Fix bug in http_referer_module that using incorrect input string length in the regex matching proces

Sadaf_N · August 12, 2013, 7:27am

— ngx_http_referer_module.c
+++ ngx_http_referer_module.c
@@ -147,10 +147,12 @@

     if (ngx_strncasecmp(ref, (u_char *) "http://", 7) == 0) {
         ref += 7;

       len -= 7;
       goto valid_scheme;

   } else if (ngx_strncasecmp(ref, (u_char *) "https://", 8) == 0)

{
ref += 8;

       len -= 8;
       goto valid_scheme;
   }

}
@@ -191,7 +193,7 @@
ngx_int_t rc;
ngx_str_t referer;

```
   referer.len = len - 7;
```

   referer.len = len;
   referer.data = ref;

   rc = ngx_regex_exec_array(rlcf->regex, &referer,

r->connection->log);

Liangbin_Li · August 12, 2013, 8:06am

Hi,

In the rerferer module, the length of scheme in regular referer
expression is treated as ‘http://’. It’s incorrect for the https
request. And the regular referer rule will be invalid. This patch
could fix this bug.

2013/8/12 Liangbin Li [email protected]:

         ref += 8;
     referer.data = ref;

     rc = ngx_regex_exec_array(rlcf->regex, &referer,
r->connection->log);

nginx mailing list
[email protected]
nginx Info Page

–
Weibin Y.
Developer @ Server Platform Team of Taobao

Liangbin_Li · August 13, 2013, 5:25pm

On Aug 12, 2013, at 9:27 AM, Liangbin Li [email protected] wrote:

         ref += 8;
     referer.data = ref;

     rc = ngx_regex_exec_array(rlcf->regex, &referer, r->connection->log);

Committed, thanks!

–
Sergey Kandaurov
[email protected]