[nginx] Userid: ngx_http_get_indexed_variable() error handling.

Sergey Kandaurov Wed, 07 Jun 2017 08:53:09 -0700

details:   http://hg.nginx.org/nginx/rev/e6f399a176e7
branches:  
changeset: 7028:e6f399a176e7
user:      Sergey Kandaurov <pluk...@nginx.com>
date:      Wed Jun 07 18:46:36 2017 +0300
description:
Userid: ngx_http_get_indexed_variable() error handling.


When evaluating a mapped $reset_uid variable in the userid filter,
if get_handler set to ngx_http_map_variable() returned an error,
this previously resulted in a NULL pointer dereference.

diffstat:

 src/http/modules/ngx_http_userid_filter_module.c |  4 ++++
 1 files changed, 4 insertions(+), 0 deletions(-)

diffs (14 lines):

diff -r 6d0e0d982ec0 -r e6f399a176e7 
src/http/modules/ngx_http_userid_filter_module.c
--- a/src/http/modules/ngx_http_userid_filter_module.c  Wed Jun 07 18:46:35 
2017 +0300
+++ b/src/http/modules/ngx_http_userid_filter_module.c  Wed Jun 07 18:46:36 
2017 +0300
@@ -472,6 +472,10 @@ ngx_http_userid_create_uid(ngx_http_requ
 
         vv = ngx_http_get_indexed_variable(r, ngx_http_userid_reset_index);
 
+        if (vv == NULL || vv->not_found) {
+            return NGX_ERROR;
+        }
+
         if (vv->len == 0 || (vv->len == 1 && vv->data[0] == '0')) {
 
             if (conf->mark == '\0'
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

[nginx] Userid: ngx_http_get_indexed_variable() error handling.

Reply via email to