diff options
author | NGINX team <nginx@nginx.org> | 2012-08-21 13:27:51 +0000 |
---|---|---|
committer | Jon Kolb <jon@b0g.us> | 2012-08-21 13:27:51 +0000 |
commit | 36abb5aeb0daa0ff0d466378025584765b73e047 (patch) | |
tree | 5581159a11f4af9b9056df247c07f72dd89147fc | |
parent | c5f35ac53731b0475f8ec5a73ee6b9a9d8d3550d (diff) | |
download | nginx-36abb5aeb0daa0ff0d466378025584765b73e047.tar.gz |
Changes with nginx 1.3.5 21 Aug 2012v1.3.5
*) Change: the ngx_http_mp4_module module no longer skips tracks in
formats other than H.264 and AAC.
*) Bugfix: a segmentation fault might occur in a worker process if the
"map" directive was used with variables as values.
*) Bugfix: a segmentation fault might occur in a worker process if the
"geo" directive was used with the "ranges" parameter but without the
"default" parameter; the bug had appeared in 0.8.43.
Thanks to Zhen Chen and Weibin Yao.
*) Bugfix: in the -p command-line parameter handling.
*) Bugfix: in the mail proxy server.
*) Bugfix: of minor potential bugs.
Thanks to Coverity.
*) Bugfix: nginx/Windows could not be built with Visual Studio 2005
Express.
Thanks to HAYASHI Kentaro.
26 files changed, 141 insertions, 65 deletions
@@ -1,4 +1,29 @@ +Changes with nginx 1.3.5 21 Aug 2012 + + *) Change: the ngx_http_mp4_module module no longer skips tracks in + formats other than H.264 and AAC. + + *) Bugfix: a segmentation fault might occur in a worker process if the + "map" directive was used with variables as values. + + *) Bugfix: a segmentation fault might occur in a worker process if the + "geo" directive was used with the "ranges" parameter but without the + "default" parameter; the bug had appeared in 0.8.43. + Thanks to Zhen Chen and Weibin Yao. + + *) Bugfix: in the -p command-line parameter handling. + + *) Bugfix: in the mail proxy server. + + *) Bugfix: of minor potential bugs. + Thanks to Coverity. + + *) Bugfix: nginx/Windows could not be built with Visual Studio 2005 + Express. + Thanks to HAYASHI Kentaro. + + Changes with nginx 1.3.4 31 Jul 2012 *) Change: the "ipv6only" parameter is now turned on by default for diff --git a/CHANGES.ru b/CHANGES.ru index fe4cdad04..397cbb927 100644 --- a/CHANGES.ru +++ b/CHANGES.ru @@ -1,4 +1,28 @@ +Изменения в nginx 1.3.5 21.08.2012 + + *) Изменение: модуль ngx_http_mp4_module больше не отфильтровывает + дорожки в форматах, отличных от H.264 и AAC. + + *) Исправление: в рабочем процессе мог произойти segmentation fault, + если в директиве map в качестве значений использовались переменные. + + *) Исправление: в рабочем процессе мог произойти segmentation fault при + использовании директивы geo с параметром ranges, но без параметра + default; ошибка появилась в 0.8.43. + Спасибо Zhen Chen и Weibin Yao. + + *) Исправление: в обработке параметра командной строки -p. + + *) Исправление: в почтовом прокси-сервере. + + *) Исправление: незначительных потенциальных ошибок. + Спасибо Coverity. + + *) Исправление: nginx/Windows не собирался с Visual Studio 2005 Express. + Спасибо HAYASHI Kentaro. + + Изменения в nginx 1.3.4 31.07.2012 *) Изменение: теперь на слушающих IPv6-сокетах параметр ipv6only включён diff --git a/src/core/nginx.c b/src/core/nginx.c index f21e77d30..c7f84fd67 100644 --- a/src/core/nginx.c +++ b/src/core/nginx.c @@ -836,7 +836,7 @@ ngx_process_options(ngx_cycle_t *cycle) len = ngx_strlen(ngx_prefix); p = ngx_prefix; - if (!ngx_path_separator(*p)) { + if (len && !ngx_path_separator(p[len - 1])) { p = ngx_pnalloc(cycle->pool, len + 1); if (p == NULL) { return NGX_ERROR; diff --git a/src/core/nginx.h b/src/core/nginx.h index 9ab9bc53c..a0a15012b 100644 --- a/src/core/nginx.h +++ b/src/core/nginx.h @@ -9,8 +9,8 @@ #define _NGINX_H_INCLUDED_ -#define nginx_version 1003004 -#define NGINX_VERSION "1.3.4" +#define nginx_version 1003005 +#define NGINX_VERSION "1.3.5" #define NGINX_VER "nginx/" NGINX_VERSION #define NGINX_VAR "NGINX" diff --git a/src/core/ngx_crypt.c b/src/core/ngx_crypt.c index 365f9c82a..b2e25b901 100644 --- a/src/core/ngx_crypt.c +++ b/src/core/ngx_crypt.c @@ -194,6 +194,7 @@ static ngx_int_t ngx_crypt_ssha(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) { size_t len; + ngx_int_t rc; ngx_str_t encoded, decoded; ngx_sha1_t sha1; @@ -204,12 +205,18 @@ ngx_crypt_ssha(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) encoded.data = salt + sizeof("{SSHA}") - 1; encoded.len = ngx_strlen(encoded.data); - decoded.data = ngx_pnalloc(pool, ngx_base64_decoded_length(encoded.len)); + len = ngx_max(ngx_base64_decoded_length(encoded.len), 20); + + decoded.data = ngx_pnalloc(pool, len); if (decoded.data == NULL) { return NGX_ERROR; } - ngx_decode_base64(&decoded, &encoded); + rc = ngx_decode_base64(&decoded, &encoded); + + if (rc != NGX_OK || decoded.len < 20) { + decoded.len = 20; + } /* update SHA1 from key and salt */ diff --git a/src/core/ngx_cycle.c b/src/core/ngx_cycle.c index 2da0bf91a..e5468ae9b 100644 --- a/src/core/ngx_cycle.c +++ b/src/core/ngx_cycle.c @@ -1285,14 +1285,6 @@ ngx_shared_memory_add(ngx_conf_t *cf, ngx_str_t *name, size_t size, void *tag) continue; } - if (size && size != shm_zone[i].shm.size) { - ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "the size %uz of shared memory zone \"%V\" " - "conflicts with already declared size %uz", - size, &shm_zone[i].shm.name, shm_zone[i].shm.size); - return NULL; - } - if (tag != shm_zone[i].tag) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "the shared memory zone \"%V\" is " @@ -1301,6 +1293,14 @@ ngx_shared_memory_add(ngx_conf_t *cf, ngx_str_t *name, size_t size, void *tag) return NULL; } + if (size && size != shm_zone[i].shm.size) { + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, + "the size %uz of shared memory zone \"%V\" " + "conflicts with already declared size %uz", + size, &shm_zone[i].shm.name, shm_zone[i].shm.size); + return NULL; + } + return &shm_zone[i]; } diff --git a/src/core/ngx_radix_tree.c b/src/core/ngx_radix_tree.c index b95cbc013..5b35d1e49 100644 --- a/src/core/ngx_radix_tree.c +++ b/src/core/ngx_radix_tree.c @@ -60,7 +60,7 @@ ngx_radix_tree_create(ngx_pool_t *pool, ngx_int_t preallocate) */ if (preallocate == -1) { - switch (ngx_pagesize / sizeof(ngx_radix_tree_t)) { + switch (ngx_pagesize / sizeof(ngx_radix_node_t)) { /* amd64 */ case 128: diff --git a/src/core/ngx_resolver.c b/src/core/ngx_resolver.c index 3e75e05a3..178e0831d 100644 --- a/src/core/ngx_resolver.c +++ b/src/core/ngx_resolver.c @@ -113,15 +113,6 @@ ngx_resolver_create(ngx_conf_t *cf, ngx_str_t *names, ngx_uint_t n) return NULL; } - if (n) { - if (ngx_array_init(&r->udp_connections, cf->pool, n, - sizeof(ngx_udp_connection_t)) - != NGX_OK) - { - return NULL; - } - } - cln->data = r; r->event = ngx_calloc(sizeof(ngx_event_t), cf->log); @@ -153,6 +144,15 @@ ngx_resolver_create(ngx_conf_t *cf, ngx_str_t *names, ngx_uint_t n) r->log = &cf->cycle->new_log; r->log_level = NGX_LOG_ERR; + if (n) { + if (ngx_array_init(&r->udp_connections, cf->pool, n, + sizeof(ngx_udp_connection_t)) + != NGX_OK) + { + return NULL; + } + } + for (i = 0; i < n; i++) { if (ngx_strncmp(names[i].data, "valid=", 6) == 0) { s.len = names[i].len - 6; diff --git a/src/core/ngx_string.c b/src/core/ngx_string.c index 8aaa1d2ed..3b392f7b2 100644 --- a/src/core/ngx_string.c +++ b/src/core/ngx_string.c @@ -1827,7 +1827,7 @@ ngx_sort(void *base, size_t n, size_t size, #if (NGX_MEMCPY_LIMIT) void * -ngx_memcpy(void *dst, void *src, size_t n) +ngx_memcpy(void *dst, const void *src, size_t n) { if (n > NGX_MEMCPY_LIMIT) { ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, 0, "memcpy %uz bytes", n); diff --git a/src/core/ngx_string.h b/src/core/ngx_string.h index fa386ca72..92d246ebc 100644 --- a/src/core/ngx_string.h +++ b/src/core/ngx_string.h @@ -89,7 +89,7 @@ ngx_strlchr(u_char *p, u_char *last, u_char c) #if (NGX_MEMCPY_LIMIT) -void *ngx_memcpy(void *dst, void *src, size_t n); +void *ngx_memcpy(void *dst, const void *src, size_t n); #define ngx_cpymem(dst, src, n) (((u_char *) ngx_memcpy(dst, src, n)) + (n)) #else diff --git a/src/core/ngx_times.c b/src/core/ngx_times.c index ed1bf64bc..77490faf0 100644 --- a/src/core/ngx_times.c +++ b/src/core/ngx_times.c @@ -211,6 +211,10 @@ ngx_time_sigsafe_update(void) slot++; } + tp = &cached_time[slot]; + + tp->sec = 0; + ngx_gmtime(sec + cached_gmtoff * 60, &tm); p = &cached_err_log_time[slot][0]; diff --git a/src/event/ngx_event.c b/src/event/ngx_event.c index 600a43394..976bd6465 100644 --- a/src/event/ngx_event.c +++ b/src/event/ngx_event.c @@ -1214,7 +1214,7 @@ ngx_event_core_init_conf(ngx_cycle_t *cycle, void *conf) fd = epoll_create(100); if (fd != -1) { - close(fd); + (void) close(fd); module = &ngx_epoll_module; } else if (ngx_errno != NGX_ENOSYS) { diff --git a/src/http/modules/ngx_http_fastcgi_module.c b/src/http/modules/ngx_http_fastcgi_module.c index 55c3aef29..e8ff24cac 100644 --- a/src/http/modules/ngx_http_fastcgi_module.c +++ b/src/http/modules/ngx_http_fastcgi_module.c @@ -1626,6 +1626,9 @@ ngx_http_fastcgi_process_header(ngx_http_request_t *r) } part = ngx_array_push(f->split_parts); + if (part == NULL) { + return NGX_ERROR; + } part->start = part_start; part->end = part_end; diff --git a/src/http/modules/ngx_http_geo_module.c b/src/http/modules/ngx_http_geo_module.c index 189d8ed50..230816247 100644 --- a/src/http/modules/ngx_http_geo_module.c +++ b/src/http/modules/ngx_http_geo_module.c @@ -400,15 +400,15 @@ ngx_http_geo_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) } } + if (ctx.high.default_value == NULL) { + ctx.high.default_value = &ngx_http_variable_null_value; + } + geo->u.high = ctx.high; var->get_handler = ngx_http_geo_range_variable; var->data = (uintptr_t) geo; - if (ctx.high.default_value == NULL) { - ctx.high.default_value = &ngx_http_variable_null_value; - } - ngx_destroy_pool(ctx.temp_pool); ngx_destroy_pool(pool); diff --git a/src/http/modules/ngx_http_limit_conn_module.c b/src/http/modules/ngx_http_limit_conn_module.c index 106da7a53..e82ca493d 100644 --- a/src/http/modules/ngx_http_limit_conn_module.c +++ b/src/http/modules/ngx_http_limit_conn_module.c @@ -721,6 +721,10 @@ ngx_http_limit_conn(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) } limit = ngx_array_push(&lccf->limits); + if (limit == NULL) { + return NGX_CONF_ERROR; + } + limit->conn = n; limit->shm_zone = shm_zone; diff --git a/src/http/modules/ngx_http_limit_req_module.c b/src/http/modules/ngx_http_limit_req_module.c index 18db71549..3f9910e71 100644 --- a/src/http/modules/ngx_http_limit_req_module.c +++ b/src/http/modules/ngx_http_limit_req_module.c @@ -937,6 +937,9 @@ ngx_http_limit_req(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) } limit = ngx_array_push(&lrcf->limits); + if (limit == NULL) { + return NGX_CONF_ERROR; + } limit->shm_zone = shm_zone; limit->burst = burst * 1000; diff --git a/src/http/modules/ngx_http_map_module.c b/src/http/modules/ngx_http_map_module.c index e8a4ab4cc..54f9ec445 100644 --- a/src/http/modules/ngx_http_map_module.c +++ b/src/http/modules/ngx_http_map_module.c @@ -416,11 +416,12 @@ ngx_http_map(ngx_conf_t *cf, ngx_command_t *dummy, void *conf) for (i = 0; i < ctx->var_values.nelts; i++) { if (index == (ngx_int_t) var[i].data) { + var = &var[i]; goto found; } } - var = ngx_palloc(ctx->keys.pool, sizeof(ngx_http_variable_value_t)); + var = ngx_array_push(&ctx->var_values); if (var == NULL) { return NGX_CONF_ERROR; } @@ -431,13 +432,6 @@ ngx_http_map(ngx_conf_t *cf, ngx_command_t *dummy, void *conf) var->len = 0; var->data = (u_char *) index; - vp = ngx_array_push(&ctx->var_values); - if (vp == NULL) { - return NGX_CONF_ERROR; - } - - *vp = var; - goto found; } diff --git a/src/http/modules/ngx_http_mp4_module.c b/src/http/modules/ngx_http_mp4_module.c index a216c87ef..b864858ea 100644 --- a/src/http/modules/ngx_http_mp4_module.c +++ b/src/http/modules/ngx_http_mp4_module.c @@ -1842,14 +1842,6 @@ ngx_http_mp4_read_stsd_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) ngx_mp4_get_32value(stsd_atom->entries), 4, stsd_atom->media_name); - /* supported media format: "avc1" (H.264) and "mp4a" (MPEG-4/AAC) */ - - if (ngx_strncmp(stsd_atom->media_name, "avc1", 4) != 0 - && ngx_strncmp(stsd_atom->media_name, "mp4a", 4) != 0) - { - return NGX_DECLINED; - } - trak = ngx_mp4_last_trak(mp4); atom = &trak->stsd_atom_buf; diff --git a/src/http/modules/ngx_http_ssi_filter_module.c b/src/http/modules/ngx_http_ssi_filter_module.c index 13badac61..eb286cc34 100644 --- a/src/http/modules/ngx_http_ssi_filter_module.c +++ b/src/http/modules/ngx_http_ssi_filter_module.c @@ -1025,6 +1025,7 @@ ngx_http_ssi_parse(ngx_http_request_t *r, ngx_http_ssi_ctx_t *ctx) switch (state) { case ssi_start_state: + /* not reached */ break; case ssi_tag_state: diff --git a/src/http/modules/perl/nginx.pm b/src/http/modules/perl/nginx.pm index 8a4cafa3a..7c2972cd9 100644 --- a/src/http/modules/perl/nginx.pm +++ b/src/http/modules/perl/nginx.pm @@ -50,7 +50,7 @@ our @EXPORT = qw( HTTP_INSUFFICIENT_STORAGE ); -our $VERSION = '1.3.4'; +our $VERSION = '1.3.5'; require XSLoader; XSLoader::load('nginx', $VERSION); diff --git a/src/http/ngx_http_core_module.c b/src/http/ngx_http_core_module.c index 14dc2cef3..8667ae985 100644 --- a/src/http/ngx_http_core_module.c +++ b/src/http/ngx_http_core_module.c @@ -1820,9 +1820,9 @@ ngx_http_set_etag(ngx_http_request_t *r) { ngx_table_elt_t *etag; ngx_http_core_loc_conf_t *clcf; - + clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module); - + if (!clcf->etag) { return NGX_OK; } diff --git a/src/mail/ngx_mail.c b/src/mail/ngx_mail.c index 49ec2e05b..3812e1517 100644 --- a/src/mail/ngx_mail.c +++ b/src/mail/ngx_mail.c @@ -263,6 +263,12 @@ ngx_mail_add_ports(ngx_conf_t *cf, ngx_array_t *ports, break; #endif +#if (NGX_HAVE_UNIX_DOMAIN) + case AF_UNIX: + p = 0; + break; +#endif + default: /* AF_INET */ sin = (struct sockaddr_in *) sa; p = sin->sin_port; @@ -539,6 +545,11 @@ ngx_mail_cmp_conf_addrs(const void *one, const void *two) return 1; } + if (second->wildcard) { + /* a wildcard must be the last resort, shift it to the end */ + return -1; + } + if (first->bind && !second->bind) { /* shift explicit bind()ed addresses to the start */ return -1; diff --git a/src/mail/ngx_mail_auth_http_module.c b/src/mail/ngx_mail_auth_http_module.c index c23c4bad7..d2bd4ad61 100644 --- a/src/mail/ngx_mail_auth_http_module.c +++ b/src/mail/ngx_mail_auth_http_module.c @@ -1332,7 +1332,7 @@ ngx_mail_auth_http_merge_conf(ngx_conf_t *cf, void *parent, void *child) if (conf->peer == NULL) { ngx_log_error(NGX_LOG_EMERG, cf->log, 0, - "no \"http_auth\" is defined for server in %s:%ui", + "no \"auth_http\" is defined for server in %s:%ui", conf->file, conf->line); return NGX_CONF_ERROR; diff --git a/src/mail/ngx_mail_core_module.c b/src/mail/ngx_mail_core_module.c index f0dee7283..be8673c29 100644 --- a/src/mail/ngx_mail_core_module.c +++ b/src/mail/ngx_mail_core_module.c @@ -340,6 +340,14 @@ ngx_mail_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) break; #endif +#if (NGX_HAVE_UNIX_DOMAIN) + case AF_UNIX: + off = offsetof(struct sockaddr_un, sun_path); + len = sizeof(((struct sockaddr_un *) sa)->sun_path); + port = 0; + break; +#endif + default: /* AF_INET */ off = offsetof(struct sockaddr_in, sin_addr); len = 4; @@ -378,21 +386,23 @@ ngx_mail_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) ls->ipv6only = 1; #endif - for (m = 0; ngx_modules[m]; m++) { - if (ngx_modules[m]->type != NGX_MAIL_MODULE) { - continue; - } + if (cscf->protocol == NULL) { + for (m = 0; ngx_modules[m]; m++) { + if (ngx_modules[m]->type != NGX_MAIL_MODULE) { + continue; + } - module = ngx_modules[m]->ctx; + module = ngx_modules[m]->ctx; - if (module->protocol == NULL) { - continue; - } + if (module->protocol == NULL) { + continue; + } - for (i = 0; module->protocol->port[i]; i++) { - if (module->protocol->port[i] == u.port) { - cscf->protocol = module->protocol; - break; + for (i = 0; module->protocol->port[i]; i++) { + if (module->protocol->port[i] == u.port) { + cscf->protocol = module->protocol; + break; + } } } } diff --git a/src/mail/ngx_mail_handler.c b/src/mail/ngx_mail_handler.c index a1c4464f7..ae955f9c6 100644 --- a/src/mail/ngx_mail_handler.c +++ b/src/mail/ngx_mail_handler.c @@ -38,8 +38,6 @@ ngx_mail_init_connection(ngx_connection_t *c) /* find the server configuration for the address:port */ - /* AF_INET only */ - port = c->listening->servers; if (port->naddrs > 1) { diff --git a/src/os/unix/ngx_files.c b/src/os/unix/ngx_files.c index 2dfa1b7a1..d71aec316 100644 --- a/src/os/unix/ngx_files.c +++ b/src/os/unix/ngx_files.c @@ -139,7 +139,7 @@ ngx_open_tempfile(u_char *name, ngx_uint_t persistent, ngx_uint_t access) access ? access : 0600); if (fd != -1 && !persistent) { - unlink((const char *) name); + (void) unlink((const char *) name); } return fd; |