#1494 closed defect (fixed)

Null character in error.log

Reported by: fffilimonov@… Owned by:
Priority: minor Milestone:
Component: nginx-module Version: 1.13.x
Keywords: Cc: fffilimonov@…
uname -a: Darwin 17.3.0 Darwin Kernel Version 17.3.0: Thu Nov 9 18:09:22 PST 2017; root:xnu-4570.31.3~1/RELEASE_X86_64 x86_64
nginx -V: nginx version: nginx/1.13.10 built by clang 9.0.0 (clang-900.0.38) configure arguments:

Description

With config like this:

auth_basic "Restricted";
auth_basic_user_file $host/htpasswd;

If user not found in file nginx writes to error log string:

2018/02/26 15:19:33 [error] 85925#0: *3 user "addd" was not found in "/Users/vf/nginx/127.0.0.1/htpasswd^@", client: 127.0.0.1, server: , request: "GET / HTTP/1.1", host: "127.0.0.1:8080"

The issue only with variable in auth_basic_user_file path.
With config like this no null char:

auth_basic "Restricted";
auth_basic_user_file /root/htpasswd;

ngx_http_auth_basic_module.c

ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
                  "user \"%V\" was not found in \"%V\"",
                  &r->headers_in.user, &user_file);

user_file - ngx_str_t
So, it means there is a string inside user_file.data with null terminator.

In debug log i can see:

2018/02/26 16:23:46 [debug] 93741#0: *1 access phase: 6
2018/02/26 16:23:46 [debug] 93741#0: *1 access phase: 7
2018/02/26 16:23:46 [debug] 93741#0: *1 http script var: "127.0.0.1"
2018/02/26 16:23:46 [debug] 93741#0: *1 http script copy: "/htpasswd^@"
2018/02/26 16:23:46 [debug] 93741#0: *1 http script fullname: "/Users/vf/nginx/127.0.0.1/htpasswd^@"
2018/02/26 16:23:46 [debug] 93741#0: *1 read: 9, 00007FFEE2FA7E00, 2048, 0
2018/02/26 16:23:46 [error] 93741#0: *1 user "addd" was not found in "/Users/vf/nginx/127.0.0.1/htpasswd^@", client: 127.0.0.1, server: , request: "GET / HTTP/1.1", host: "127.0.0.1:8080"

The null char we got from ngx_http_script.c.

The simple fix is:

    ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
                  "user \"%V\" was not found in \"%s\"",
                  &r->headers_in.user, user_file.data);

But possible the problem is somewhere in other function which builds the path.

Change History (2)

comment:1 Changed 13 months ago by Vadim Filimonov <fffilimonov@…>

In 7218:e48ac0136ee3/nginx:

Auth basic: prevent null character in error log (ticket #1494).

comment:2 Changed 13 months ago by mdounin

  • Resolution set to fixed
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.