Opened 10 years ago
Closed 10 years ago
#670 closed defect (invalid)
%0a. routing bypass
Reported by: | Adam Surak | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | |
Component: | nginx-core | Version: | 1.6.x |
Keywords: | Cc: | ||
uname -a: | Linux c5-eu-3.algolia.io 3.10.23-xxxx-std-ipv6-64 #1 SMP Tue Mar 18 14:48:24 CET 2014 x86_64 x86_64 x86_64 GNU/Linux | ||
nginx -V: |
nginx version: nginx/1.6.2
built by gcc 4.8.2 (Ubuntu 4.8.2-19ubuntu1) TLS SNI support enabled configure arguments: --with-http_stub_status_module --with-http_gzip_static_module --with-http_ssl_module --add-module=../../algolia --add-module=../headers-more-nginx-module-0.22 --with-ipv6 |
Description
Hello,
I have noticed in my logs a following issue:
.pl" failed (2: No such file or directory), client: 37.187.28.218, server: apieu1.algolia.com, request: "GET /cgi.cgi/scripts/*%0a.pl HTTP/1.0", host: "***" 2014/11/22 20:33:38 [error] 8963#0: *24802 open() "/home/prod/prod/config/html/webcgi/scripts/* .pl" failed (2: No such file or directory), client: 37.187.28.218, server: apieu1.algolia.com, request: "GET /webcgi/scripts/*%0a.pl HTTP/1.0", host: "***" 2014/11/22 20:33:38 [error] 8963#0: *24803 open() "/home/prod/prod/config/html/cgi-914/scripts/* .pl" failed (2: No such file or directory), client: 37.187.28.218, server: apieu1.algolia.com, request: "GET /cgi-914/scripts/*%0a.pl HTTP/1.0", host: "***" 2014/11/22 20:33:38 [error] 8963#0: *24804 open() "/home/prod/prod/config/html/cgi-915/scripts/* .pl" failed (2: No such file or directory), client: 37.187.28.218, server: apieu1.algolia.com, request: "GET /cgi-915/scripts/*%0a.pl HTTP/1.0", host: "***" 2014/11/22 20:33:38 [error] 8963#0: *24805 open() "/home/prod/prod/config/html/bin/scripts/* .pl" failed (2: No such file or directory), client: 37.187.28.218, server: apieu1.algolia.com, request: "GET /bin/scripts/*%0a.pl HTTP/1.0", host: "***" 2014/11/22 20:33:38 [error] 8963#0: *24806 open() "/home/prod/prod/config/html/cgi/scripts/* .pl" failed (2: No such file or directory), client: 37.187.28.218, server: apieu1.algolia.com, request: "GET /cgi/scripts/*%0a.pl HTTP/1.0", host: "***" 2014/11/22 20:33:38 [error] 8963#0: *24807 open() "/home/prod/prod/config/html/mpcgi/scripts/* .pl" failed (2: No such file or directory), client: 37.187.28.218, server: apieu1.algolia.com, request: "GET /mpcgi/scripts/*%0a.pl HTTP/1.0", host: "***" 2014/11/22 20:33:38 [error] 8963#0: *24808 open() "/home/prod/prod/config/html/cgi-bin/scripts/* .pl" failed (2: No such file or directory), client: 37.187.28.218, server: apieu1.algolia.com, request: "GET /cgi-bin/scripts/*%0a.pl HTTP/1.0", host: "***" 2014/11/22 20:33:38 [error] 8963#0: *24809 open() "/home/prod/prod/config/html/ows-bin/scripts/* .pl" failed (2: No such file or directory), client: 37.187.28.218, server: apieu1.algolia.com, request: "GET /ows-bin/scripts/*%0a.pl HTTP/1.0", host: "***" 2014/11/22 20:33:38 [error] 8963#0: *24810 open() "/home/prod/prod/config/html/cgi-sys/scripts/* .pl" failed (2: No such file or directory), client: 37.187.28.218, server: apieu1.algolia.com, request: "GET /cgi-sys/scripts/*%0a.pl HTTP/1.0", host: "***" 2014/11/22 20:33:38 [error] 8963#0: *24811 open() "/home/prod/prod/config/html/cgi-local/scripts/* .pl" failed (2: No such file or directory), client: 37.187.28.218, server: apieu1.algolia.com, request: "GET /cgi-local/scripts/*%0a.pl HTTP/1.0", host: "***" 2014/11/22 20:33:38 [error] 8963#0: *24812 open() "/home/prod/prod/config/html/htbin/scripts/* .pl" failed (2: No such file or directory), client: 37.187.28.218, server: apieu1.algolia.com, request: "GET /htbin/scripts/*%0a.pl HTTP/1.0", host: "***" 2014/11/22 20:33:38 [error] 8963#0: *24813 open() "/home/prod/prod/config/html/cgibin/scripts/* .pl" failed (2: No such file or directory), client: 37.187.28.218, server: apieu1.algolia.com, request: "GET /cgibin/scripts/*%0a.pl HTTP/1.0", host: "***" 2014/11/22 20:33:38 [error] 8963#0: *24814 open() "/home/prod/prod/config/html/cgis/scripts/* .pl" failed (2: No such file or directory), client: 37.187.28.218, server: apieu1.algolia.com, request: "GET /cgis/scripts/*%0a.pl HTTP/1.0", host: "***" 2014/11/22 20:33:38 [error] 8963#0: *24815 open() "/home/prod/prod/config/html/scripts/scripts/* .pl" failed (2: No such file or directory), client: 37.187.28.218, server: apieu1.algolia.com, request: "GET /scripts/scripts/*%0a.pl HTTP/1.0", host: "***" 2014/11/22 20:33:38 [error] 8963#0: *24816 open() "/home/prod/prod/config/html/cgi-win/scripts/* .pl" failed (2: No such file or directory), client: 37.187.28.218, server: apieu1.algolia.com, request: "GET /cgi-win/scripts/*%0a.pl HTTP/1.0", host: "***" 2014/11/22 20:33:38 [error] 8963#0: *24817 open() "/home/prod/prod/config/html/fcgi-bin/scripts/* .pl" failed (2: No such file or directory), client: 37.187.28.218, server: apieu1.algolia.com, request: "GET /fcgi-bin/scripts/*%0a.pl HTTP/1.0", host: "***" 2014/11/22 20:33:38 [error] 8963#0: *24818 open() "/home/prod/prod/config/html/cgi-exe/scripts/* .pl" failed (2: No such file or directory), client: 37.187.28.218, server: apieu1.algolia.com, request: "GET /cgi-exe/scripts/*%0a.pl HTTP/1.0", host: "***" 2014/11/22 20:33:38 [error] 8963#0: *24819 open() "/home/prod/prod/config/html/cgi-home/scripts/* .pl" failed (2: No such file or directory), client: 37.187.28.218, server: apieu1.algolia.com, request: "GET /cgi-home/scripts/*%0a.pl HTTP/1.0", host: "***" 2014/11/22 20:33:38 [error] 8963#0: *24820 open() "/home/prod/prod/config/html/cgi-perl/scripts/*
My nginx.conf allows:
/1/ /_ / - redirect to /1/404
The sequence that triggers this problem is "%0a." in the url. After that nginx starts to look for files on the filesystem.
Change History (4)
comment:1 by , 10 years ago
follow-up: 3 comment:2 by , 10 years ago
Could you please show some minimal config to reproduce the problem?
comment:3 by , 10 years ago
Replying to Maxim Dounin:
Could you please show some minimal config to reproduce the problem?
http { client_body_temp_path "../run/body" 1 2; include ./mime.types; access_log off; error_log ../run/error.log; sendfile on; tcp_nopush on; server_tokens off; keepalive_timeout 180; client_header_timeout 180; client_body_timeout 180; reset_timedout_connection on; send_timeout 10; tcp_nodelay on; server { listen 80 backlog=32768; server_name apieu1.algolia.com; client_max_body_size 1024M; gzip on; gzip_disable "msie6"; gzip_min_length 100; gzip_types *; gzip_proxied any; more_set_headers 'Access-Control-Allow-Origin: *'; more_set_headers 'Access-Control-Allow-Methods: GET, PUT, DELETE, POST, OPTIONS'; more_set_headers 'Access-Control-Allow-Headers: x-algolia-application-id, connection, origin, x-algolia-api-key, content-type, content-length, x-algolia-signature, x-algolia-usertoken, x-algolia-tagfilters, DNT, X-Mx-ReqToken, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Authorization, Accept'; more_set_headers 'Access-Control-Allow-Credentials: false'; location /1/ { # omitted } location = /_ { stub_status on; access_log off; allow 127.0.0.1; deny all; break; } location / { rewrite ^.*$ /1/404 permanent; } } }
comment:4 by , 10 years ago
Resolution: | → invalid |
---|---|
Status: | new → closed |
The problem is in this line:
rewrite ^.*$ /1/404 permanent;
It doesn't match unencoded URI as the ^.*$
doesn't match the string with an embedded newline. If you really want to return a redirect for all requests, use a regular expression which matches everything:
rewrite ^ /1/404 permanent;
Or, better yet, use the return directive:
return 301 /1/404;
Look at ticket #191