diff options
| author | Dmitry Volyntsev <xeioex@nginx.com> | 2025-02-07 17:23:09 -0800 |
|---|---|---|
| committer | Dmitry Volyntsev <xeioexception@gmail.com> | 2025-02-10 17:50:42 -0800 |
| commit | ae7d4f42d5d7497e6e8d3d30ff5aebfba228d27c (patch) | |
| tree | 20036e19dbb6de39a0928fa9834e7fd955ae8cc8 /nginx/t/js_variables.t | |
| parent | f289dcb99a9e4c9b72ca8d1c60659a43e58547cd (diff) | |
| download | njs-ae7d4f42d5d7497e6e8d3d30ff5aebfba228d27c.tar.gz njs-ae7d4f42d5d7497e6e8d3d30ff5aebfba228d27c.zip | |
Modules: fixed name corruption in variable and header processing.
The HTTP and Stream JS modules were performing in-place lowercasing of
variable and header names, which could inadvertently overwrite the
original data.
In the NJS engine, the problem did not manifest itself for strings up to
14 bytes long because they are inlined into the value.
Diffstat (limited to 'nginx/t/js_variables.t')
| -rw-r--r-- | nginx/t/js_variables.t | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/nginx/t/js_variables.t b/nginx/t/js_variables.t index f2481e0b..6f1eb173 100644 --- a/nginx/t/js_variables.t +++ b/nginx/t/js_variables.t @@ -44,6 +44,7 @@ http { server_name localhost; set $foo test.foo_orig; + set $XXXXXXXXXXXXXXXX 1; location /var_set { return 200 $test_var$foo; @@ -56,6 +57,10 @@ http { location /not_found_set { js_content test.not_found_set; } + + location /variable_lowkey { + js_content test.variable_lowkey; + } } } @@ -80,16 +85,33 @@ $t->write_file('test.js', <<EOF); } } - export default {variable, content_set, not_found_set}; + function variable_lowkey(r) { + const name = 'X'.repeat(16); + + if (r.args.set) { + r.variables[name] = "1"; + + } else { + let v = r.variables[name]; + } + + r.return(200, name); + } + + export default {variable, content_set, not_found_set, variable_lowkey}; EOF -$t->try_run('no njs')->plan(3); +$t->try_run('no njs')->plan(5); ############################################################################### like(http_get('/var_set?a=bar'), qr/test_varbar/, 'var set'); like(http_get('/content_set?a=bar'), qr/bar/, 'content set'); like(http_get('/not_found_set'), qr/variable not found/, 'not found exception'); +like(http_get('/variable_lowkey'), qr/X{16}/, + 'variable name is not overwritten while reading'); +like(http_get('/variable_lowkey?set=1'), qr/X{16}/, + 'variable name is not overwritten while setting'); ############################################################################### |