From 62ead2a12cece59f1489b3272a5bde5572d08600 Mon Sep 17 00:00:00 2001 From: Andrei Belov Date: Mon, 12 May 2014 17:07:59 +0400 Subject: [PATCH 1/3] Fixed segmentation fault if http context is not defined. --- nginx/modsecurity/ngx_http_modsecurity.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/nginx/modsecurity/ngx_http_modsecurity.c b/nginx/modsecurity/ngx_http_modsecurity.c index 7c1395315b..41f1e9b57b 100644 --- a/nginx/modsecurity/ngx_http_modsecurity.c +++ b/nginx/modsecurity/ngx_http_modsecurity.c @@ -938,6 +938,12 @@ ngx_http_modsecurity_init(ngx_conf_t *cf) static ngx_int_t ngx_http_modsecurity_init_process(ngx_cycle_t *cycle) { + if (ngx_http_cycle_get_module_main_conf(cycle, ngx_http_modsecurity) + == NULL) + { + return NGX_OK; + } + /* must set log hook here cf->log maybe changed */ modsecSetLogHook(cycle->log, modsecLog); modsecInitProcess(); From f16d98bb75832d8697d5e58cee45f570e026a537 Mon Sep 17 00:00:00 2001 From: Andrei Belov Date: Wed, 14 May 2014 14:45:24 +0400 Subject: [PATCH 2/3] Removed unneeded and invalid initialization. --- nginx/modsecurity/ngx_http_modsecurity.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx/modsecurity/ngx_http_modsecurity.c b/nginx/modsecurity/ngx_http_modsecurity.c index 215f65fc46..5e0df81d57 100644 --- a/nginx/modsecurity/ngx_http_modsecurity.c +++ b/nginx/modsecurity/ngx_http_modsecurity.c @@ -1097,7 +1097,7 @@ ngx_http_modsecurity_init_process(ngx_cycle_t *cycle) static ngx_int_t ngx_http_modsecurity_handler(ngx_http_request_t *r) { - ngx_int_t rc = NULL; + ngx_int_t rc; ngx_http_modsecurity_ctx_t *ctx = NULL; ngx_http_modsecurity_loc_conf_t *cf = NULL; From 1baeaef7fcdf0aaee6c433d4137bfea7a96ff818 Mon Sep 17 00:00:00 2001 From: Andrei Belov Date: Thu, 15 May 2014 15:56:44 +0400 Subject: [PATCH 3/3] Obtain port from r->connection->local_sockaddr. This eliminates segfaults caused by unset (NULL) r->port_start and non-NULL r->port_end. In fact, r->port_start is always NULL, so it is useless to rely on this pointer. --- nginx/modsecurity/ngx_http_modsecurity.c | 34 ++++++++++++++++++++---- 1 file changed, 29 insertions(+), 5 deletions(-) diff --git a/nginx/modsecurity/ngx_http_modsecurity.c b/nginx/modsecurity/ngx_http_modsecurity.c index 5e0df81d57..f505830667 100644 --- a/nginx/modsecurity/ngx_http_modsecurity.c +++ b/nginx/modsecurity/ngx_http_modsecurity.c @@ -279,9 +279,13 @@ ngx_http_modsecurity_load_request(ngx_http_request_t *r) { ngx_http_modsecurity_ctx_t *ctx; request_rec *req; - ngx_str_t str; size_t root; ngx_str_t path; + ngx_uint_t port; + struct sockaddr_in *sin; +#if (NGX_HAVE_INET6) + struct sockaddr_in6 *sin6; +#endif ctx = ngx_http_get_module_ctx(r, ngx_http_modsecurity); req = ctx->req; @@ -324,10 +328,30 @@ ngx_http_modsecurity_load_request(ngx_http_request_t *r) req->parsed_uri.path = (char *)ngx_pstrdup0(r->pool, &r->uri); req->parsed_uri.is_initialized = 1; - str.data = r->port_start; - str.len = r->port_end - r->port_start; - req->parsed_uri.port = ngx_atoi(str.data, str.len); - req->parsed_uri.port_str = (char *)ngx_pstrdup0(r->pool, &str); + switch (r->connection->local_sockaddr->sa_family) { + +#if (NGX_HAVE_INET6) + case AF_INET6: + sin6 = (struct sockaddr_in6 *) r->connection->local_sockaddr; + port = ntohs(sin6->sin6_port); + break; +#endif + +#if (NGX_HAVE_UNIX_DOMAIN) + case AF_UNIX: + port = 0; + break; +#endif + + default: /* AF_INET */ + sin = (struct sockaddr_in *) r->connection->local_sockaddr; + port = ntohs(sin->sin_port); + break; + } + + req->parsed_uri.port = port; + req->parsed_uri.port_str = ngx_pnalloc(r->pool, sizeof("65535")); + (void) ngx_sprintf((u_char *)req->parsed_uri.port_str, "%ui%c", port, '\0'); req->parsed_uri.query = r->args.len ? req->args : NULL; req->parsed_uri.dns_looked_up = 0;