Opened 12 years ago
Closed 12 years ago
#51 closed defect (fixed)
nginx cache file md5 collision
| Reported by: | www.google.com/accounts/o8/id?id=AItOawkan2535CCufUE3eUGl9YfITdNzBkpD8ac | Owned by: | somebody |
|---|---|---|---|
| Priority: | critical | Milestone: | |
| Component: | nginx-core | Version: | 1.0.x |
| Keywords: | Cc: | ||
| uname -a: | Linux www 2.6.18-274.7.1.el5 #1 SMP Thu Oct 20 16:21:01 EDT 2011 x86_64 x86_64 x86_64 GNU/Linux | ||
| nginx -V: |
nginx: nginx version: nginx/1.0.9
nginx: configure arguments: --with-http_stub_status_module --prefix=/home2/nginx --with-debug |
||
Description
The url :
http://www.ads119.com/player/nanrenbang/nanrenbang-38212-93019-1234567890-8.html
and
http://www.ads119.com/player/nanrenbang/nanrenbang-38212-93019-1234567890-4.html
have the same cache file.
In the debug error log:
2011/11/10 13:10:06 [crit] 4475#0: *73 cache file "/home2/cache2/2/9c/439320ddec62f770fbc2eaca73c659c2" has md5 collision, client: 116.226.65.23, server: www.ads119.com, request: "GET /player/nanrenbang/nanrenbang-38212-93019-1234567890-8.html HTTP/1.1", host: "www.ads119.com:8080"
[root@www logs]# head -n 2 /home2/cache2/2/9c/439320ddec62f770fbc2eaca73c659c2 | tail -n 1
KEY: http://www.ads119.com/player/nanrenbang/nanrenbang-38212-93019-1234567890-8.html
[root@www logs]# head -n 1 /home2/cache2/2/9c/439320ddec62f770fbc2eaca73c659c2 | hexdump
0000000 86df 4ebb 0000 0000 3fca 4eba 0000 0000
0000010 5caf 4ebb 0000 0000 7226 0786 0000 007f
0000020 015b 5820 5448 4c4d 000a
0000029
[root@www logs]# head -n 2 /home2/cache2/2/9c/439320ddec62f770fbc2eaca73c659c2 | tail -n 1
KEY: http://www.ads119.com/player/nanrenbang/nanrenbang-38212-93019-1234567890-4.html
[root@www logs]# head -n 1 /home2/cache2/2/9c/439320ddec62f770fbc2eaca73c659c2 | hexdump
0000000 8813 4ebb 0000 0000 3fca 4eba 0000 0000
0000010 5de3 4ebb 0000 0000 b25d 7044 0000 007f
0000020 015b 5820 5448 4c4d 000a
0000029
[root@www logs]# cat /etc/redhat-release
CentOS release 5.7 (Final)
Attachments (6)
Change History (13)
by , 12 years ago
| Attachment: | nginx.conf added |
|---|
by , 12 years ago
| Attachment: | debug_http_log.rar added |
|---|
comment:1 by , 12 years ago
The nginx server's IP is[ 61.74.61.23 ] and nginx proxy is listen on port 8080.
For testing I have to set
61.74.61.23 www.ads119.com
in C:\WINDOWS\system32\drivers\etc\hosts in the IE browser client machine.
so in my IE broswer, the url is http://www.ads119.com:8080/player/nanrenbang/nanrenbang-38212-93019-1234567890-4.html, which will be proxy by nginx .
The real web server's IP is 203.156.254.86 and web server listen on port 80.
Hope it is not Confusing.
comment:2 by , 12 years ago
Default key's format is $scheme$proxy_host$request_uri;
If I change the KEY's format to :
proxy_cache_key $proxy_host$request_uri;
removing $schema, everything will be ok.
comment:3 by , 12 years ago
| Status: | new → accepted |
|---|
Could you reproduce it on earlier versions: 1.0.8, 1.0.6, and 1.0.5 ?
comment:4 by , 12 years ago
reproduced on 1.0.8 in the same server.
[root@www logs]# /home2/nginx/sbin/nginx -V
nginx: nginx version: nginx/1.0.8
nginx: configure arguments: --with-http_stub_status_module --prefix=/home2/nginx --with-debug
comment:5 by , 12 years ago
Could you show ./configure output of nginx-1.0.9 building ?
Also for future debug logs please use global
error_log logs/error.log debug;
but not
error_log logs/ttttt debug_http;
inside server, since the latter has only part of debug information.
comment:6 by , 12 years ago
Please try the following patch:
# HG changeset patch
# User Maxim Dounin <mdounin@mdounin.ru>
# Date 1321239366 -10800
# Node ID 9fec077b7095eca2ed5a37305add0e0a7e1b63c6
# Parent 8113a90f235f14fbe9613ab775d6df504a458cb3
Backout incorrect change in internal md5 in r3928.
diff --git a/src/core/ngx_md5.c b/src/core/ngx_md5.c
--- a/src/core/ngx_md5.c
+++ b/src/core/ngx_md5.c
@@ -47,7 +47,8 @@ ngx_md5_update(ngx_md5_t *ctx, const voi
return;
}
- data = ngx_cpymem(&ctx->buffer[used], data, free);
+ ngx_memcpy(&ctx->buffer[used], data, free);
+ data = (u_char *)data + free;
size -= free;
(void) ngx_md5_body(ctx, ctx->buffer, 64);
}
It should fix this.
nginx.conf