bugfix: applied a patch to fix a bug in the standard ngx_geoip module where its nginx variables like $geoip_latitude might randomly take empty values when they should take perfect values. see http://mailman.nginx.org/pipermail/nginx-devel/2014-July/005642.html

This commit is contained in:
Yichun Zhang (agentzh) 2014-07-25 15:03:42 -07:00
parent f26ae39115
commit 43ae08a6c4
2 changed files with 40 additions and 0 deletions

View File

@ -0,0 +1,36 @@
# HG changeset patch
# User Yichun Zhang <agentzh@gmail.com>
# Date 1406324609 25200
# Fri Jul 25 14:43:29 2014 -0700
# Node ID c038cc33739bbfab2ed50819191298471f22d233
# Parent 93614769dd4b6df8844c3c43c6a0b3f83bfa6746
GeoIP: not all variable fields were initialized.
The ngx_http_geoip_city_float_variable and
ngx_http_geoip_city_int_variable functions did not always initialize
all variable fields like "not_found", which could lead to empty values
for those corresponding nginx variales randomly.
diff -r 93614769dd4b -r c038cc33739b src/http/modules/ngx_http_geoip_module.c
--- a/src/http/modules/ngx_http_geoip_module.c Sun May 11 21:56:07 2014 -0700
+++ b/src/http/modules/ngx_http_geoip_module.c Fri Jul 25 14:43:29 2014 -0700
@@ -553,6 +553,9 @@ ngx_http_geoip_city_float_variable(ngx_h
val = *(float *) ((char *) gr + data);
v->len = ngx_sprintf(v->data, "%.4f", val) - v->data;
+ v->valid = 1;
+ v->no_cacheable = 0;
+ v->not_found = 0;
GeoIPRecord_delete(gr);
@@ -582,6 +585,9 @@ ngx_http_geoip_city_int_variable(ngx_htt
val = *(int *) ((char *) gr + data);
v->len = ngx_sprintf(v->data, "%d", val) - v->data;
+ v->valid = 1;
+ v->no_cacheable = 0;
+ v->not_found = 0;
GeoIPRecord_delete(gr);

View File

@ -220,6 +220,10 @@ echo "$info_txt applying the proxy_ssl_handshake_timer patch for nginx $ver"
patch -p1 < $root/patches/nginx-$ver-proxy_ssl_handshake_timer.patch || exit 1
echo
echo "$info_txt applying the geoip_init_var_fields patch for nginx $ver"
patch -p1 < $root/patches/nginx-$ver-geoip_init_var_fields.patch || exit 1
echo
answer=`$root/util/ver-ge "$main_ver" 1.4.4`
if [ "$answer" = "N" ]; then
echo "$info_txt applying the CVE-2013-4547 patch for nginx $ver"