summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobert Nagy <robert@cvs.openbsd.org>2012-04-12 17:45:23 +0000
committerRobert Nagy <robert@cvs.openbsd.org>2012-04-12 17:45:23 +0000
commit9ec419a894cc815d72575f2899101be0008b94d2 (patch)
tree9549158df0f9a6f9cb3338cffadc658d765164cc
parent2e8426d7c58ea94a61ef2e0bdf887f6c81d7e3b8 (diff)
use a shared stripping function for chroot and make sure
that the path starts with the chroot prefix before doing anything with it
-rw-r--r--usr.sbin/nginx/src/core/ngx_cycle.c11
-rw-r--r--usr.sbin/nginx/src/core/ngx_string.c12
-rw-r--r--usr.sbin/nginx/src/core/ngx_string.h1
-rw-r--r--usr.sbin/nginx/src/http/ngx_http_core_module.c6
4 files changed, 16 insertions, 14 deletions
diff --git a/usr.sbin/nginx/src/core/ngx_cycle.c b/usr.sbin/nginx/src/core/ngx_cycle.c
index e8373fe63a4..a706138203e 100644
--- a/usr.sbin/nginx/src/core/ngx_cycle.c
+++ b/usr.sbin/nginx/src/core/ngx_cycle.c
@@ -1137,15 +1137,8 @@ ngx_reopen_files(ngx_cycle_t *cycle, ngx_uid_t user)
len = file[i].pos - file[i].buffer;
- if ((ngx_process == NGX_PROCESS_WORKER) && ngx_chrooted && file[i].name.data[0] == '/') {
- char *x, *buf = malloc(file[i].name.len);
- x = ngx_cpystrn(buf, file[i].name.data + strlen(NGX_PREFIX),
- file[i].name.len);
- while (buf[0] == '/') {
- buf++;
- }
- file[i].name.len = (x - buf);
- file[i].name.data = buf;
+ if ((ngx_process == NGX_PROCESS_WORKER) && ngx_chrooted) {
+ ngx_strip_chroot(&file[i].name);
}
if (file[i].buffer && len != 0) {
diff --git a/usr.sbin/nginx/src/core/ngx_string.c b/usr.sbin/nginx/src/core/ngx_string.c
index 1dec96cc4ca..05184479c96 100644
--- a/usr.sbin/nginx/src/core/ngx_string.c
+++ b/usr.sbin/nginx/src/core/ngx_string.c
@@ -1835,3 +1835,15 @@ ngx_memcpy(void *dst, void *src, size_t n)
}
#endif
+
+void
+ngx_strip_chroot(ngx_str_t *path)
+{
+ if (!ngx_strncmp(path->data, NGX_PREFIX, strlen(NGX_PREFIX))) {
+ char *x, *buf = malloc(path->len);
+ x = ngx_cpystrn(buf, path->data + strlen(NGX_PREFIX) - 1,
+ path->len);
+ path->len = (x - buf);
+ path->data = buf;
+ }
+}
diff --git a/usr.sbin/nginx/src/core/ngx_string.h b/usr.sbin/nginx/src/core/ngx_string.h
index fa386ca72f0..e140fb86da8 100644
--- a/usr.sbin/nginx/src/core/ngx_string.h
+++ b/usr.sbin/nginx/src/core/ngx_string.h
@@ -227,5 +227,6 @@ void ngx_sort(void *base, size_t n, size_t size,
#define ngx_value_helper(n) #n
#define ngx_value(n) ngx_value_helper(n)
+void ngx_strip_chroot(ngx_str_t *root);
#endif /* _NGX_STRING_H_INCLUDED_ */
diff --git a/usr.sbin/nginx/src/http/ngx_http_core_module.c b/usr.sbin/nginx/src/http/ngx_http_core_module.c
index f050b861048..82bb1275c5e 100644
--- a/usr.sbin/nginx/src/http/ngx_http_core_module.c
+++ b/usr.sbin/nginx/src/http/ngx_http_core_module.c
@@ -3387,11 +3387,7 @@ ngx_http_core_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
}
if (ngx_chrooted && prev->root.data != NULL) {
- char *x, *buf = malloc(conf->root.len);
- x = ngx_cpystrn(buf, conf->root.data + strlen(NGX_PREFIX) - 1,
- conf->root.len);
- conf->root.len = (x - buf);
- conf->root.data = buf;
+ ngx_strip_chroot(&conf->root);
}
if (conf->post_action.data == NULL) {