Google Git
Sign in
nginx/nginx/9aaf256e4024e278e099c94281246aada63fc2fa^!/.
commit
9aaf256e4024e278e099c94281246aada63fc2fa
[log]
author
Sergey Kandaurov <pluknet@nginx.com>
Tue Aug 13 17:47:04 2013 +0400
committer
Sergey Kandaurov <pluknet@nginx.com>
Tue Aug 13 17:47:04 2013 +0400
tree
98ef6b0d0bf5a054b1ed01b14ccf322d63d51301
parent
65e37b4a128e5c4fe88721c790fd6f5c13102a62 [diff]
Referer module: fixed regex matching against HTTPS referers.

When matching a compiled regex against value in the "Referer" header field,
the length was calculated incorrectly for strings that start from "https://".
This might cause matching to fail for regexes with end-of-line anchors.

Patch by Liangbin Li.

diff --git a/src/http/modules/ngx_http_referer_module.c b/src/http/modules/ngx_http_referer_module.c
index d18b8b9..85b75ab 100644
--- a/src/http/modules/ngx_http_referer_module.c
+++ b/src/http/modules/ngx_http_referer_module.c

@@ -147,10 +147,12 @@
 
         if (ngx_strncasecmp(ref, (u_char *) "http://", 7) == 0) {
             ref += 7;
+            len -= 7;
             goto valid_scheme;
 
         } else if (ngx_strncasecmp(ref, (u_char *) "https://", 8) == 0) {
             ref += 8;
+            len -= 8;
             goto valid_scheme;
         }
     }
@@ -191,7 +193,7 @@
         ngx_int_t  rc;
         ngx_str_t  referer;
 
-        referer.len = len - 7;
+        referer.len = len;
         referer.data = ref;
 
         rc = ngx_regex_exec_array(rlcf->regex, &referer, r->connection->log);