Ticket #1476 (new defect)
Opened 9 months ago
1.5 r-1992 overflow when parsing "remoteip conditions"
| Reported by: | class101 | Owned by: | jan |
|---|---|---|---|
| Priority: | high | Milestone: | 1.5.0 |
| Component: | core | Version: | 1.5.x-svn |
| Severity: | normal | Keywords: | config overflow |
| Cc: | Blocked By: | ||
| Need User Feedback: | yes | Blocking: |
Description
I have found a bug type like overflow that is crashing the lighttpd.
#$HTTP["remoteip"] !~ "65.52.0.0/14|66.249.64.0/19|74.125.0.0/16|216.239.32.0/19|64.233.160.0/19|
# 72.14.192.0/18|66.102.0.0/20|66.94.224.0/19|202.160.176.0/20|
# 209.131.32.0/19|209.191.64.0/18|209.73.160.0/19|216.109.112.0/20|216.155.192.0/20|
# 66.196.64.0/18|66.94.224.0/19|68.142.192.0/18|72.30.0.0/16|74.6.0.0/16" {
# access.deny-all = "enable"
#}
The lighty will startup fine but the first TCP connection to the listening port (80) is crashing the lighttpd binary leaving my spawn-fcgi process alones
I'm actually using a workaround wich looks like
$HTTP["remoteip"] != "***.***.0.0/12" {
$HTTP["remoteip"] != "65.52.0.0/14" {
$HTTP["remoteip"] != "66.249.64.0/19" {
$HTTP["remoteip"] != "66.249.64.0/19" {
$HTTP["remoteip"] != "74.125.0.0/16" {
$HTTP["remoteip"] != "74.125.0.0/16" {
$HTTP["remoteip"] != "74.125.0.0/16" {
$HTTP["remoteip"] != "216.239.32.0/19" {
$HTTP["remoteip"] != "64.233.160.0/19" {
$HTTP["remoteip"] != "72.14.192.0/18" {
$HTTP["remoteip"] != "66.102.0.0/20" {
$HTTP["remoteip"] != "66.94.224.0/19" {
$HTTP["remoteip"] != "202.160.176.0/20" {
$HTTP["remoteip"] != "209.131.32.0/19" {
$HTTP["remoteip"] != "209.191.64.0/18" {
$HTTP["remoteip"] != "209.73.160.0/19" {
$HTTP["remoteip"] != "216.109.112.0/20" {
$HTTP["remoteip"] != "216.155.192.0/20" {
$HTTP["remoteip"] != "66.196.64.0/18" {
$HTTP["remoteip"] != "68.142.192.0/18" {
$HTTP["remoteip"] != "72.30.0.0/16" {
$HTTP["remoteip"] != "74.6.0.0/16" {
access.deny-all = "enable"
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
A bit ugly :)
Attachments
Note: See
TracTickets for help on using
tickets.
