zuiyangqingzhou opened a new issue #5724: URL: https://github.com/apache/apisix/issues/5724
### Issue description The ngx.re.find method is used in the ua-restriction and uri-blocker plug-ins, but there is no strict logical checking of the regex parameter, which in some cases can cause the program to crash. ### Environment - apisix version (cmd: `apisix version`): 2.9.0 - OS (cmd: `uname -a`): x86_64 x86_64 x86_64 GNU/Linux - OpenResty / Nginx version (cmd: `nginx -V` or `openresty -V`): openresty/1.19.9.1 - etcd version, if have (cmd: run `curl http://127.0.0.1:9090/v1/server_info` to get the info from server-info API): - apisix-dashboard version, if have: - the plugin runner version, if the issue is about a plugin runner (cmd: depended on the kind of runner): - luarocks version, if the issue is about installation (cmd: `luarocks --version`): ### Steps to reproduce 1. turn on the ua-restriction plugin ``` curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/test", "plugins": { "ua-restriction": { "denylist": [ null, ], "message": "xxxxx" } }, "upstream": { "type": "roundrobin", "nodes": { "127.0.0.1:9999": 1 } } }' ``` 2. call http request ``` curl -i ‘http://127.0.0.1:9080/test’ -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/7046A194A' ``` ### Actual result HTTP/1.1 500 Internal Server Error Server: openresty Date: Tue, 07 Dec 2021 09:08:55 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive <!DOCTYPE html> <html> <head> <meta content="text/html;charset=utf-8" http-equiv="Content-Type"> <meta content="utf-8" http-equiv="encoding"> <title>500 Internal Server Error</title> <style> body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Sorry, an error occurred.</h1> </body> </html> ### Error log 2021/12/06 08:32:50 [error] 15486#15486: *7140153 lua entry thread aborted: runtime error: /usr/local/openresty/lualib/resty/core/regex.lua:584: attempt to concatenate local 'regex' (a userdata value) stack traceback: coroutine 0: /usr/local/openresty/lualib/resty/core/regex.lua: in function 're_match_compile' /usr/local/openresty/lualib/resty/core/regex.lua:624: in function 're_find' /usr/local/apisix/apisix/plugins/ua-restriction.lua:72: in function 'create_obj_fun' /usr/local/apisix/apisix/core/lrucache.lua:92: in function 'lrucache_useragent' /usr/local/apisix/apisix/plugins/ua-restriction.lua:121: in function 'phase_func' /usr/local/apisix/apisix/plugin.lua:654: in function 'run_plugin' /usr/local/apisix/apisix/init.lua:465: in function 'http_access_phase' access_by_lua(nginx.conf:267):2: in main chunk, client: 10.18.1.80, server: _, request: "GET /test HTTP/1.1", host: "127.0.0.1:9080" ### Expected result _No response_ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
