Opened 13 years ago
Closed 13 years ago
#51 closed defect (fixed)
nginx cache file md5 collision
Reported by: | www.google.com/accounts/o8/id?id=AItOawkan2535CCufUE3eUGl9YfITdNzBkpD8ac | Owned by: | somebody |
---|---|---|---|
Priority: | critical | Milestone: | |
Component: | nginx-core | Version: | 1.0.x |
Keywords: | Cc: | ||
uname -a: | Linux www 2.6.18-274.7.1.el5 #1 SMP Thu Oct 20 16:21:01 EDT 2011 x86_64 x86_64 x86_64 GNU/Linux | ||
nginx -V: |
nginx: nginx version: nginx/1.0.9
nginx: configure arguments: --with-http_stub_status_module --prefix=/home2/nginx --with-debug |
Description
The url :
http://www.ads119.com/player/nanrenbang/nanrenbang-38212-93019-1234567890-8.html
and
http://www.ads119.com/player/nanrenbang/nanrenbang-38212-93019-1234567890-4.html
have the same cache file.
In the debug error log:
2011/11/10 13:10:06 [crit] 4475#0: *73 cache file "/home2/cache2/2/9c/439320ddec62f770fbc2eaca73c659c2" has md5 collision, client: 116.226.65.23, server: www.ads119.com, request: "GET /player/nanrenbang/nanrenbang-38212-93019-1234567890-8.html HTTP/1.1", host: "www.ads119.com:8080"
[root@www logs]# head -n 2 /home2/cache2/2/9c/439320ddec62f770fbc2eaca73c659c2 | tail -n 1
KEY: http://www.ads119.com/player/nanrenbang/nanrenbang-38212-93019-1234567890-8.html
[root@www logs]# head -n 1 /home2/cache2/2/9c/439320ddec62f770fbc2eaca73c659c2 | hexdump
0000000 86df 4ebb 0000 0000 3fca 4eba 0000 0000
0000010 5caf 4ebb 0000 0000 7226 0786 0000 007f
0000020 015b 5820 5448 4c4d 000a
0000029
[root@www logs]# head -n 2 /home2/cache2/2/9c/439320ddec62f770fbc2eaca73c659c2 | tail -n 1
KEY: http://www.ads119.com/player/nanrenbang/nanrenbang-38212-93019-1234567890-4.html
[root@www logs]# head -n 1 /home2/cache2/2/9c/439320ddec62f770fbc2eaca73c659c2 | hexdump
0000000 8813 4ebb 0000 0000 3fca 4eba 0000 0000
0000010 5de3 4ebb 0000 0000 b25d 7044 0000 007f
0000020 015b 5820 5448 4c4d 000a
0000029
[root@www logs]# cat /etc/redhat-release
CentOS release 5.7 (Final)
Attachments (6)
Change History (13)
by , 13 years ago
Attachment: | nginx.conf added |
---|
by , 13 years ago
Attachment: | debug_http_log.rar added |
---|
comment:1 by , 13 years ago
The nginx server's IP is[ 61.74.61.23 ] and nginx proxy is listen on port 8080.
For testing I have to set
61.74.61.23 www.ads119.com
in C:\WINDOWS\system32\drivers\etc\hosts in the IE browser client machine.
so in my IE broswer, the url is http://www.ads119.com:8080/player/nanrenbang/nanrenbang-38212-93019-1234567890-4.html, which will be proxy by nginx .
The real web server's IP is 203.156.254.86 and web server listen on port 80.
Hope it is not Confusing.
comment:2 by , 13 years ago
Default key's format is $scheme$proxy_host$request_uri;
If I change the KEY's format to :
proxy_cache_key $proxy_host$request_uri;
removing $schema, everything will be ok.
comment:3 by , 13 years ago
Status: | new → accepted |
---|
Could you reproduce it on earlier versions: 1.0.8, 1.0.6, and 1.0.5 ?
comment:4 by , 13 years ago
reproduced on 1.0.8 in the same server.
[root@www logs]# /home2/nginx/sbin/nginx -V
nginx: nginx version: nginx/1.0.8
nginx: configure arguments: --with-http_stub_status_module --prefix=/home2/nginx --with-debug
comment:5 by , 13 years ago
Could you show ./configure output of nginx-1.0.9 building ?
Also for future debug logs please use global
error_log logs/error.log debug;
but not
error_log logs/ttttt debug_http;
inside server, since the latter has only part of debug information.
comment:6 by , 13 years ago
Please try the following patch:
# HG changeset patch # User Maxim Dounin <mdounin@mdounin.ru> # Date 1321239366 -10800 # Node ID 9fec077b7095eca2ed5a37305add0e0a7e1b63c6 # Parent 8113a90f235f14fbe9613ab775d6df504a458cb3 Backout incorrect change in internal md5 in r3928. diff --git a/src/core/ngx_md5.c b/src/core/ngx_md5.c --- a/src/core/ngx_md5.c +++ b/src/core/ngx_md5.c @@ -47,7 +47,8 @@ ngx_md5_update(ngx_md5_t *ctx, const voi return; } - data = ngx_cpymem(&ctx->buffer[used], data, free); + ngx_memcpy(&ctx->buffer[used], data, free); + data = (u_char *)data + free; size -= free; (void) ngx_md5_body(ctx, ctx->buffer, 64); }
It should fix this.
nginx.conf