Mercurial > hg > nginx
changeset 4963:9f4cdc7a8578
Fixed variable syntax checking in "set", "geo", "limit_conn_zone",
and "perl_set" directives.
author | Ruslan Ermilov <ru@nginx.com> |
---|---|
date | Thu, 13 Dec 2012 15:05:19 +0000 |
parents | 13a5202b6b4b |
children | 2464ccebdb52 |
files | src/http/modules/ngx_http_geo_module.c src/http/modules/ngx_http_limit_conn_module.c src/http/modules/ngx_http_rewrite_module.c src/http/modules/perl/ngx_http_perl_module.c |
diffstat | 4 files changed, 11 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/src/http/modules/ngx_http_geo_module.c Thu Dec 13 13:45:39 2012 +0000 +++ b/src/http/modules/ngx_http_geo_module.c Thu Dec 13 15:05:19 2012 +0000 @@ -322,6 +322,13 @@ } name = value[1]; + + if (name.len < 2 || name.data[0] != '$') { + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, + "invalid variable name \"%V\"", &name); + return NGX_CONF_ERROR; + } + name.len--; name.data++;
--- a/src/http/modules/ngx_http_limit_conn_module.c Thu Dec 13 13:45:39 2012 +0000 +++ b/src/http/modules/ngx_http_limit_conn_module.c Thu Dec 13 15:05:19 2012 +0000 @@ -540,7 +540,7 @@ continue; } - if (value[i].data[0] == '$') { + if (value[i].len > 1 && value[i].data[0] == '$') { value[i].len--; value[i].data++; @@ -613,7 +613,7 @@ value = cf->args->elts; - if (value[2].data[0] != '$') { + if (value[2].len < 2 || value[2].data[0] != '$') { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "invalid variable name \"%V\"", &value[2]); return NGX_CONF_ERROR;
--- a/src/http/modules/ngx_http_rewrite_module.c Thu Dec 13 13:45:39 2012 +0000 +++ b/src/http/modules/ngx_http_rewrite_module.c Thu Dec 13 15:05:19 2012 +0000 @@ -908,7 +908,7 @@ value = cf->args->elts; - if (value[1].data[0] != '$') { + if (value[1].len < 2 || value[1].data[0] != '$') { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "invalid variable name \"%V\"", &value[1]); return NGX_CONF_ERROR;
--- a/src/http/modules/perl/ngx_http_perl_module.c Thu Dec 13 13:45:39 2012 +0000 +++ b/src/http/modules/perl/ngx_http_perl_module.c Thu Dec 13 15:05:19 2012 +0000 @@ -968,7 +968,7 @@ value = cf->args->elts; - if (value[1].data[0] != '$') { + if (value[1].len < 2 || value[1].data[0] != '$') { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "invalid variable name \"%V\"", &value[1]); return NGX_CONF_ERROR;