Project

General

Profile

Bug #1476

1.5 r-1992 overflow when parsing "remoteip conditions"

Added by class101 almost 12 years ago. Updated about 3 years ago.

Status:
Obsolete
Priority:
High
Assignee:
-
Category:
core
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Missing in 1.5.x:
Yes

Description

I have found a bug type like overflow that is crashing the lighttpd.


#$HTTP["remoteip"] !~ "65.52.0.0/14|66.249.64.0/19|74.125.0.0/16|216.239.32.0/19|64.233.160.0/19|
#                      72.14.192.0/18|66.102.0.0/20|66.94.224.0/19|202.160.176.0/20|
#                      209.131.32.0/19|209.191.64.0/18|209.73.160.0/19|216.109.112.0/20|216.155.192.0/20|
#                      66.196.64.0/18|66.94.224.0/19|68.142.192.0/18|72.30.0.0/16|74.6.0.0/16" {
#  access.deny-all = "enable" 
#}

The lighty will startup fine but the first TCP connection to the listening port (80) is crashing the lighttpd binary leaving my spawn-fcgi process alones

I'm actually using a workaround wich looks like


$HTTP["remoteip"] != "***.***.0.0/12" {
 $HTTP["remoteip"] != "65.52.0.0/14" { 
 $HTTP["remoteip"] != "66.249.64.0/19" {
 $HTTP["remoteip"] != "66.249.64.0/19" {
 $HTTP["remoteip"] != "74.125.0.0/16" {
 $HTTP["remoteip"] != "74.125.0.0/16" {
 $HTTP["remoteip"] != "74.125.0.0/16" {
 $HTTP["remoteip"] != "216.239.32.0/19" {
 $HTTP["remoteip"] != "64.233.160.0/19" {
 $HTTP["remoteip"] != "72.14.192.0/18" {
 $HTTP["remoteip"] != "66.102.0.0/20" {
 $HTTP["remoteip"] != "66.94.224.0/19" {
 $HTTP["remoteip"] != "202.160.176.0/20" {
 $HTTP["remoteip"] != "209.131.32.0/19" {
 $HTTP["remoteip"] != "209.191.64.0/18" {
 $HTTP["remoteip"] != "209.73.160.0/19" {
 $HTTP["remoteip"] != "216.109.112.0/20" {
 $HTTP["remoteip"] != "216.155.192.0/20" {
 $HTTP["remoteip"] != "66.196.64.0/18" {
 $HTTP["remoteip"] != "68.142.192.0/18" {
 $HTTP["remoteip"] != "72.30.0.0/16" {
 $HTTP["remoteip"] != "74.6.0.0/16" {
  access.deny-all = "enable" 
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}

A bit ugly :)

History

#1

Updated by gstrauss about 3 years ago

  • Description updated (diff)
  • Assignee deleted (jan)
  • Missing in 1.5.x set to Yes

FYI: you probably want to escape the dots ('.') in the regex with "\."

If this is an issue with lighttpd 1.4.x, please file a new issue. Thanks.

#2

Updated by gstrauss about 3 years ago

  • Status changed from New to Obsolete

Also available in: Atom