Mercurial > njs
changeset 2591:deb802c9b713
Fixed NULL pointer dereference when processing If-* headers.
Previously, when processing requests with If-Match and
If-Unmodified-Since headers worker process crashed.
For example with the following code:
try { r.return(200) }
catch (e) { r.internalRedirect() }
The fix is to disable not_modified filter as it was done in
nginx perl module nginx/nginx@d9887ee2.
| author | Dmitry Volyntsev <xeioex@nginx.com> |
|---|---|
| date | Mon, 07 Jul 2025 22:40:45 -0700 |
| parents | a4061187dd87 |
| children | 8fda8e1f75b5 |
| files | nginx/ngx_http_js_module.c nginx/t/js_internal_redirect.t |
| diffstat | 2 files changed, 36 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/nginx/ngx_http_js_module.c Thu Jul 03 16:53:33 2025 -0700 +++ b/nginx/ngx_http_js_module.c Mon Jul 07 22:40:45 2025 -0700 @@ -2455,6 +2455,8 @@ return NJS_ERROR; } + r->disable_not_modified = 1; + if (ngx_http_send_header(r) == NGX_ERROR) { return NJS_ERROR; } @@ -2738,6 +2740,8 @@ cv.value.data = text.start; cv.value.len = text.length; + r->disable_not_modified = 1; + ctx->status = ngx_http_send_response(r, status, NULL, &cv); if (ctx->status == NGX_ERROR) { @@ -5445,6 +5449,8 @@ cv.value.data = body.data; cv.value.len = body.len; + r->disable_not_modified = 1; + ctx->status = ngx_http_send_response(r, status, NULL, &cv); if (ctx->status == NGX_ERROR) { @@ -5670,6 +5676,8 @@ return JS_ThrowInternalError(cx, "failed to set content type"); } + r->disable_not_modified = 1; + if (ngx_http_send_header(r) == NGX_ERROR) { return JS_ThrowInternalError(cx, "failed to send header"); }
--- a/nginx/t/js_internal_redirect.t Thu Jul 03 16:53:33 2025 -0700 +++ b/nginx/t/js_internal_redirect.t Mon Jul 07 22:40:45 2025 -0700 @@ -11,6 +11,7 @@ use strict; use Test::More; +use Socket qw/ CRLF /; BEGIN { use FindBin; chdir($FindBin::Bin); } @@ -54,6 +55,10 @@ return 200 redirect$arg_b; } + location /destroyed_ctx { + js_content test.destroyed_ctx; + } + location @named { return 200 named; } @@ -87,7 +92,16 @@ } } - export default {njs:test_njs, redirect}; + function destroyed_ctx(r) { + try { + r.return(200); + + } catch (e) { + r.internalRedirect("\@sub"); + } + } + + export default {njs:test_njs, redirect, destroyed_ctx}; EOF @@ -103,5 +117,18 @@ 'unsafe redirect'); like(http_get('/test?quoted=1'), qr/200 .*redirect/s, 'quoted redirect'); +get('/destroyed_ctx', 'If-Match: tt'); ############################################################################### + +sub get { + my ($url, @headers) = @_; + return http( + "GET $url HTTP/1.1" . CRLF . + 'Host: localhost' . CRLF . + 'Connection: close' . CRLF . + join(CRLF, @headers) . CRLF . CRLF + ); +} + +################################################################################
