diff options
| author | Glenn Strauss <gstrauss@gluelogic.com> | 2017-03-05 15:39:45 -0500 |
|---|---|---|
| committer | Glenn Strauss <gstrauss@gluelogic.com> | 2017-03-08 11:42:59 -0500 |
| commit | bd77abe0f81f196006dbd46d7be61e7cc36911be (patch) | |
| tree | 8f3b4ca98ee0a1a5d5a17aea96bdfe536bd8839c | |
| parent | 970f337c29e74b3e5f076cee105abc9739a9bd72 (diff) | |
| download | lighttpd-git-bd77abe0f81f196006dbd46d7be61e7cc36911be.tar.gz | |
[config] more specific checks for array lists
More specific checks on contents of array lists. Each module using
lists now does better checking on the types of values in the list
(strings, integers, arrays/lists)
This helps prevent misconfiguration of things like cgi.assign,
fastcgi.server, and scgi.server, where source code might be
served as static files if parenthesis are misplaced.
x-ref:
https://redmine.lighttpd.net/boards/2/topics/6571
| -rw-r--r-- | src/array.c | 32 | ||||
| -rw-r--r-- | src/array.h | 4 | ||||
| -rw-r--r-- | src/configfile.c | 17 | ||||
| -rw-r--r-- | src/mod_access.c | 12 | ||||
| -rw-r--r-- | src/mod_alias.c | 7 | ||||
| -rw-r--r-- | src/mod_auth.c | 14 | ||||
| -rw-r--r-- | src/mod_cgi.c | 6 | ||||
| -rw-r--r-- | src/mod_cml.c | 6 | ||||
| -rw-r--r-- | src/mod_compress.c | 18 | ||||
| -rw-r--r-- | src/mod_deflate.c | 12 | ||||
| -rw-r--r-- | src/mod_dirlisting.c | 10 | ||||
| -rw-r--r-- | src/mod_expire.c | 12 | ||||
| -rw-r--r-- | src/mod_extforward.c | 12 | ||||
| -rw-r--r-- | src/mod_fastcgi.c | 23 | ||||
| -rw-r--r-- | src/mod_flv_streaming.c | 6 | ||||
| -rw-r--r-- | src/mod_indexfile.c | 6 | ||||
| -rw-r--r-- | src/mod_magnet.c | 12 | ||||
| -rw-r--r-- | src/mod_proxy.c | 23 | ||||
| -rw-r--r-- | src/mod_redirect.c | 18 | ||||
| -rw-r--r-- | src/mod_rewrite.c | 18 | ||||
| -rw-r--r-- | src/mod_scgi.c | 23 | ||||
| -rw-r--r-- | src/mod_setenv.c | 12 | ||||
| -rw-r--r-- | src/mod_skeleton.c | 6 | ||||
| -rw-r--r-- | src/mod_ssi.c | 6 | ||||
| -rw-r--r-- | src/mod_staticfile.c | 6 | ||||
| -rw-r--r-- | src/mod_trigger_b4_dl.c | 6 | ||||
| -rw-r--r-- | src/mod_userdir.c | 12 | ||||
| -rw-r--r-- | src/mod_vhostdb_dbi.c | 6 | ||||
| -rw-r--r-- | src/mod_vhostdb_ldap.c | 6 | ||||
| -rw-r--r-- | src/mod_vhostdb_mysql.c | 6 | ||||
| -rw-r--r-- | src/mod_vhostdb_pgsql.c | 6 |
31 files changed, 272 insertions, 91 deletions
diff --git a/src/array.c b/src/array.c index 75610eeb..ee2f0dd1 100644 --- a/src/array.c +++ b/src/array.c @@ -285,6 +285,38 @@ void array_insert_unique(array *a, data_unset *entry) { } } +int array_is_vlist(array *a) { + for (size_t i = 0; i < a->used; ++i) { + data_unset *du = a->data[i]; + if (!du->is_index_key || du->type != TYPE_STRING) return 0; + } + return 1; +} + +int array_is_kvany(array *a) { + for (size_t i = 0; i < a->used; ++i) { + data_unset *du = a->data[i]; + if (du->is_index_key) return 0; + } + return 1; +} + +int array_is_kvarray(array *a) { + for (size_t i = 0; i < a->used; ++i) { + data_unset *du = a->data[i]; + if (du->is_index_key || du->type != TYPE_ARRAY) return 0; + } + return 1; +} + +int array_is_kvstring(array *a) { + for (size_t i = 0; i < a->used; ++i) { + data_unset *du = a->data[i]; + if (du->is_index_key || du->type != TYPE_STRING) return 0; + } + return 1; +} + void array_print_indent(int depth) { int i; for (i = 0; i < depth; i ++) { diff --git a/src/array.h b/src/array.h index 6a37ff40..81a6d8ca 100644 --- a/src/array.h +++ b/src/array.h @@ -157,6 +157,10 @@ void array_free(array *a); void array_reset(array *a); void array_insert_unique(array *a, data_unset *entry); data_unset *array_pop(array *a); /* only works on "simple" lists with autogenerated keys */ +int array_is_vlist(array *a); +int array_is_kvany(array *a); +int array_is_kvarray(array *a); +int array_is_kvstring(array *a); int array_print(array *a, int depth); data_unset *array_get_unused_element(array *a, data_type_t t); data_unset *array_get_element(array *a, const char *key); diff --git a/src/configfile.c b/src/configfile.c index 6930de8d..1b2697bd 100644 --- a/src/configfile.c +++ b/src/configfile.c @@ -335,6 +335,11 @@ static int config_insert(server *srv) { s->stream_response_body |= FDEVENT_STREAM_RESPONSE; } + if (!array_is_kvstring(s->mimetypes)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for mimetype.assign; expected list of \"ext\" => \"mimetype\""); + } + #if !(defined HAVE_LIBSSL && defined HAVE_OPENSSL_SSL_H) if (s->ssl_enabled) { log_error_write(srv, __FILE__, __LINE__, "s", @@ -376,6 +381,18 @@ static int config_insert(server *srv) { buffer_free(stat_cache_string); + if (!array_is_vlist(srv->srvconf.upload_tempdirs)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for server.upload-dirs; expected list of \"path\" strings"); + ret = HANDLER_ERROR; + } + + if (!array_is_vlist(srv->srvconf.modules)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for server.modules; expected list of \"mod_xxxxxx\" strings"); + ret = HANDLER_ERROR; + } + { data_string *ds; int prepend_mod_indexfile = 1; diff --git a/src/mod_access.c b/src/mod_access.c index c450e76c..24b4bd8b 100644 --- a/src/mod_access.c +++ b/src/mod_access.c @@ -86,6 +86,18 @@ SETDEFAULTS_FUNC(mod_access_set_defaults) { if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) { return HANDLER_ERROR; } + + if (!array_is_vlist(s->access_deny)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for url.access-deny; expected list of \"suffix\""); + return HANDLER_ERROR; + } + + if (!array_is_vlist(s->access_allow)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for url.access-allow; expected list of \"suffix\""); + return HANDLER_ERROR; + } } return HANDLER_GO_ON; diff --git a/src/mod_alias.c b/src/mod_alias.c index 0421d714..a19556db 100644 --- a/src/mod_alias.c +++ b/src/mod_alias.c @@ -89,6 +89,13 @@ SETDEFAULTS_FUNC(mod_alias_set_defaults) { if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) { return HANDLER_ERROR; } + + if (!array_is_kvstring(s->alias)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for alias.url; expected list of \"urlpath\" => \"filepath\""); + return HANDLER_ERROR; + } + if (s->alias->used >= 2) { const array *a = s->alias; size_t j, k; diff --git a/src/mod_auth.c b/src/mod_auth.c index 3fe1c612..87fc19b8 100644 --- a/src/mod_auth.c +++ b/src/mod_auth.c @@ -242,7 +242,13 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults) { /* no auth.require for this section */ if (NULL == (da = (data_array *)array_get_element(config->value, "auth.require"))) continue; - if (da->type != TYPE_ARRAY) continue; + if (da->type != TYPE_ARRAY || !array_is_kvarray(da->value)) { + log_error_write(srv, __FILE__, __LINE__, "ss", + "unexpected value for auth.require; expected ", + "auth.require = ( \"urlpath\" => ( \"option\" => \"value\" ) )"); + return HANDLER_ERROR; + } + for (n = 0; n < da->value->used; n++) { size_t m; @@ -250,10 +256,10 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults) { const buffer *method = NULL, *realm = NULL, *require = NULL; const http_auth_scheme_t *auth_scheme; - if (da->value->data[n]->type != TYPE_ARRAY) { + if (!array_is_kvstring(da_file->value)) { log_error_write(srv, __FILE__, __LINE__, "ss", - "auth.require should contain an array as in:", - "auth.require = ( \"...\" => ( ..., ...) )"); + "unexpected value for auth.require; expected ", + "auth.require = ( \"urlpath\" => ( \"option\" => \"value\" ) )"); return HANDLER_ERROR; } diff --git a/src/mod_cgi.c b/src/mod_cgi.c index 4ee4b820..2a50fd35 100644 --- a/src/mod_cgi.c +++ b/src/mod_cgi.c @@ -207,6 +207,12 @@ SETDEFAULTS_FUNC(mod_fastcgi_set_defaults) { return HANDLER_ERROR; } + if (!array_is_kvstring(s->cgi)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for cgi.assign; expected list of \"ext\" => \"exepath\""); + return HANDLER_ERROR; + } + if (s->xsendfile_docroot->used) { size_t j; for (j = 0; j < s->xsendfile_docroot->used; ++j) { diff --git a/src/mod_cml.c b/src/mod_cml.c index 0b264816..6fcc4622 100644 --- a/src/mod_cml.c +++ b/src/mod_cml.c @@ -111,6 +111,12 @@ SETDEFAULTS_FUNC(mod_cml_set_defaults) { return HANDLER_ERROR; } + if (!array_is_vlist(s->mc_hosts)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for cml.memcache-hosts; expected list of \"host\""); + return HANDLER_ERROR; + } + if (s->mc_hosts->used) { #if defined(USE_MEMCACHED) buffer *option_string = buffer_init(); diff --git a/src/mod_compress.c b/src/mod_compress.c index bbd3e71a..391108ee 100644 --- a/src/mod_compress.c +++ b/src/mod_compress.c @@ -213,6 +213,18 @@ SETDEFAULTS_FUNC(mod_compress_setdefaults) { s->max_loadavg = strtod(srv->tmp_buf->ptr, NULL); } + if (!array_is_vlist(s->compress)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for compress.filetype; expected list of \"mimetype\""); + return HANDLER_ERROR; + } + + if (!array_is_vlist(encodings_arr)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for compress.allowed-encodings; expected list of \"encoding\""); + return HANDLER_ERROR; + } + if (encodings_arr->used) { size_t j = 0; for (j = 0; j < encodings_arr->used; j++) { @@ -882,12 +894,6 @@ PHYSICALPATH_FUNC(mod_compress_physical) { for (m = 0; m < p->conf.compress->used; m++) { data_string *compress_ds = (data_string *)p->conf.compress->data[m]; - if (!compress_ds) { - log_error_write(srv, __FILE__, __LINE__, "sbb", "evil", con->physical.path, con->uri.path); - - return HANDLER_GO_ON; - } - if (buffer_is_equal(compress_ds->value, sce->content_type) || (content_type && buffer_is_equal(compress_ds->value, content_type))) { /* mimetype found */ diff --git a/src/mod_deflate.c b/src/mod_deflate.c index be51dec6..572fb5fa 100644 --- a/src/mod_deflate.c +++ b/src/mod_deflate.c @@ -324,6 +324,18 @@ SETDEFAULTS_FUNC(mod_deflate_setdefaults) { s->max_loadavg = strtod(p->tmp_buf->ptr, NULL); } + if (!array_is_vlist(s->mimetypes)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for deflate.mimetypes; expected list of \"mimetype\""); + return HANDLER_ERROR; + } + + if (!array_is_vlist(p->encodings)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for deflate.allowed-encodings; expected list of \"encoding\""); + return HANDLER_ERROR; + } + if (p->encodings->used) { size_t j = 0; for (j = 0; j < p->encodings->used; j++) { diff --git a/src/mod_dirlisting.c b/src/mod_dirlisting.c index c881e94a..8099cee7 100644 --- a/src/mod_dirlisting.c +++ b/src/mod_dirlisting.c @@ -292,14 +292,14 @@ SETDEFAULTS_FUNC(mod_dirlisting_set_defaults) { array *excludes_list; size_t j; - if (du_excludes->type != TYPE_ARRAY) { - log_error_write(srv, __FILE__, __LINE__, "sss", - "unexpected type for key: ", CONFIG_EXCLUDE, "array of strings"); + excludes_list = ((data_array*)du_excludes)->value; + + if (du_excludes->type != TYPE_ARRAY || !array_is_vlist(excludes_list)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected type for " CONFIG_EXCLUDE "; expected list of \"regex\""); return HANDLER_ERROR; } - excludes_list = ((data_array*)du_excludes)->value; - #ifndef HAVE_PCRE_H if (excludes_list->used > 0) { log_error_write(srv, __FILE__, __LINE__, "sss", diff --git a/src/mod_expire.c b/src/mod_expire.c index 460aeee1..c06488ca 100644 --- a/src/mod_expire.c +++ b/src/mod_expire.c @@ -246,6 +246,12 @@ SETDEFAULTS_FUNC(mod_expire_set_defaults) { return HANDLER_ERROR; } + if (!array_is_kvstring(s->expire_url)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for expire.url; expected list of \"urlpath\" => \"expiration\""); + return HANDLER_ERROR; + } + for (k = 0; k < s->expire_url->used; k++) { data_string *ds = (data_string *)s->expire_url->data[k]; @@ -257,6 +263,12 @@ SETDEFAULTS_FUNC(mod_expire_set_defaults) { } } + if (!array_is_kvstring(s->expire_mimetypes)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for expire.mimetypes; expected list of \"mimetype\" => \"expiration\""); + return HANDLER_ERROR; + } + for (k = 0; k < s->expire_mimetypes->used; k++) { data_string *ds = (data_string *)s->expire_mimetypes->data[k]; diff --git a/src/mod_extforward.c b/src/mod_extforward.c index 60e2e1fc..a96e722d 100644 --- a/src/mod_extforward.c +++ b/src/mod_extforward.c @@ -181,6 +181,18 @@ SETDEFAULTS_FUNC(mod_extforward_set_defaults) { if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) { return HANDLER_ERROR; } + + if (!array_is_kvstring(s->forwarder)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for extforward.forwarder; expected list of \"IPaddr\" => \"trust\""); + return HANDLER_ERROR; + } + + if (!array_is_vlist(s->headers)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for extforward.headers; expected list of \"headername\""); + return HANDLER_ERROR; + } } return HANDLER_GO_ON; diff --git a/src/mod_fastcgi.c b/src/mod_fastcgi.c index 1522b9eb..cd843389 100644 --- a/src/mod_fastcgi.c +++ b/src/mod_fastcgi.c @@ -1312,9 +1312,9 @@ SETDEFAULTS_FUNC(mod_fastcgi_set_defaults) { size_t j; data_array *da = (data_array *)du; - if (du->type != TYPE_ARRAY) { - log_error_write(srv, __FILE__, __LINE__, "sss", - "unexpected type for key: ", "fastcgi.server", "expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))"); + if (du->type != TYPE_ARRAY || !array_is_kvarray(da->value)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for fastcgi.server; expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))"); goto error; } @@ -1332,14 +1332,6 @@ SETDEFAULTS_FUNC(mod_fastcgi_set_defaults) { size_t n; data_array *da_ext = (data_array *)da->value->data[j]; - if (da->value->data[j]->type != TYPE_ARRAY) { - log_error_write(srv, __FILE__, __LINE__, "sssbs", - "unexpected type for key: ", "fastcgi.server", - "[", da->value->data[j]->key, "](string); expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))"); - - goto error; - } - /* * da_ext->key == name of the extension */ @@ -1383,11 +1375,10 @@ SETDEFAULTS_FUNC(mod_fastcgi_set_defaults) { }; unsigned short host_mode = FCGI_RESPONDER; - if (da_host->type != TYPE_ARRAY) { - log_error_write(srv, __FILE__, __LINE__, "ssSBS", - "unexpected type for key:", - "fastcgi.server", - "[", da_host->key, "](string); expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))"); + if (da_host->type != TYPE_ARRAY || !array_is_kvany(da_host->value)) { + log_error_write(srv, __FILE__, __LINE__, "SBS", + "unexpected value for fastcgi.server near [", + da_host->key, "](string); expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))"); goto error; } diff --git a/src/mod_flv_streaming.c b/src/mod_flv_streaming.c index 9db17e48..8724ab6b 100644 --- a/src/mod_flv_streaming.c +++ b/src/mod_flv_streaming.c @@ -102,6 +102,12 @@ SETDEFAULTS_FUNC(mod_flv_streaming_set_defaults) { if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) { return HANDLER_ERROR; } + + if (!array_is_vlist(s->extensions)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for flv-streaming.extensions; expected list of \"ext\""); + return HANDLER_ERROR; + } } return HANDLER_GO_ON; diff --git a/src/mod_indexfile.c b/src/mod_indexfile.c index 90829d43..f2a45888 100644 --- a/src/mod_indexfile.c +++ b/src/mod_indexfile.c @@ -100,6 +100,12 @@ SETDEFAULTS_FUNC(mod_indexfile_set_defaults) { if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) { return HANDLER_ERROR; } + + if (!array_is_vlist(s->indexfiles)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for index-file.names; expected list of \"file\""); + return HANDLER_ERROR; + } } return HANDLER_GO_ON; diff --git a/src/mod_magnet.c b/src/mod_magnet.c index a2e020ad..0329166c 100644 --- a/src/mod_magnet.c +++ b/src/mod_magnet.c @@ -126,6 +126,18 @@ SETDEFAULTS_FUNC(mod_magnet_set_defaults) { if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) { return HANDLER_ERROR; } + + if (!array_is_vlist(s->url_raw)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for magnet.attract-raw-url-to; expected list of \"scriptpath\""); + return HANDLER_ERROR; + } + + if (!array_is_vlist(s->physical_path)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for magnet.attract-physical-path-to; expected list \"scriptpath\""); + return HANDLER_ERROR; + } } return HANDLER_GO_ON; diff --git a/src/mod_proxy.c b/src/mod_proxy.c index 571b7b50..85279dfb 100644 --- a/src/mod_proxy.c +++ b/src/mod_proxy.c @@ -240,9 +240,9 @@ SETDEFAULTS_FUNC(mod_proxy_set_defaults) { size_t j; data_array *da = (data_array *)du; - if (du->type != TYPE_ARRAY) { - log_error_write(srv, __FILE__, __LINE__, "sss", - "unexpected type for key: ", "proxy.server", "expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))"); + if (du->type != TYPE_ARRAY || !array_is_kvarray(da->value)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for proxy.server; expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))"); return HANDLER_ERROR; } @@ -256,14 +256,6 @@ SETDEFAULTS_FUNC(mod_proxy_set_defaults) { data_array *da_ext = (data_array *)da->value->data[j]; size_t n; - if (da_ext->type != TYPE_ARRAY) { - log_error_write(srv, __FILE__, __LINE__, "sssbs", - "unexpected type for key: ", "proxy.server", - "[", da->value->data[j]->key, "](string); expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))"); - - return HANDLER_ERROR; - } - /* * proxy.server = ( "<ext>" => * ( "<host>" => ( ... ), @@ -284,11 +276,10 @@ SETDEFAULTS_FUNC(mod_proxy_set_defaults) { { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET } }; - if (da_host->type != TYPE_ARRAY) { - log_error_write(srv, __FILE__, __LINE__, "ssSBS", - "unexpected type for key:", - "proxy.server", - "[", da_ext->value->data[n]->key, "](string); expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))"); + if (da_host->type != TYPE_ARRAY || !array_is_kvany(da_host->value)) { + log_error_write(srv, __FILE__, __LINE__, "SBS", + "unexpected value for proxy.server near [", + da_host->key, "](string); expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))"); return HANDLER_ERROR; } diff --git a/src/mod_redirect.c b/src/mod_redirect.c index e0ee5bae..4812e90d 100644 --- a/src/mod_redirect.c +++ b/src/mod_redirect.c @@ -107,25 +107,15 @@ SETDEFAULTS_FUNC(mod_redirect_set_defaults) { continue; } - if (du->type != TYPE_ARRAY) { - log_error_write(srv, __FILE__, __LINE__, "sss", - "unexpected type for key: ", "url.redirect", "array of strings"); + da = (data_array *)du; + if (du->type != TYPE_ARRAY || !array_is_kvstring(da->value)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for url.redirect; expected list of \"regex\" => \"redirect\""); return HANDLER_ERROR; } - da = (data_array *)du; - for (j = 0; j < da->value->used; j++) { - if (da->value->data[j]->type != TYPE_STRING) { - log_error_write(srv, __FILE__, __LINE__, "sssbs", - "unexpected type for key: ", - "url.redirect", - "[", da->value->data[j]->key, "](string)"); - - return HANDLER_ERROR; - } - if (0 != pcre_keyvalue_buffer_append(srv, s->redirect, ((data_string *)(da->value->data[j]))->key->ptr, ((data_string *)(da->value->data[j]))->value->ptr)) { diff --git a/src/mod_rewrite.c b/src/mod_rewrite.c index 2e5fd063..7ed56f8d 100644 --- a/src/mod_rewrite.c +++ b/src/mod_rewrite.c @@ -171,25 +171,15 @@ static int parse_config_entry(server *srv, array *ca, rewrite_rule_buffer *kvb, data_array *da; size_t j; - if (du->type != TYPE_ARRAY) { - log_error_write(srv, __FILE__, __LINE__, "sss", - "unexpected type for key: ", option, "array of strings"); + da = (data_array *)du; + if (du->type != TYPE_ARRAY || !array_is_kvstring(da->value)) { + log_error_write(srv, __FILE__, __LINE__, "SSS", + "unexpected value for ", option, "; expected list of \"regex\" => \"subst\""); return HANDLER_ERROR; } - da = (data_array *)du; - for (j = 0; j < da->value->used; j++) { - if (da->value->data[j]->type != TYPE_STRING) { - log_error_write(srv, __FILE__, __LINE__, "sssbs", - "unexpected type for key: ", - option, - "[", da->value->data[j]->key, "](string)"); - - return HANDLER_ERROR; - } - if (0 != rewrite_rule_buffer_append(kvb, ((data_string *)(da->value->data[j]))->key, ((data_string *)(da->value->data[j]))->value, diff --git a/src/mod_scgi.c b/src/mod_scgi.c index a999e799..ef6ab98a 100644 --- a/src/mod_scgi.c +++ b/src/mod_scgi.c @@ -1072,9 +1072,9 @@ SETDEFAULTS_FUNC(mod_scgi_set_defaults) { size_t j; data_array *da = (data_array *)du; - if (du->type != TYPE_ARRAY) { - log_error_write(srv, __FILE__, __LINE__, "sss", - "unexpected type for key: ", "scgi.server", "expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))"); + if (du->type != TYPE_ARRAY || !array_is_kvarray(da->value)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for scgi.server; expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))"); goto error; } @@ -1089,14 +1089,6 @@ SETDEFAULTS_FUNC(mod_scgi_set_defaults) { size_t n; data_array *da_ext = (data_array *)da->value->data[j]; - if (da->value->data[j]->type != TYPE_ARRAY) { - log_error_write(srv, __FILE__, __LINE__, "sssbs", - "unexpected type for key: ", "scgi.server", - "[", da->value->data[j]->key, "](string); expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))"); - - goto error; - } - /* * da_ext->key == name of the extension */ @@ -1137,11 +1129,10 @@ SETDEFAULTS_FUNC(mod_scgi_set_defaults) { { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET } }; - if (da_host->type != TYPE_ARRAY) { - log_error_write(srv, __FILE__, __LINE__, "ssSBS", - "unexpected type for key:", - "scgi.server", - "[", da_host->key, "](string); expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))"); + if (da_host->type != TYPE_ARRAY || !array_is_kvany(da_host->value)) { + log_error_write(srv, __FILE__, __LINE__, "SBS", + "unexpected value for scgi.server near [", + da_host->key, "](string); expected ( \"ext\" => ( \"backend-label\" => ( \"key\" => \"value\" )))"); goto error; } diff --git a/src/mod_setenv.c b/src/mod_setenv.c index 52ea5317..ec5e6dbb 100644 --- a/src/mod_setenv.c +++ b/src/mod_setenv.c @@ -135,6 +135,18 @@ SETDEFAULTS_FUNC(mod_setenv_set_defaults) { if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) { return HANDLER_ERROR; } + + if ( !array_is_kvstring(s->request_header) + || !array_is_kvstring(s->response_header) + || !array_is_kvstring(s->environment) + || !array_is_kvstring(s->set_request_header) + || !array_is_kvstring(s->set_response_header) + || !array_is_kvstring(s->set_environment)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for setenv.xxxxxx; expected list of \"envvar\" => \"value\""); + return HANDLER_ERROR; + } + } return HANDLER_GO_ON; diff --git a/src/mod_skeleton.c b/src/mod_skeleton.c index 9ad6c630..32996a18 100644 --- a/src/mod_skeleton.c +++ b/src/mod_skeleton.c @@ -126,6 +126,12 @@ SETDEFAULTS_FUNC(mod_skeleton_set_defaults) { if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) { return HANDLER_ERROR; } + + if (!array_is_vlist(s->match)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for skeleton.array; expected list of \"urlpath\""); + return HANDLER_ERROR; + } } return HANDLER_GO_ON; diff --git a/src/mod_ssi.c b/src/mod_ssi.c index 7be16f9e..a260ad47 100644 --- a/src/mod_ssi.c +++ b/src/mod_ssi.c @@ -146,6 +146,12 @@ SETDEFAULTS_FUNC(mod_ssi_set_defaults) { if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) { return HANDLER_ERROR; } + + if (!array_is_vlist(s->ssi_extension)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for ssi.extension; expected list of \"ext\""); + return HANDLER_ERROR; + } } return HANDLER_GO_ON; diff --git a/src/mod_staticfile.c b/src/mod_staticfile.c index 66b75c26..e4fb52a1 100644 --- a/src/mod_staticfile.c +++ b/src/mod_staticfile.c @@ -110,6 +110,12 @@ SETDEFAULTS_FUNC(mod_staticfile_set_defaults) { if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) { return HANDLER_ERROR; } + + if (!array_is_vlist(s->exclude_ext)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for static-file.exclude-extensions; expected list of \"ext\""); + return HANDLER_ERROR; + } } return HANDLER_GO_ON; diff --git a/src/mod_trigger_b4_dl.c b/src/mod_trigger_b4_dl.c index ffdb6dc8..4301468b 100644 --- a/src/mod_trigger_b4_dl.c +++ b/src/mod_trigger_b4_dl.c @@ -212,6 +212,12 @@ SETDEFAULTS_FUNC(mod_trigger_b4_dl_set_defaults) { } #endif + if (!array_is_vlist(s->mc_hosts)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for trigger-before-download.memcache-hosts; expected list of \"host\""); + return HANDLER_ERROR; + } + if (s->mc_hosts->used) { #if defined(USE_MEMCACHED) buffer *option_string = buffer_init(); diff --git a/src/mod_userdir.c b/src/mod_userdir.c index 377edcdc..189c2b27 100644 --- a/src/mod_userdir.c +++ b/src/mod_userdir.c @@ -128,6 +128,18 @@ SETDEFAULTS_FUNC(mod_userdir_set_defaults) { if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) { return HANDLER_ERROR; } + + if (!array_is_vlist(s->exclude_user)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for userdir.exclude-user; expected list of \"suffix\""); + return HANDLER_ERROR; + } + + if (!array_is_vlist(s->include_user)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for userdir.include-user; expected list of \"suffix\""); + return HANDLER_ERROR; + } } return HANDLER_GO_ON; diff --git a/src/mod_vhostdb_dbi.c b/src/mod_vhostdb_dbi.c index f6790b4a..d658364e 100644 --- a/src/mod_vhostdb_dbi.c +++ b/src/mod_vhostdb_dbi.c @@ -273,6 +273,12 @@ SETDEFAULTS_FUNC(mod_vhostdb_set_defaults) { return HANDLER_ERROR; } + if (!array_is_kvany(s->options)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for vhostdb.dbi; expected list of \"option\" => \"value\""); + return HANDLER_ERROR; + } + if (s->options->used && 0 != mod_vhostdb_dbconf_setup(srv, s->options, &s->vdata)) { return HANDLER_ERROR; diff --git a/src/mod_vhostdb_ldap.c b/src/mod_vhostdb_ldap.c index 811b94f3..98f7c072 100644 --- a/src/mod_vhostdb_ldap.c +++ b/src/mod_vhostdb_ldap.c @@ -461,6 +461,12 @@ SETDEFAULTS_FUNC(mod_vhostdb_set_defaults) { return HANDLER_ERROR; } + if (!array_is_kvstring(s->options)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for vhostdb.ldap; expected list of \"option\" => \"value\""); + return HANDLER_ERROR; + } + if (s->options->used && 0 != mod_vhostdb_dbconf_setup(srv, s->options, &s->vdata)) { return HANDLER_ERROR; diff --git a/src/mod_vhostdb_mysql.c b/src/mod_vhostdb_mysql.c index 5490cef6..d890530c 100644 --- a/src/mod_vhostdb_mysql.c +++ b/src/mod_vhostdb_mysql.c @@ -237,6 +237,12 @@ SETDEFAULTS_FUNC(mod_vhostdb_set_defaults) { return HANDLER_ERROR; } + if (!array_is_kvstring(s->options)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for vhostdb.mysql; expected list of \"option\" => \"value\""); + return HANDLER_ERROR; + } + if (s->options->used && 0 != mod_vhostdb_dbconf_setup(srv, s->options, &s->vdata)) { return HANDLER_ERROR; diff --git a/src/mod_vhostdb_pgsql.c b/src/mod_vhostdb_pgsql.c index 8378cb5f..5d33c604 100644 --- a/src/mod_vhostdb_pgsql.c +++ b/src/mod_vhostdb_pgsql.c @@ -215,6 +215,12 @@ SETDEFAULTS_FUNC(mod_vhostdb_set_defaults) { return HANDLER_ERROR; } + if (!array_is_kvstring(s->options)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for vhostdb.pgsql; expected list of \"option\" => \"value\""); + return HANDLER_ERROR; + } + if (s->options->used && 0 != mod_vhostdb_dbconf_setup(srv, s->options, &s->vdata)) { return HANDLER_ERROR; |