diff options
author | Valentin Bartenev <vbart@nginx.com> | 2018-03-15 17:11:13 +0300 |
---|---|---|
committer | Valentin Bartenev <vbart@nginx.com> | 2018-03-15 17:11:13 +0300 |
commit | f81fa2a921c56a8dba42b39dd65efc5fb3abb2d1 (patch) | |
tree | 2e3c74f9e357945364cdbb907a2ac0ada7baa1c7 | |
parent | cf2767625fa164b813ef489795e9eebc11536475 (diff) | |
download | unit-f81fa2a921c56a8dba42b39dd65efc5fb3abb2d1.tar.gz unit-f81fa2a921c56a8dba42b39dd65efc5fb3abb2d1.tar.bz2 |
Python: safety checks for request processing context.
An application can store request related functions and mistakenly call them
outside of request processing. Previously this resulted in segmentation
fault due to unset nxt_python_run_ctx. Now an exception will be raised.
-rw-r--r-- | src/nxt_python_wsgi.c | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/src/nxt_python_wsgi.c b/src/nxt_python_wsgi.c index d2eb5d5b..7c24828a 100644 --- a/src/nxt_python_wsgi.c +++ b/src/nxt_python_wsgi.c @@ -773,6 +773,14 @@ nxt_py_start_resp(PyObject *self, PyObject *args) static const u_char cr_lf[] = "\r\n"; static const u_char sc_sp[] = ": "; + ctx = nxt_python_run_ctx; + + if (nxt_slow_path(ctx == NULL)) { + return PyErr_Format(PyExc_RuntimeError, + "start_response() is called " + "outside of WSGI request processing"); + } + n = PyTuple_GET_SIZE(args); if (n < 2 || n > 3) { @@ -781,8 +789,6 @@ nxt_py_start_resp(PyObject *self, PyObject *args) string = PyTuple_GET_ITEM(args, 0); - ctx = nxt_python_run_ctx; - nxt_python_write(ctx, status, sizeof(status) - 1, 0, 0); rc = nxt_python_write_py_str(ctx, string, 0, 0); @@ -862,6 +868,12 @@ nxt_py_input_read(nxt_py_input_t *self, PyObject *args) ctx = nxt_python_run_ctx; + if (nxt_slow_path(ctx == NULL)) { + return PyErr_Format(PyExc_RuntimeError, + "wsgi.input.read() is called " + "outside of WSGI request processing"); + } + size = ctx->body_preread_size; n = PyTuple_GET_SIZE(args); |