Skip to content

Possible null dereference in opentracing_variable.cpp #669

New issue
New issue
Open
Open
Possible null dereference in opentracing_variable.cpp#669
Labels
help wanted
@suhovv

Description

@suhovv
suhovv
opened on Aug 26, 2024

File: opentracing_variable.cpp
line: 108, 115

To avoid possible nullptr dereference, you should add a check for the result of the ngx_http_add_variable function call. If the function returns nullptr, you should handle this situation correctly, for example, write an error message to the log and return the corresponding error code from the add_variables function.

For the line opentracing_binary_context_var->get_handler = expand_opentracing_binary_context_variable; the same principles of error checking and handling apply as in the case of the opentracing_context_var variable

Example of correction:

ngx_int_t add_variables(ngx_conf_t* cf) noexcept {
  // add opentracing_context
  auto opentracing_context = to_ngx_str(opentracing_context_variable_name);
  auto opentracing_context_var = ngx_http_add_variable(
      cf, &opentracing_context,
      NGX_HTTP_VAR_NOCACHEABLE | NGX_HTTP_VAR_NOHASH | NGX_HTTP_VAR_PREFIX);
  
  // check nullptr
  if (opentracing_context_var == nullptr) {
    ngx_log_error(NGX_LOG_ERR, cf->log, 0, "Failed to add variable: %V", &opentracing_context);
    return NGX_ERROR;
  }

  opentracing_context_var->get_handler = expand_opentracing_context_variable;
  opentracing_context_var->data = 0;

  // add opentracing_binary_context
  auto opentracing_binary_context =
      to_ngx_str(opentracing_binary_context_variable_name);
  auto opentracing_binary_context_var = ngx_http_add_variable(
      cf, &opentracing_binary_context, NGX_HTTP_VAR_NOCACHEABLE);

  // check nullptr
  if (opentracing_binary_context_var == nullptr) {
    ngx_log_error(NGX_LOG_ERR, cf->log, 0, "Failed to add variable: %V", &opentracing_binary_context);
    return NGX_ERROR;
  }

  opentracing_binary_context_var->get_handler =
      expand_opentracing_binary_context_variable;
  opentracing_binary_context_var->data = 0;

  return NGX_OK;
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    help wanted

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions