id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc	uname	nginx_version
1679	Possible infinite loop in function ngx_cache_manager_process_cycle and ngx_cache_loader_process_handler in src/os/unix/ngx_process_cycle.c	92siuyang@…		"Hi,

There are two possible infinite loop vulnerabilities in function ngx_cache_manager_process_cycle and ngx_cache_loader_process_handler in src/os/unix/ngx_process_cycle.c. And, I am not so sure about the issue.

We take function ngx_cache_loader_process_handler as an example.

{{{

1206 static void
1207 ngx_cache_loader_process_handler(ngx_event_t *ev)
1208 {
1209     ngx_uint_t     i;
1210     ngx_path_t   **path;
1211     ngx_cycle_t   *cycle;
1212 
1213     cycle = (ngx_cycle_t *) ngx_cycle;
1214 
1215     path = cycle->paths.elts;
1216     for (i = 0; i < cycle->paths.nelts; i++) {
1217 
1218         if (ngx_terminate || ngx_quit) {
1219             break;
1220         }
1221 
1222         if (path[i]->loader) {
1223             path[i]->loader(path[i]->data);
1224             ngx_time_update();
1225         }
1226     }
1227 
1228     exit(0);
1229 }
}}}

The ""ngx_quit"" may be reset in function ngx_worker_process_cycle. So, make sure to test ngx_exiting as well.

This issue is very similar to an issue that was fixed in https://trac.nginx.org/nginx/browser/nginx/src/os/win32/ngx_process_cycle.c?rev=b74f1106f920fe9e447c710e57a5ccdeae46d8e3.
The similar issue is https://trac.nginx.org/nginx/ticket/514.
"	defect	closed	minor		nginx-core	1.15.x	invalid				None