Hello! On Mon, Feb 26, 2018 at 06:01:02PM +0300, Filimonov Vadim wrote:
> # HG changeset patch > # User Vadim Filimonov <[email protected]> > # Date 1519656740 -7200 > # Mon Feb 26 16:52:20 2018 +0200 > # Node ID 00de93c2804c0679adc33dee25cb948e61c04c05 > # Parent 8b70d4caa505656bb5ee3f95246c4f39b62354ef > prevent null character in error log > https://trac.nginx.org/nginx/ticket/1494 Should be something like: Auth basic: prevent null character in error log (ticket #1494). > > diff -r 8b70d4caa505 -r 00de93c2804c > src/http/modules/ngx_http_auth_basic_module.c > --- a/src/http/modules/ngx_http_auth_basic_module.c Thu Feb 22 13:16:21 > 2018 +0300 > +++ b/src/http/modules/ngx_http_auth_basic_module.c Mon Feb 26 16:52:20 > 2018 +0200 > @@ -266,8 +266,8 @@ > } > > ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, > - "user \"%V\" was not found in \"%V\"", > - &r->headers_in.user, &user_file); > + "user \"%V\" was not found in \"%s\"", > + &r->headers_in.user, user_file.data); > > return ngx_http_auth_basic_set_realm(r, &realm); > } Thanks, committed with the above commit log changes. The problem is that ccv.zero flag, as set during ngx_http_compile_complex_value() to produce null-terminated string, includes terminating null character into the string length. Another solution would be to change/fix ccv.zero flag to produce silently zero-terminated string without including terminating null into the string length, though this would be a much more complex change. -- Maxim Dounin http://mdounin.ru/ _______________________________________________ nginx-devel mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx-devel
