jun 2012 11:07:19 +0000 |
parents | d620f497c50f |
children | 944839adc406 |
line wrap: on
line source
# Copyright (C) Igor Sysoev # Copyright (C) Nginx, Inc. if [ $EVENT_SELECT = NO -a $EVENT_FOUND = NO ]; then EVENT_SELECT=YES fi if [ $EVENT_SELECT = YES ]; then have=NGX_HAVE_SELECT . auto/have CORE_SRCS="$CORE_SRCS $SELECT_SRCS" EVENT_MODULES="$EVENT_MODULES $SELECT_MODULE" fi if [ $EVENT_POLL = NO -a $EVENT_FOUND = NO ]; then EVENT_POLL=YES fi if [ $EVENT_POLL = YES ]; then have=NGX_HAVE_POLL . auto/have CORE_SRCS="$CORE_SRCS $POLL_SRCS" EVENT_MODULES="$EVENT_MODULES $POLL_MODULE" fi if [ $NGX_TEST_BUILD_DEVPOLL = YES ]; then have=NGX_HAVE_DEVPOLL . auto/have have=NGX_TEST_BUILD_DEVPOLL . auto/have EVENT_MODULES="$EVENT_MODULES $DEVPOLL_MODULE" CORE_SRCS="$CORE_SRCS $DEVPOLL_SRCS" fi if [ $NGX_TEST_BUILD_EVENTPORT = YES ]; then have=NGX_HAVE_EVENTPORT . auto/have have=NGX_TEST_BUILD_EVENTPORT . auto/have EVENT_MODULES="$EVENT_MODULES $EVENTPORT_MODULE" CORE_SRCS="$CORE_SRCS $EVENTPORT_SRCS" fi if [ $NGX_TEST_BUILD_EPOLL = YES ]; then have=NGX_HAVE_EPOLL . auto/have have=NGX_HAVE_EVENTFD . auto/have have=NGX_TEST_BUILD_EPOLL . auto/have EVENT_MODULES="$EVENT_MODULES $EPOLL_MODULE" CORE_SRCS="$CORE_SRCS $EPOLL_SRCS" fi if [ $NGX_TEST_BUILD_RTSIG = YES ]; then have=NGX_HAVE_RTSIG . auto/have have=NGX_TEST_BUILD_RTSIG . auto/have EVENT_MODULES="$EVENT_MODULES $RTSIG_MODULE" CORE_SRCS="$CORE_SRCS $RTSIG_SRCS" fi if [ $NGX_TEST_BUILD_SOLARIS_SENDFILEV = YES ]; then have=NGX_TEST_BUILD_SOLARIS_SENDFILEV . auto/have CORE_SRCS="$CORE_SRCS $SOLARIS_SENDFILEV_SRCS" fi if [ $HTTP != YES ]; then have=NGX_CRYPT . auto/nohave CRYPT_LIB= fi if [ $HTTP_CACHE = YES ]; then USE_MD5=YES have=NGX_HTTP_CACHE . auto/have HTTP_SRCS="$HTTP_SRCS $HTTP_FILE_CACHE_SRCS" fi if [ $HTTP_SSI = YES ]; then HTTP_POSTPONE=YES fi if [ $HTTP_ADDITION = YES ]; then HTTP_POSTPONE=YES fi # the module order is important # ngx_http_static_module # ngx_http_gzip_static_module # ngx_http_dav_module # ngx_http_autoindex_module # ngx_http_index_module # ngx_http_random_index_module # # ngx_http_access_module # ngx_http_realip_module # # # the filter order is important # ngx_http_write_filter # ngx_http_header_filter # ngx_http_chunked_filter # ngx_http_range_header_filter # ngx_http_gzip_filter # ngx_http_postpone_filter # ngx_http_ssi_filter # ngx_http_charset_filter # ngx_http_xslt_filter # ngx_http_image_filter # ngx_http_sub_filter # ngx_http_addition_filter # ngx_http_userid_filter # ngx_http_headers_filter # ngx_http_copy_filter # ngx_http_range_body_filter # ngx_http_not_modified_filter HTTP_FILTER_MODULES="$HTTP_WRITE_FILTER_MODULE \ $HTTP_HEADER_FILTER_MODULE \ $HTTP_CHUNKED_FILTER_MODULE \ $HTTP_RANGE_HEADER_FILTER_MODULE" if [ $HTTP_GZIP = YES ]; then have=NGX_HTTP_GZIP . auto/have USE_ZLIB=YES HTTP_FILTER_MODULES="$HTTP_FILTER_MODULES $HTTP_GZIP_FILTER_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_GZIP_SRCS" fi if [ $HTTP_POSTPONE = YES ]; then HTTP_FILTER_MODULES="$HTTP_FILTER_MODULES $HTTP_POSTPONE_FILTER_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_POSTPONE_FILTER_SRCS" fi if [ $HTTP_SSI = YES ]; then have=NGX_HTTP_SSI . auto/have HTTP_FILTER_MODULES="$HTTP_FILTER_MODULES $HTTP_SSI_FILTER_MODULE" HTTP_DEPS="$HTTP_DEPS $HTTP_SSI_DEPS" HTTP_SRCS="$HTTP_SRCS $HTTP_SSI_SRCS" fi if [ $HTTP_CHARSET = YES ]; then HTTP_FILTER_MODULES="$HTTP_FILTER_MODULES $HTTP_CHARSET_FILTER_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_CHARSET_SRCS" fi if [ $HTTP_XSLT = YES ]; then USE_LIBXSLT=YES HTTP_FILTER_MODULES="$HTTP_FILTER_MODULES $HTTP_XSLT_FILTER_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_XSLT_SRCS" fi if [ $HTTP_IMAGE_FILTER = YES ]; then USE_LIBGD=YES HTTP_FILTER_MODULES="$HTTP_FILTER_MODULES $HTTP_IMAGE_FILTER_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_IMAGE_SRCS" fi if [ $HTTP_SUB = YES ]; then HTTP_FILTER_MODULES="$HTTP_FILTER_MODULES $HTTP_SUB_FILTER_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_SUB_SRCS" fi if [ $HTTP_ADDITION = YES ]; then HTTP_FILTER_MODULES="$HTTP_FILTER_MODULES $HTTP_ADDITION_FILTER_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_ADDITION_SRCS" fi if [ $HTTP_USERID = YES ]; then HTTP_FILTER_MODULES="$HTTP_FILTER_MODULES $HTTP_USERID_FILTER_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_USERID_SRCS" fi HTTP_MODULES="$HTTP_MODULES $HTTP_STATIC_MODULE" if [ $HTTP_GZIP_STATIC = YES ]; then have=NGX_HTTP_GZIP . auto/have HTTP_MODULES="$HTTP_MODULES $HTTP_GZIP_STATIC_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_GZIP_STATIC_SRCS" fi if [ $HTTP_DAV = YES ]; then have=NGX_HTTP_DAV . auto/have HTTP_MODULES="$HTTP_MODULES $HTTP_DAV_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_DAV_SRCS" fi if [ $HTTP_AUTOINDEX = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_AUTOINDEX_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_AUTOINDEX_SRCS" fi HTTP_MODULES="$HTTP_MODULES $HTTP_INDEX_MODULE" if [ $HTTP_RANDOM_INDEX = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_RANDOM_INDEX_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_RANDOM_INDEX_SRCS" fi if [ $HTTP_AUTH_BASIC = YES ]; then USE_MD5=YES USE_SHA1=YES have=NGX_CRYPT . auto/have HTTP_MODULES="$HTTP_MODULES $HTTP_AUTH_BASIC_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_AUTH_BASIC_SRCS" CORE_LIBS="$CORE_LIBS $CRYPT_LIB" fi if [ $HTTP_ACCESS = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_ACCESS_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_ACCESS_SRCS" fi if [ $HTTP_LIMIT_CONN = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_LIMIT_CONN_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_LIMIT_CONN_SRCS" fi if [ $HTTP_LIMIT_REQ = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_LIMIT_REQ_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_LIMIT_REQ_SRCS" fi if [ $HTTP_REALIP = YES ]; then have=NGX_HTTP_REALIP . auto/have HTTP_MODULES="$HTTP_MODULES $HTTP_REALIP_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_REALIP_SRCS" fi if [ $HTTP_STATUS = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_STATUS_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_STATUS_SRCS" fi if [ $HTTP_GEO = YES ]; then have=NGX_HTTP_GEO . auto/have HTTP_MODULES="$HTTP_MODULES $HTTP_GEO_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_GEO_SRCS" fi if [ $HTTP_GEOIP = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_GEOIP_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_GEOIP_SRCS" fi if [ $HTTP_MAP = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_MAP_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_MAP_SRCS" fi if [ $HTTP_SPLIT_CLIENTS = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_SPLIT_CLIENTS_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_SPLIT_CLIENTS_SRCS" fi if [ $HTTP_REFERER = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_REFERER_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_REFERER_SRCS" fi if [ $HTTP_REWRITE = YES -a $USE_PCRE != DISABLED ]; then USE_PCRE=YES HTTP_MODULES="$HTTP_MODULES $HTTP_REWRITE_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_REWRITE_SRCS" fi if [ $HTTP_SSL = YES ]; then USE_OPENSSL=YES have=NGX_HTTP_SSL . auto/have HTTP_MODULES="$HTTP_MODULES $HTTP_SSL_MODULE" HTTP_DEPS="$HTTP_DEPS $HTTP_SSL_DEPS" HTTP_SRCS="$HTTP_SRCS $HTTP_SSL_SRCS" fi if [ $HTTP_PROXY = YES ]; then have=NGX_HTTP_PROXY . auto/have #USE_MD5=YES HTTP_MODULES="$HTTP_MODULES $HTTP_PROXY_MODULE" HTTP_DEPS="$HTTP_DEPS $HTTP_PROXY_DEPS" HTTP_SRCS="$HTTP_SRCS $HTTP_PROXY_SRCS" fi if [ $HTTP_FASTCGI = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_FASTCGI_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_FASTCGI_SRCS" fi if [ $HTTP_UWSGI = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_UWSGI_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_UWSGI_SRCS" fi if [ $HTTP_SCGI = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_SCGI_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_SCGI_SRCS" fi if [ $HTTP_PERL = YES ]; then USE_PERL=YES HTTP_MODULES="$HTTP_MODULES $HTTP_PERL_MODULE" HTTP_INCS="$HTTP_INCS $HTTP_PERL_INCS" HTTP_DEPS="$HTTP_DEPS $HTTP_PERL_DEPS" HTTP_SRCS="$HTTP_SRCS $HTTP_PERL_SRCS" fi if [ $HTTP_MEMCACHED = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_MEMCACHED_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_MEMCACHED_SRCS" fi if [ $HTTP_EMPTY_GIF = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_EMPTY_GIF_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_EMPTY_GIF_SRCS" fi if [ $HTTP_BROWSER = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_BROWSER_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_BROWSER_SRCS" fi if [ $HTTP_SECURE_LINK = YES ]; then USE_MD5=YES HTTP_MODULES="$HTTP_MODULES $HTTP_SECURE_LINK_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_SECURE_LINK_SRCS" fi if [ $HTTP_DEGRADATION = YES ]; then have=NGX_HTTP_DEGRADATION . auto/have HTTP_MODULES="$HTTP_MODULES $HTTP_DEGRADATION_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_DEGRADATION_SRCS" fi if [ $HTTP_FLV = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_FLV_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_FLV_SRCS" fi if [ $HTTP_MP4 = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_MP4_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_MP4_SRCS" fi if [ $HTTP_UPSTREAM_IP_HASH = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_UPSTREAM_IP_HASH_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_UPSTREAM_IP_HASH_SRCS" fi if [ $HTTP_UPSTREAM_KEEPALIVE = YES ]; then HTTP_MODULES="$HTTP_MODULES $HTTP_UPSTREAM_KEEPALIVE_MODULE" HTTP_SRCS="$HTTP_SRCS $HTTP_UPSTREAM_KEEPALIVE_SRCS" fi if [ $HTTP_STUB_STATUS = YES ]; then have=NGX_STAT_STUB . auto/have HTTP_MODULES="$HTTP_MODULES ngx_http_stub_status_module" HTTP_SRCS="$HTTP_SRCS src/http/modules/ngx_http_stub_status_module.c" fi #if [ -r $NGX_OBJS/auto ]; then # . $NGX_OBJS/auto #fi if test -n "$NGX_ADDONS"; then echo configuring additional modules for ngx_addon_dir in $NGX_ADDONS do echo "adding module in $ngx_addon_dir" if test -f $ngx_addon_dir/config; then . $ngx_addon_dir/config echo " + $ngx_addon_name was configured" else echo "$0: error: no $ngx_addon_dir/config was found" exit 1 fi done fi if [ $MAIL_SSL = YES ]; then have=NGX_MAIL_SSL . auto/have USE_OPENSSL=YES fi modules="$CORE_MODULES $EVENT_MODULES" if [ $USE_OPENSSL = YES ]; then modules="$modules $OPENSSL_MODULE" CORE_DEPS="$CORE_DEPS $OPENSSL_DEPS" CORE_SRCS="$CORE_SRCS $OPENSSL_SRCS" fi if [ $USE_PCRE = YES ]; then modules="$modules $REGEX_MODULE" CORE_DEPS="$CORE_DEPS $REGEX_DEPS" CORE_SRCS="$CORE_SRCS $REGEX_SRCS" fi if [ $HTTP = YES ]; then modules="$modules $HTTP_MODULES $HTTP_FILTER_MODULES \ $HTTP_HEADERS_FILTER_MODULE \ $HTTP_AUX_FILTER_MODULES \ $HTTP_COPY_FILTER_MODULE \ $HTTP_RANGE_BODY_FILTER_MODULE \ $HTTP_NOT_MODIFIED_FILTER_MODULE" NGX_ADDON_DEPS="$NGX_ADDON_DEPS \$(HTTP_DEPS)" fi if [ $MAIL = YES ]; then modules="$modules $MAIL_MODULES" if [ $MAIL_SSL = YES ]; then modules="$modules $MAIL_SSL_MODULE" MAIL_DEPS="$MAIL_DEPS $MAIL_SSL_DEPS" MAIL_SRCS="$MAIL_SRCS $MAIL_SSL_SRCS" fi if [ $MAIL_POP3 = YES ]; then modules="$modules $MAIL_POP3_MODULE" MAIL_DEPS="$MAIL_DEPS $MAIL_POP3_DEPS" MAIL_SRCS="$MAIL_SRCS $MAIL_POP3_SRCS" fi if [ $MAIL_IMAP = YES ]; then modules="$modules $MAIL_IMAP_MODULE" MAIL_DEPS="$MAIL_DEPS $MAIL_IMAP_DEPS" MAIL_SRCS="$MAIL_SRCS $MAIL_IMAP_SRCS" fi if [ $MAIL_SMTP = YES ]; then modules="$modules $MAIL_SMTP_MODULE" MAIL_DEPS="$MAIL_DEPS $MAIL_SMTP_DEPS" MAIL_SRCS="$MAIL_SRCS $MAIL_SMTP_SRCS" fi modules="$modules $MAIL_AUTH_HTTP_MODULE" MAIL_SRCS="$MAIL_SRCS $MAIL_AUTH_HTTP_SRCS" modules="$modules $MAIL_PROXY_MODULE" MAIL_SRCS="$MAIL_SRCS $MAIL_PROXY_SRCS" fi if [ $NGX_GOOGLE_PERFTOOLS = YES ]; then modules="$modules $NGX_GOOGLE_PERFTOOLS_MODULE" NGX_MISC_SRCS="$NGX_MISC_SRCS $NGX_GOOGLE_PERFTOOLS_SRCS" fi if [ $NGX_CPP_TEST = YES ]; then NGX_MISC_SRCS="$NGX_MISC_SRCS $NGX_CPP_TEST_SRCS" fi cat << END > $NGX_MODULES_C #include <ngx_config.h> #include <ngx_core.h> $NGX_PRAGMA END for mod in $modules do echo "extern ngx_module_t $mod;" >> $NGX_MODULES_C done echo >> $NGX_MODULES_C echo 'ngx_module_t *ngx_modules[] = {' >> $NGX_MODULES_C for mod in $modules do echo " &$mod," >> $NGX_MODULES_C done cat << END >> $NGX_MODULES_C NULL }; END