technocloud-public/nginx-unit
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Fixing libunit 'off by 2' issue in library.

Browse Source 
Name and value in each header are 0-terminated, so additional 2 bytes
should be allocated for them.  There were several attempts to add these
2 bytes to headers in language modules, but some modules weren't updated.
Also, adding these 2 bytes is specific to the implementation which may be
changed later, so extending this mechanics to modules may cause errors.
This commit is contained in:
Max Romanov
2019-11-11 18:04:17 +03:00
parent ed3298a3c6
commit f2610d2160
4 changed files with 27 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/nodejs/unit-http/unit.cpp
View File

@@ -629,9 +629,6 @@ Unit::response_send_headers(napi_env env, napi_callback_info info)
keys_count = napi.get_value_uint32(argv[2]);
header_len = napi.get_value_uint32(argv[3]);
/* Need to reserve extra byte for C-string 0-termination. */
header_len++;
headers = argv[1];
ret = nxt_unit_response_init(req, status_code, keys_count, header_len);
@@ -640,6 +637,12 @@ Unit::response_send_headers(napi_env env, napi_callback_info info)
return nullptr;
}
/*
* Each name and value are 0-terminated by libunit.
* Need to add extra 2 bytes for each header.
*/
header_len += keys_count * 2;
keys = napi.get_property_names(headers);
keys_len = napi.get_array_length(keys);
@@ -656,8 +659,8 @@ Unit::response_send_headers(napi_env env, napi_callback_info info)
name_len = napi.get_value_string_latin1(name, ptr, header_len);
name_ptr = ptr;
ptr += name_len;
header_len -= name_len;
ptr += name_len + 1;
header_len -= name_len + 1;
hash = nxt_unit_field_hash(name_ptr, name_len);
@@ -689,8 +692,8 @@ Unit::response_send_headers(napi_env env, napi_callback_info info)
nxt_unit_sptr_set(&f->value, ptr);
f->value_length = (uint32_t) value_len;
ptr += value_len;
header_len -= value_len;
ptr += value_len + 1;
header_len -= value_len + 1;
req->response->fields_count++;
}
@@ -715,8 +718,8 @@ Unit::response_send_headers(napi_env env, napi_callback_info info)
nxt_unit_sptr_set(&f->value, ptr);
f->value_length = (uint32_t) value_len;
ptr += value_len;
header_len -= value_len;
ptr += value_len + 1;
header_len -= value_len + 1;
req->response->fields_count++;
}