Welcome! Log In Create A New Profile

Advanced

[PATCH] Correctly initialize ngx_str_t

Piotr Sikora via nginx-devel
February 27, 2024 08:24PM
# HG changeset patch
# User Piotr Sikora <piotr@aviatrix.com>
# Date 1708977619 0
# Mon Feb 26 20:00:19 2024 +0000
# Branch patch004
# Node ID 52936793ac076072c3544aa4e27f973d2f8fecda
# Parent 8edb4003177dac56301aed7f86f8d2a564b47552
Correctly initialize ngx_str_t.

Previously, only the "len" field was set, which resulted in
an uninitialized "data" field accessed elsewhere in the code.

Note that "r->uri" is initialized to an empty string to avoid
changing the existing value for "$uri" in case of invalid URI.

Found with MemorySanitizer.

Signed-off-by: Piotr Sikora <piotr@aviatrix.com>

diff -r 8edb4003177d -r 52936793ac07 src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/event/ngx_event_openssl.c Mon Feb 26 20:00:19 2024 +0000
@@ -5064,7 +5064,7 @@
n = SSL_get0_raw_cipherlist(c->ssl->connection, &ciphers);

if (n <= 0) {
- s->len = 0;
+ ngx_str_null(s);
return NGX_OK;
}

@@ -5116,7 +5116,7 @@
if (SSL_get_shared_ciphers(c->ssl->connection, (char *) buf, 4096)
== NULL)
{
- s->len = 0;
+ ngx_str_null(s);
return NGX_OK;
}

@@ -5165,7 +5165,7 @@

#endif

- s->len = 0;
+ ngx_str_null(s);
return NGX_OK;
}

@@ -5182,7 +5182,7 @@
n = SSL_get1_curves(c->ssl->connection, NULL);

if (n <= 0) {
- s->len = 0;
+ ngx_str_null(s);
return NGX_OK;
}

@@ -5233,7 +5233,7 @@

#else

- s->len = 0;
+ ngx_str_null(s);

#endif

@@ -5250,7 +5250,7 @@

sess = SSL_get0_session(c->ssl->connection);
if (sess == NULL) {
- s->len = 0;
+ ngx_str_null(s);
return NGX_OK;
}

@@ -5285,7 +5285,7 @@
ngx_int_t
ngx_ssl_get_early_data(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
{
- s->len = 0;
+ ngx_str_null(s);

#ifdef SSL_ERROR_EARLY_DATA_REJECTED

@@ -5335,7 +5335,7 @@

#endif

- s->len = 0;
+ ngx_str_null(s);
return NGX_OK;
}

@@ -5365,7 +5365,7 @@

#endif

- s->len = 0;
+ ngx_str_null(s);
return NGX_OK;
}

@@ -5377,10 +5377,9 @@
BIO *bio;
X509 *cert;

- s->len = 0;
-
cert = SSL_get_peer_certificate(c->ssl->connection);
if (cert == NULL) {
+ ngx_str_null(s);
return NGX_OK;
}

@@ -5433,7 +5432,7 @@
}

if (cert.len == 0) {
- s->len = 0;
+ ngx_str_null(s);
return NGX_OK;
}

@@ -5476,7 +5475,7 @@
}

if (cert.len == 0) {
- s->len = 0;
+ ngx_str_null(s);
return NGX_OK;
}

@@ -5501,10 +5500,9 @@
X509 *cert;
X509_NAME *name;

- s->len = 0;
-
cert = SSL_get_peer_certificate(c->ssl->connection);
if (cert == NULL) {
+ ngx_str_null(s);
return NGX_OK;
}

@@ -5555,10 +5553,9 @@
X509 *cert;
X509_NAME *name;

- s->len = 0;
-
cert = SSL_get_peer_certificate(c->ssl->connection);
if (cert == NULL) {
+ ngx_str_null(s);
return NGX_OK;
}

@@ -5611,10 +5608,9 @@
X509 *cert;
X509_NAME *name;

- s->len = 0;
-
cert = SSL_get_peer_certificate(c->ssl->connection);
if (cert == NULL) {
+ ngx_str_null(s);
return NGX_OK;
}

@@ -5659,10 +5655,9 @@
X509 *cert;
X509_NAME *name;

- s->len = 0;
-
cert = SSL_get_peer_certificate(c->ssl->connection);
if (cert == NULL) {
+ ngx_str_null(s);
return NGX_OK;
}

@@ -5705,10 +5700,9 @@
X509 *cert;
BIO *bio;

- s->len = 0;
-
cert = SSL_get_peer_certificate(c->ssl->connection);
if (cert == NULL) {
+ ngx_str_null(s);
return NGX_OK;
}

@@ -5745,10 +5739,9 @@
unsigned int len;
u_char buf[EVP_MAX_MD_SIZE];

- s->len = 0;
-
cert = SSL_get_peer_certificate(c->ssl->connection);
if (cert == NULL) {
+ ngx_str_null(s);
return NGX_OK;
}

@@ -5818,10 +5811,9 @@
X509 *cert;
size_t len;

- s->len = 0;
-
cert = SSL_get_peer_certificate(c->ssl->connection);
if (cert == NULL) {
+ ngx_str_null(s);
return NGX_OK;
}

@@ -5863,10 +5855,9 @@
X509 *cert;
size_t len;

- s->len = 0;
-
cert = SSL_get_peer_certificate(c->ssl->connection);
if (cert == NULL) {
+ ngx_str_null(s);
return NGX_OK;
}

@@ -5907,10 +5898,9 @@
X509 *cert;
time_t now, end;

- s->len = 0;
-
cert = SSL_get_peer_certificate(c->ssl->connection);
if (cert == NULL) {
+ ngx_str_null(s);
return NGX_OK;
}

diff -r 8edb4003177d -r 52936793ac07 src/event/quic/ngx_event_quic_streams.c
--- a/src/event/quic/ngx_event_quic_streams.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/event/quic/ngx_event_quic_streams.c Mon Feb 26 20:00:19 2024 +0000
@@ -719,8 +719,7 @@
addr_text.len = c->addr_text.len;

} else {
- addr_text.len = 0;
- addr_text.data = NULL;
+ ngx_str_null(&addr_text);
}

reusable = c->reusable;
diff -r 8edb4003177d -r 52936793ac07 src/http/modules/ngx_http_auth_request_module.c
--- a/src/http/modules/ngx_http_auth_request_module.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/http/modules/ngx_http_auth_request_module.c Mon Feb 26 20:00:19 2024 +0000
@@ -373,9 +373,7 @@
value = cf->args->elts;

if (ngx_strcmp(value[1].data, "off") == 0) {
- arcf->uri.len = 0;
- arcf->uri.data = (u_char *) "";
-
+ ngx_str_set(&arcf->uri, "");
return NGX_CONF_OK;
}

diff -r 8edb4003177d -r 52936793ac07 src/http/modules/ngx_http_autoindex_module.c
--- a/src/http/modules/ngx_http_autoindex_module.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/http/modules/ngx_http_autoindex_module.c Mon Feb 26 20:00:19 2024 +0000
@@ -816,7 +816,7 @@
ngx_uint_t i;

if (ngx_http_arg(r, (u_char *) "callback", 8, callback) != NGX_OK) {
- callback->len = 0;
+ ngx_str_null(callback);
return NGX_OK;
}

diff -r 8edb4003177d -r 52936793ac07 src/http/modules/ngx_http_charset_filter_module.c
--- a/src/http/modules/ngx_http_charset_filter_module.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/http/modules/ngx_http_charset_filter_module.c Mon Feb 26 20:00:19 2024 +0000
@@ -437,7 +437,7 @@
charset = lcf->source_charset;

if (charset == NGX_HTTP_CHARSET_OFF) {
- name->len = 0;
+ ngx_str_null(name);
return charset;
}

@@ -502,7 +502,7 @@
* use this charset instead of the next page charset
*/

- r->headers_out.charset.len = 0;
+ ngx_str_null(&r->headers_out.charset);
return;
}

diff -r 8edb4003177d -r 52936793ac07 src/http/modules/ngx_http_limit_conn_module.c
--- a/src/http/modules/ngx_http_limit_conn_module.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/http/modules/ngx_http_limit_conn_module.c Mon Feb 26 20:00:19 2024 +0000
@@ -587,7 +587,7 @@
}

size = 0;
- name.len = 0;
+ ngx_str_null(&name);

for (i = 2; i < cf->args->nelts; i++) {

diff -r 8edb4003177d -r 52936793ac07 src/http/modules/ngx_http_limit_req_module.c
--- a/src/http/modules/ngx_http_limit_req_module.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/http/modules/ngx_http_limit_req_module.c Mon Feb 26 20:00:19 2024 +0000
@@ -862,7 +862,7 @@
size = 0;
rate = 1;
scale = 1;
- name.len = 0;
+ ngx_str_null(&name);

for (i = 2; i < cf->args->nelts; i++) {

diff -r 8edb4003177d -r 52936793ac07 src/http/modules/ngx_http_not_modified_filter_module.c
--- a/src/http/modules/ngx_http_not_modified_filter_module.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/http/modules/ngx_http_not_modified_filter_module.c Mon Feb 26 20:00:19 2024 +0000
@@ -92,8 +92,8 @@
/* not modified */

r->headers_out.status = NGX_HTTP_NOT_MODIFIED;
- r->headers_out.status_line.len = 0;
- r->headers_out.content_type.len = 0;
+ ngx_str_null(&r->headers_out.status_line);
+ ngx_str_null(&r->headers_out.content_type);
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);

diff -r 8edb4003177d -r 52936793ac07 src/http/modules/ngx_http_proxy_module.c
--- a/src/http/modules/ngx_http_proxy_module.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/http/modules/ngx_http_proxy_module.c Mon Feb 26 20:00:19 2024 +0000
@@ -4223,7 +4223,7 @@
return NGX_CONF_ERROR;
}

- plcf->location.len = 0;
+ ngx_str_null(&plcf->location);
}

plcf->url = *url;
diff -r 8edb4003177d -r 52936793ac07 src/http/modules/ngx_http_range_filter_module.c
--- a/src/http/modules/ngx_http_range_filter_module.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/http/modules/ngx_http_range_filter_module.c Mon Feb 26 20:00:19 2024 +0000
@@ -232,7 +232,7 @@
ngx_http_set_ctx(r, ctx, ngx_http_range_body_filter_module);

r->headers_out.status = NGX_HTTP_PARTIAL_CONTENT;
- r->headers_out.status_line.len = 0;
+ ngx_str_null(&r->headers_out.status_line);

if (ctx->ranges.nelts == 1) {
return ngx_http_range_singlepart_header(r, ctx);
@@ -551,7 +551,7 @@

r->headers_out.content_type_len = r->headers_out.content_type.len;

- r->headers_out.charset.len = 0;
+ ngx_str_null(&r->headers_out.charset);

/* the size of the last boundary CRLF "--0123456789--" CRLF */

diff -r 8edb4003177d -r 52936793ac07 src/http/modules/ngx_http_slice_filter_module.c
--- a/src/http/modules/ngx_http_slice_filter_module.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/http/modules/ngx_http_slice_filter_module.c Mon Feb 26 20:00:19 2024 +0000
@@ -174,7 +174,7 @@
ctx->active = 1;

r->headers_out.status = NGX_HTTP_OK;
- r->headers_out.status_line.len = 0;
+ ngx_str_null(&r->headers_out.status_line);
r->headers_out.content_length_n = cr.complete_length;
r->headers_out.content_offset = cr.start;
r->headers_out.content_range->hash = 0;
diff -r 8edb4003177d -r 52936793ac07 src/http/modules/perl/ngx_http_perl_module.c
--- a/src/http/modules/perl/ngx_http_perl_module.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/http/modules/perl/ngx_http_perl_module.c Mon Feb 26 20:00:19 2024 +0000
@@ -240,11 +240,11 @@
uri = ctx->redirect_uri;

} else {
- uri.len = 0;
+ ngx_str_null(&uri);
}

- ctx->filename.data = NULL;
- ctx->redirect_uri.len = 0;
+ ngx_str_null(&ctx->filename);
+ ngx_str_null(&ctx->redirect_uri);

if (rc == NGX_ERROR) {
ngx_http_finalize_request(r, rc);
@@ -366,8 +366,8 @@
}

ctx->variable = saved;
- ctx->filename.data = NULL;
- ctx->redirect_uri.len = 0;
+ ngx_str_null(&ctx->filename);
+ ngx_str_null(&ctx->redirect_uri);

ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"perl variable done");
@@ -469,8 +469,8 @@

}

- ctx->filename.data = NULL;
- ctx->redirect_uri.len = 0;
+ ngx_str_null(&ctx->filename);
+ ngx_str_null(&ctx->redirect_uri);
ctx->ssi = NULL;

ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "perl ssi done");
@@ -793,7 +793,7 @@
return NGX_ERROR;
}

- ctx->redirect_uri.len = 0;
+ ngx_str_null(&ctx->redirect_uri);

if (ctx->header_sent) {
return NGX_ERROR;
diff -r 8edb4003177d -r 52936793ac07 src/http/ngx_http_core_module.c
--- a/src/http/ngx_http_core_module.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/http/ngx_http_core_module.c Mon Feb 26 20:00:19 2024 +0000
@@ -1843,7 +1843,7 @@

if (r->err_status) {
r->headers_out.status = r->err_status;
- r->headers_out.status_line.len = 0;
+ ngx_str_null(&r->headers_out.status_line);
}

return ngx_http_top_header_filter(r);
diff -r 8edb4003177d -r 52936793ac07 src/http/ngx_http_file_cache.c
--- a/src/http/ngx_http_file_cache.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/http/ngx_http_file_cache.c Mon Feb 26 20:00:19 2024 +0000
@@ -1290,7 +1290,7 @@
ngx_shmtx_unlock(&cache->shpool->mutex);

c->secondary = 1;
- c->file.name.len = 0;
+ ngx_str_null(&c->file.name);
c->body_start = c->buffer_size;

ngx_memcpy(c->key, c->variant, NGX_HTTP_CACHE_KEY_LEN);
@@ -1397,7 +1397,7 @@

ngx_shmtx_unlock(&cache->shpool->mutex);

- c->file.name.len = 0;
+ ngx_str_null(&c->file.name);
c->update_variant = 1;

ngx_memcpy(c->key, c->main, NGX_HTTP_CACHE_KEY_LEN);
@@ -2414,7 +2414,7 @@
manager_sleep = 50;
manager_threshold = 200;

- name.len = 0;
+ ngx_str_null(&name);
size = 0;
max_size = NGX_MAX_OFF_T_VALUE;
min_free = 0;
diff -r 8edb4003177d -r 52936793ac07 src/http/ngx_http_parse.c
--- a/src/http/ngx_http_parse.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/http/ngx_http_parse.c Mon Feb 26 20:00:19 2024 +0000
@@ -2133,7 +2133,7 @@
args->data = p;

} else {
- args->len = 0;
+ ngx_str_null(args);
}
}

diff -r 8edb4003177d -r 52936793ac07 src/http/ngx_http_request.c
--- a/src/http/ngx_http_request.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/http/ngx_http_request.c Mon Feb 26 20:00:19 2024 +0000
@@ -1268,7 +1268,7 @@
cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);

if (ngx_http_parse_complex_uri(r, cscf->merge_slashes) != NGX_OK) {
- r->uri.len = 0;
+ ngx_str_set(&r->uri, "");

ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent invalid request");
@@ -3774,7 +3774,7 @@
ctx = log->data;
ctx->request = NULL;

- r->request_line.len = 0;
+ ngx_str_null(&r->request_line);

r->connection->destroyed = 1;

diff -r 8edb4003177d -r 52936793ac07 src/http/ngx_http_script.c
--- a/src/http/ngx_http_script.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/http/ngx_http_script.c Mon Feb 26 20:00:19 2024 +0000
@@ -469,7 +469,7 @@

for (i = 0; i < sc->source->len; /* void */ ) {

- name.len = 0;
+ ngx_str_null(&name);

if (sc->source->data[i] == '$') {

@@ -1268,7 +1268,7 @@
e->buf.len = e->pos - e->buf.data;

if (!code->add_args) {
- r->args.len = 0;
+ ngx_str_null(&r->args);
}
}

diff -r 8edb4003177d -r 52936793ac07 src/http/ngx_http_special_response.c
--- a/src/http/ngx_http_special_response.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/http/ngx_http_special_response.c Mon Feb 26 20:00:19 2024 +0000
@@ -449,7 +449,7 @@
}
}

- r->headers_out.content_type.len = 0;
+ ngx_str_null(&r->headers_out.content_type);

clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);

diff -r 8edb4003177d -r 52936793ac07 src/http/v3/ngx_http_v3_parse.c
--- a/src/http/v3/ngx_http_v3_parse.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/http/v3/ngx_http_v3_parse.c Mon Feb 26 20:00:19 2024 +0000
@@ -1515,7 +1515,7 @@

st->literal.length = st->pint.value;
if (st->literal.length == 0) {
- st->value.len = 0;
+ ngx_str_null(&st->value);
goto done;
}

@@ -1634,7 +1634,7 @@

st->literal.length = st->pint.value;
if (st->literal.length == 0) {
- st->value.len = 0;
+ ngx_str_null(&st->value);
goto done;
}

diff -r 8edb4003177d -r 52936793ac07 src/mail/ngx_mail_imap_handler.c
--- a/src/mail/ngx_mail_imap_handler.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/mail/ngx_mail_imap_handler.c Mon Feb 26 20:00:19 2024 +0000
@@ -149,7 +149,7 @@
}

tag = 1;
- s->text.len = 0;
+ ngx_str_null(&s->text);
ngx_str_set(&s->out, imap_ok);

if (rc == NGX_OK) {
@@ -287,7 +287,7 @@
s->buffer->last = s->buffer->start;
}

- s->tag.len = 0;
+ ngx_str_null(&s->tag);
}
}

diff -r 8edb4003177d -r 52936793ac07 src/mail/ngx_mail_proxy_module.c
--- a/src/mail/ngx_mail_proxy_module.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/mail/ngx_mail_proxy_module.c Mon Feb 26 20:00:19 2024 +0000
@@ -178,7 +178,7 @@

s->proxy->proxy_protocol = pcf->proxy_protocol;

- s->out.len = 0;
+ ngx_str_null(&s->out);

switch (s->protocol) {

diff -r 8edb4003177d -r 52936793ac07 src/stream/ngx_stream_limit_conn_module.c
--- a/src/stream/ngx_stream_limit_conn_module.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/stream/ngx_stream_limit_conn_module.c Mon Feb 26 20:00:19 2024 +0000
@@ -566,7 +566,7 @@
}

size = 0;
- name.len = 0;
+ ngx_str_null(&name);

for (i = 2; i < cf->args->nelts; i++) {

diff -r 8edb4003177d -r 52936793ac07 src/stream/ngx_stream_script.c
--- a/src/stream/ngx_stream_script.c Mon Feb 26 20:00:18 2024 +0000
+++ b/src/stream/ngx_stream_script.c Mon Feb 26 20:00:19 2024 +0000
@@ -373,7 +373,7 @@

for (i = 0; i < sc->source->len; /* void */ ) {

- name.len = 0;
+ ngx_str_null(&name);

if (sc->source->data[i] == '$') {

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx-devel
Subject Author Views Posted

[PATCH] Correctly initialize ngx_str_t

Piotr Sikora via nginx-devel 293 February 27, 2024 08:24PM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 333
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready