Merged with the default branch.

18 files changed, 98 insertions, 24 deletions

diff --git a/.hgtags b/.hgtags
index a50b81b6..9bbaa141 100644
--- a/.hgtags
+++ b/.hgtags
@@ -17,3 +17,4 @@ d411e7fdee9e03036adb652f8d9f4c45a420bdd5 1.6
 01160bbced577121cb14d0b86ec1f8bb764cfab2 1.6-1
 784b45adb0fe8bdd707510f59ed18309087e5c21 1.7
 abb8cfb421f608df1c23f5c333c5f049a79a681a 1.7-1
+0f04ef991fbc1dadbc590ab7fb229d4f3d6357bc 1.7.1
diff --git a/CHANGES b/CHANGES
index 674120ac..72a21c3f 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,15 @@
 
+Changes with Unit 1.7.1                                          07 Feb 2019
+
+    *) Security: a heap memory buffer overflow might have been caused in the
+       router process by a specially crafted request, potentially resulting
+       in a segmentation fault or other unspecified behavior
+       (CVE-2019-7401).
+
+    *) Bugfix: install of Go module failed without prior building of Unit
+       daemon; the bug had appeared in 1.7.
+
+
 Changes with Unit 1.7                                            20 Dec 2018
 
     *) Change: now rpath is set in Ruby module only if the library was not
diff --git a/NOTICE b/NOTICE
index 613f1612..35f52459 100644
--- a/NOTICE
+++ b/NOTICE
@@ -1,10 +1,11 @@
 
    NGINX Unit.
 
-   Copyright 2017-2018 NGINX, Inc.
-   Copyright 2017-2018 Igor Sysoev
-   Copyright 2017-2018 Valentin V. Bartenev
-   Copyright 2017-2018 Max Romanov
+   Copyright 2017-2019 NGINX, Inc.
+   Copyright 2017-2019 Igor Sysoev
+   Copyright 2017-2019 Valentin V. Bartenev
+   Copyright 2017-2019 Max Romanov
+   Copyright 2018-2019 Alexander Borisov
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.
diff --git a/auto/modules/go b/auto/modules/go
index 7abd1e73..e9b2321d 100644
--- a/auto/modules/go
+++ b/auto/modules/go
@@ -103,7 +103,7 @@ ${NXT_GO}:
 
 ${NXT_GO}-install: ${NXT_GO}-install-build
 
-${NXT_GO}-install-src:
+${NXT_GO}-install-src: ${NXT_BUILD_DIR}/nxt_unit_version.h
 	install -d \$(DESTDIR)\$(NXT_GO_DST)/src/nginx/unit
 	install -p -m644 ./src/*.h ./build/*.h ./src/go/unit/* \
     ./src/nxt_unit.c ./src/nxt_lvlhsh.c ./src/nxt_murmur_hash.c \
diff --git a/docs/changes.xml b/docs/changes.xml
index 6a1f8a9b..7ba44384 100644
--- a/docs/changes.xml
+++ b/docs/changes.xml
@@ -20,6 +20,60 @@ Initial release of Python 3.7 module for NGINX Unit.
 
 <changes apply="unit-php
                 unit-python unit-python2.7
+                unit-python3.4 unit-python3.5 unit-python3.6 unit-python3.7
+                unit-go unit-go1.7 unit-go1.8 unit-go1.9 unit-go1.10
+                unit-perl
+                unit-ruby"
+         ver="1.7.1" rev="1"
+         date="2019-02-07" time="18:00:00 +0300"
+         packager="Andrei Belov &lt;defan@nginx.com&gt;">
+
+<change>
+<para>
+NGINX Unit updated to 1.7.1.
+</para>
+</change>
+
+</changes>
+
+
+<changes apply="unit" ver="1.7.1" rev="1"
+         date="2019-02-07" time="18:00:00 +0300"
+         packager="Andrei Belov &lt;defan@nginx.com&gt;">
+
+<change type="security">
+<para>
+a heap memory buffer overflow might have been caused in the router process by
+a specially crafted request, potentially resulting in a segmentation fault or
+other unspecified behavior (CVE-2019-7401).
+</para>
+</change>
+
+<change type="bugfix">
+<para>
+install of Go module failed without prior building of Unit daemon;
+the bug had appeared in 1.7.
+</para>
+</change>
+
+</changes>
+
+
+<changes apply="unit-python3.7" ver="1.7" rev="1"
+         date="2018-12-25" time="10:30:00 +0300"
+         packager="Andrei Belov &lt;defan@nginx.com&gt;">
+
+<change>
+<para>
+Initial release of Python 3.7 module for NGINX Unit.
+</para>
+</change>
+
+</changes>
+
+
+<changes apply="unit-php
+                unit-python unit-python2.7
                 unit-python3.4 unit-python3.5 unit-python3.6
                 unit-go unit-go1.7 unit-go1.8 unit-go1.9 unit-go1.10
                 unit-perl
diff --git a/pkg/deb/debian/copyright b/pkg/deb/debian/copyright
index b795c3a0..fe52d6aa 100644
--- a/pkg/deb/debian/copyright
+++ b/pkg/deb/debian/copyright
@@ -1,10 +1,11 @@
 
    NGINX Unit.
 
-   Copyright 2017-2018 NGINX, Inc.
-   Copyright 2017-2018 Igor Sysoev
-   Copyright 2017-2018 Valentin V. Bartenev
-   Copyright 2017-2018 Max Romanov
+   Copyright 2017-2019 NGINX, Inc.
+   Copyright 2017-2019 Igor Sysoev
+   Copyright 2017-2019 Valentin V. Bartenev
+   Copyright 2017-2019 Max Romanov
+   Copyright 2018-2019 Alexander Borisov
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.
diff --git a/pkg/docker/Dockerfile.full b/pkg/docker/Dockerfile.full
index c513bb1e..99b18fc1 100644
--- a/pkg/docker/Dockerfile.full
+++ b/pkg/docker/Dockerfile.full
@@ -2,7 +2,7 @@ FROM debian:stretch-slim
 
 LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
 
-ENV UNIT_VERSION          1.7-1~stretch
+ENV UNIT_VERSION          1.7.1-1~stretch
 
 RUN set -x \
 	&& apt-get update \
diff --git a/pkg/docker/Dockerfile.go1.7-dev b/pkg/docker/Dockerfile.go1.7-dev
index 7c8b2af2..eb75e7b0 100644
--- a/pkg/docker/Dockerfile.go1.7-dev
+++ b/pkg/docker/Dockerfile.go1.7-dev
@@ -2,7 +2,7 @@ FROM debian:stretch-slim
 
 LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
 
-ENV UNIT_VERSION          1.7-1~stretch
+ENV UNIT_VERSION          1.7.1-1~stretch
 
 RUN set -x \
 	&& apt-get update \
diff --git a/pkg/docker/Dockerfile.go1.8-dev b/pkg/docker/Dockerfile.go1.8-dev
index aecdeb41..c60853ac 100644
--- a/pkg/docker/Dockerfile.go1.8-dev
+++ b/pkg/docker/Dockerfile.go1.8-dev
@@ -2,7 +2,7 @@ FROM debian:stretch-slim
 
 LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
 
-ENV UNIT_VERSION          1.7-1~stretch
+ENV UNIT_VERSION          1.7.1-1~stretch
 
 RUN set -x \
 	&& apt-get update \
diff --git a/pkg/docker/Dockerfile.minimal b/pkg/docker/Dockerfile.minimal
index 0c42a942..f944da7f 100644
--- a/pkg/docker/Dockerfile.minimal
+++ b/pkg/docker/Dockerfile.minimal
@@ -2,7 +2,7 @@ FROM debian:stretch-slim
 
 LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
 
-ENV UNIT_VERSION          1.7-1~stretch
+ENV UNIT_VERSION          1.7.1-1~stretch
 
 RUN set -x \
 	&& apt-get update \
diff --git a/pkg/docker/Dockerfile.perl5.24 b/pkg/docker/Dockerfile.perl5.24
index a7c8c9dc..ee3ba4bf 100644
--- a/pkg/docker/Dockerfile.perl5.24
+++ b/pkg/docker/Dockerfile.perl5.24
@@ -2,7 +2,7 @@ FROM debian:stretch-slim
 
 LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
 
-ENV UNIT_VERSION          1.7-1~stretch
+ENV UNIT_VERSION          1.7.1-1~stretch
 
 RUN set -x \
 	&& apt-get update \
diff --git a/pkg/docker/Dockerfile.php7.0 b/pkg/docker/Dockerfile.php7.0
index 48aa472a..4468dafd 100644
--- a/pkg/docker/Dockerfile.php7.0
+++ b/pkg/docker/Dockerfile.php7.0
@@ -2,7 +2,7 @@ FROM debian:stretch-slim
 
 LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
 
-ENV UNIT_VERSION          1.7-1~stretch
+ENV UNIT_VERSION          1.7.1-1~stretch
 
 RUN set -x \
 	&& apt-get update \
diff --git a/pkg/docker/Dockerfile.python2.7 b/pkg/docker/Dockerfile.python2.7
index fdd0bc7a..dec5d3cf 100644
--- a/pkg/docker/Dockerfile.python2.7
+++ b/pkg/docker/Dockerfile.python2.7
@@ -2,7 +2,7 @@ FROM debian:stretch-slim
 
 LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
 
-ENV UNIT_VERSION          1.7-1~stretch
+ENV UNIT_VERSION          1.7.1-1~stretch
 
 RUN set -x \
 	&& apt-get update \
diff --git a/pkg/docker/Dockerfile.python3.5 b/pkg/docker/Dockerfile.python3.5
index da6f825a..0d93fb07 100644
--- a/pkg/docker/Dockerfile.python3.5
+++ b/pkg/docker/Dockerfile.python3.5
@@ -2,7 +2,7 @@ FROM debian:stretch-slim
 
 LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
 
-ENV UNIT_VERSION          1.7-1~stretch
+ENV UNIT_VERSION          1.7.1-1~stretch
 
 RUN set -x \
 	&& apt-get update \
diff --git a/pkg/docker/Dockerfile.ruby2.3 b/pkg/docker/Dockerfile.ruby2.3
index 0672a8c1..ff9474cc 100644
--- a/pkg/docker/Dockerfile.ruby2.3
+++ b/pkg/docker/Dockerfile.ruby2.3
@@ -2,7 +2,7 @@ FROM debian:stretch-slim
 
 LABEL maintainer="NGINX Docker Maintainers <docker-maint@nginx.com>"
 
-ENV UNIT_VERSION          1.7-1~stretch
+ENV UNIT_VERSION          1.7.1-1~stretch
 
 RUN set -x \
 	&& apt-get update \
diff --git a/src/nxt_http_error.c b/src/nxt_http_error.c
index 65f8ba38..99d27903 100644
--- a/src/nxt_http_error.c
+++ b/src/nxt_http_error.c
@@ -37,7 +37,7 @@ nxt_http_request_error(nxt_task_t *task, nxt_http_request_t *r,
     r->status = status;
 
     r->resp.fields = nxt_list_create(r->mem_pool, 8, sizeof(nxt_http_field_t));
-    if (nxt_slow_path(r == NULL)) {
+    if (nxt_slow_path(r->resp.fields == NULL)) {
         goto fail;
     }
 
diff --git a/src/nxt_http_request.c b/src/nxt_http_request.c
index b80998cb..c8adb499 100644
--- a/src/nxt_http_request.c
+++ b/src/nxt_http_request.c
@@ -79,14 +79,20 @@ nxt_int_t
 nxt_http_request_content_length(void *ctx, nxt_http_field_t *field,
     uintptr_t data)
 {
+    nxt_off_t           n;
     nxt_http_request_t  *r;
 
     r = ctx;
-
     r->content_length = field;
-    r->content_length_n = nxt_off_t_parse(field->value, field->value_length);
 
-    return NXT_OK;
+    n = nxt_off_t_parse(field->value, field->value_length);
+
+    if (nxt_fast_path(n >= 0)) {
+        r->content_length_n = n;
+        return NXT_OK;
+    }
+
+    return NXT_ERROR;
 }
 
 
diff --git a/src/nxt_main.h b/src/nxt_main.h
index 71ee6599..760384ea 100644
--- a/src/nxt_main.h
+++ b/src/nxt_main.h
@@ -11,8 +11,8 @@
 #include <nxt_auto_config.h>
 
 
-#define NXT_VERSION                  "1.7"
-#define NXT_VERNUM                   10700
+#define NXT_VERSION                  "1.7.1"
+#define NXT_VERNUM                   10701
 
 #define NXT_SERVER                   "Unit/" NXT_VERSION