Greetings fellow nginx-devs,
It looks to me as if an attacker could force the server to use up a large
amount of resources doing ngx_http_regex_exec if the server were to be
configured with a relatively large number of regex server_names.
I would appreciate any ideas on the topic, especially suggestions as to how
some form of caching could be implemented for the responses, so that the
server didn't have to execute the ngx_http_regex_exec on subsequent
requests.
2375 for (i = 0; i < virtual_names->nregex; i++) {
2376
2377 n = ngx_http_regex_exec(r, sn[i].regex, host);
2378
2379 if (n == NGX_DECLINED) {
2380 continue;
2381 }
2382
2383 if (n == NGX_OK) {
2384 *cscfp = sn[i].server;
2385 return NGX_OK;
2386 }
2387
2388 return NGX_ERROR;
2389 }
../src/http/ngx_http_request.c
Regards,
Gabriel
_______________________________________________
nginx mailing list
nginx@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx