Hello community,

here is the log from the commit of package nginx for openSUSE:Factory checked 
in at 2019-10-25 18:42:57
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/nginx (Old)
 and      /work/SRC/openSUSE:Factory/.nginx.new.2990 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "nginx"

Fri Oct 25 18:42:57 2019 rev:41 rq:742770 version:1.17.5

Changes:
--------
--- /work/SRC/openSUSE:Factory/nginx/nginx.changes      2019-10-23 
15:51:47.918756110 +0200
+++ /work/SRC/openSUSE:Factory/.nginx.new.2990/nginx.changes    2019-10-25 
18:43:02.919949802 +0200
@@ -1,0 +2,13 @@
+Wed Oct 23 17:04:53 UTC 2019 - Илья Индиго <i...@ilya.pp.ua>
+
+- Update to 1.17.5
+  * https://nginx.org/en/CHANGES
+  * Now nginx uses ioctl(FIONREAD), if available, to avoid
+    reading from a fast connection for a long time.
+  * Incomplete escaped characters at the end of the request URI were ignored.
+  * "/." and "/.." at the end of the request URI were not normalized.
+  * In the "merge_slashes" directive.
+  * In the "ignore_invalid_headers" directive.
+  * nginx could not be built with MinGW-w64 gcc 8.1 or newer.
+
+-------------------------------------------------------------------

Old:
----
  nginx-1.17.4.tar.gz
  nginx-1.17.4.tar.gz.asc

New:
----
  nginx-1.17.5.tar.gz
  nginx-1.17.5.tar.gz.asc

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ nginx.spec ++++++
--- /var/tmp/diff_new_pack.GD92Fq/_old  2019-10-25 18:43:03.779950619 +0200
+++ /var/tmp/diff_new_pack.GD92Fq/_new  2019-10-25 18:43:03.783950623 +0200
@@ -70,7 +70,7 @@
 %define ngx_doc_dir    %{_datadir}/doc/packages/%{name}
 #
 Name:           nginx
-Version:        1.17.4
+Version:        1.17.5
 Release:        0
 %define ngx_fancyindex_version 0.4.2
 %define ngx_fancyindex_module_path ngx-fancyindex-%{ngx_fancyindex_version}
@@ -89,8 +89,8 @@
 Summary:        A HTTP server and IMAP/POP3 proxy server
 License:        BSD-2-Clause
 Group:          Productivity/Networking/Web/Proxy
-Url:            http://nginx.org/
-Source:         http://nginx.org/download/nginx-%{version}.tar.gz
+URL:            https://nginx.org
+Source0:        https://nginx.org/download/nginx-%{version}.tar.gz
 Source1:        nginx.init
 Source2:        nginx.logrotate
 Source3:        nginx.service

++++++ nginx-1.17.4.tar.gz -> nginx-1.17.5.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/CHANGES new/nginx-1.17.5/CHANGES
--- old/nginx-1.17.4/CHANGES    2019-09-24 17:08:52.000000000 +0200
+++ new/nginx-1.17.5/CHANGES    2019-10-22 17:16:13.000000000 +0200
@@ -1,4 +1,23 @@
 
+Changes with nginx 1.17.5                                        22 Oct 2019
+
+    *) Feature: now nginx uses ioctl(FIONREAD), if available, to avoid
+       reading from a fast connection for a long time.
+
+    *) Bugfix: incomplete escaped characters at the end of the request URI
+       were ignored.
+
+    *) Bugfix: "/." and "/.." at the end of the request URI were not
+       normalized.
+
+    *) Bugfix: in the "merge_slashes" directive.
+
+    *) Bugfix: in the "ignore_invalid_headers" directive.
+       Thanks to Alan Kemp.
+
+    *) Bugfix: nginx could not be built with MinGW-w64 gcc 8.1 or newer.
+
+
 Changes with nginx 1.17.4                                        24 Sep 2019
 
     *) Change: better detection of incorrect client behavior in HTTP/2.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/CHANGES.ru new/nginx-1.17.5/CHANGES.ru
--- old/nginx-1.17.4/CHANGES.ru 2019-09-24 17:08:51.000000000 +0200
+++ new/nginx-1.17.5/CHANGES.ru 2019-10-22 17:16:11.000000000 +0200
@@ -1,4 +1,23 @@
 
+Изменения в nginx 1.17.5                                          22.10.2019
+
+    *) Добавление: теперь nginx использует вызов ioctl(FIONREAD), если он
+       доступен, чтобы избежать чтения из быстрого соединения в течение
+       долгого времени.
+
+    *) Исправление: неполные закодированные символы в конце URI запроса
+       игнорировались.
+
+    *) Исправление: "/." и "/.." в конце URI запроса не нормализовывались.
+
+    *) Исправление: в директиве merge_slashes.
+
+    *) Исправление: в директиве ignore_invalid_headers.
+       Спасибо Alan Kemp.
+
+    *) Исправление: nginx не собирался с MinGW-w64 gcc 8.1 и новее.
+
+
 Изменения в nginx 1.17.4                                          24.09.2019
 
     *) Изменение: улучшено детектирование некорректного поведения клиентов в
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/auto/unix new/nginx-1.17.5/auto/unix
--- old/nginx-1.17.4/auto/unix  2019-09-24 17:08:48.000000000 +0200
+++ new/nginx-1.17.5/auto/unix  2019-10-22 17:16:08.000000000 +0200
@@ -943,6 +943,18 @@
 . auto/feature
 
 
+ngx_feature="ioctl(FIONREAD)"
+ngx_feature_name="NGX_HAVE_FIONREAD"
+ngx_feature_run=no
+ngx_feature_incs="#include <sys/ioctl.h>
+                  #include <stdio.h>
+                  $NGX_INCLUDE_SYS_FILIO_H"
+ngx_feature_path=
+ngx_feature_libs=
+ngx_feature_test="int i = FIONREAD; printf(\"%d\", i)"
+. auto/feature
+
+
 ngx_feature="struct tm.tm_gmtoff"
 ngx_feature_name="NGX_HAVE_GMTOFF"
 ngx_feature_run=no
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/src/core/nginx.h 
new/nginx-1.17.5/src/core/nginx.h
--- old/nginx-1.17.4/src/core/nginx.h   2019-09-24 17:08:48.000000000 +0200
+++ new/nginx-1.17.5/src/core/nginx.h   2019-10-22 17:16:08.000000000 +0200
@@ -9,8 +9,8 @@
 #define _NGINX_H_INCLUDED_
 
 
-#define nginx_version      1017004
-#define NGINX_VERSION      "1.17.4"
+#define nginx_version      1017005
+#define NGINX_VERSION      "1.17.5"
 #define NGINX_VER          "nginx/" NGINX_VERSION
 
 #ifdef NGX_BUILD
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/src/core/ngx_rbtree.c 
new/nginx-1.17.5/src/core/ngx_rbtree.c
--- old/nginx-1.17.4/src/core/ngx_rbtree.c      2019-09-24 17:08:48.000000000 
+0200
+++ new/nginx-1.17.5/src/core/ngx_rbtree.c      2019-10-22 17:16:08.000000000 
+0200
@@ -174,12 +174,7 @@
 
     } else {
         subst = ngx_rbtree_min(node->right, sentinel);
-
-        if (subst->left != sentinel) {
-            temp = subst->left;
-        } else {
-            temp = subst->right;
-        }
+        temp = subst->right;
     }
 
     if (subst == *root) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/src/event/modules/ngx_devpoll_module.c 
new/nginx-1.17.5/src/event/modules/ngx_devpoll_module.c
--- old/nginx-1.17.4/src/event/modules/ngx_devpoll_module.c     2019-09-24 
17:08:48.000000000 +0200
+++ new/nginx-1.17.5/src/event/modules/ngx_devpoll_module.c     2019-10-22 
17:16:08.000000000 +0200
@@ -495,6 +495,7 @@
 
         if ((revents & POLLIN) && rev->active) {
             rev->ready = 1;
+            rev->available = -1;
 
             if (flags & NGX_POST_EVENTS) {
                 queue = rev->accept ? &ngx_posted_accept_events
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/src/event/modules/ngx_epoll_module.c 
new/nginx-1.17.5/src/event/modules/ngx_epoll_module.c
--- old/nginx-1.17.4/src/event/modules/ngx_epoll_module.c       2019-09-24 
17:08:48.000000000 +0200
+++ new/nginx-1.17.5/src/event/modules/ngx_epoll_module.c       2019-10-22 
17:16:08.000000000 +0200
@@ -886,11 +886,10 @@
             if (revents & EPOLLRDHUP) {
                 rev->pending_eof = 1;
             }
-
-            rev->available = 1;
 #endif
 
             rev->ready = 1;
+            rev->available = -1;
 
             if (flags & NGX_POST_EVENTS) {
                 queue = rev->accept ? &ngx_posted_accept_events
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/nginx-1.17.4/src/event/modules/ngx_eventport_module.c 
new/nginx-1.17.5/src/event/modules/ngx_eventport_module.c
--- old/nginx-1.17.4/src/event/modules/ngx_eventport_module.c   2019-09-24 
17:08:48.000000000 +0200
+++ new/nginx-1.17.5/src/event/modules/ngx_eventport_module.c   2019-10-22 
17:16:08.000000000 +0200
@@ -559,6 +559,7 @@
 
             if (revents & POLLIN) {
                 rev->ready = 1;
+                rev->available = -1;
 
                 if (flags & NGX_POST_EVENTS) {
                     queue = rev->accept ? &ngx_posted_accept_events
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/src/event/modules/ngx_poll_module.c 
new/nginx-1.17.5/src/event/modules/ngx_poll_module.c
--- old/nginx-1.17.4/src/event/modules/ngx_poll_module.c        2019-09-24 
17:08:48.000000000 +0200
+++ new/nginx-1.17.5/src/event/modules/ngx_poll_module.c        2019-10-22 
17:16:08.000000000 +0200
@@ -370,6 +370,7 @@
 
             ev = c->read;
             ev->ready = 1;
+            ev->available = -1;
 
             queue = ev->accept ? &ngx_posted_accept_events
                                : &ngx_posted_events;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/src/event/modules/ngx_select_module.c 
new/nginx-1.17.5/src/event/modules/ngx_select_module.c
--- old/nginx-1.17.4/src/event/modules/ngx_select_module.c      2019-09-24 
17:08:48.000000000 +0200
+++ new/nginx-1.17.5/src/event/modules/ngx_select_module.c      2019-10-22 
17:16:08.000000000 +0200
@@ -330,6 +330,7 @@
 
         if (found) {
             ev->ready = 1;
+            ev->available = -1;
 
             queue = ev->accept ? &ngx_posted_accept_events
                                : &ngx_posted_events;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/nginx-1.17.4/src/event/modules/ngx_win32_poll_module.c 
new/nginx-1.17.5/src/event/modules/ngx_win32_poll_module.c
--- old/nginx-1.17.4/src/event/modules/ngx_win32_poll_module.c  2019-09-24 
17:08:48.000000000 +0200
+++ new/nginx-1.17.5/src/event/modules/ngx_win32_poll_module.c  2019-10-22 
17:16:08.000000000 +0200
@@ -380,6 +380,7 @@
 
             ev = c->read;
             ev->ready = 1;
+            ev->available = -1;
 
             queue = ev->accept ? &ngx_posted_accept_events
                                : &ngx_posted_events;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/nginx-1.17.4/src/event/modules/ngx_win32_select_module.c 
new/nginx-1.17.5/src/event/modules/ngx_win32_select_module.c
--- old/nginx-1.17.4/src/event/modules/ngx_win32_select_module.c        
2019-09-24 17:08:48.000000000 +0200
+++ new/nginx-1.17.5/src/event/modules/ngx_win32_select_module.c        
2019-10-22 17:16:08.000000000 +0200
@@ -330,6 +330,7 @@
 
         if (found) {
             ev->ready = 1;
+            ev->available = -1;
 
             queue = ev->accept ? &ngx_posted_accept_events
                                : &ngx_posted_events;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/src/event/ngx_event.c 
new/nginx-1.17.5/src/event/ngx_event.c
--- old/nginx-1.17.4/src/event/ngx_event.c      2019-09-24 17:08:48.000000000 
+0200
+++ new/nginx-1.17.5/src/event/ngx_event.c      2019-10-22 17:16:08.000000000 
+0200
@@ -237,6 +237,12 @@
         }
     }
 
+    if (!ngx_queue_empty(&ngx_posted_next_events)) {
+        ngx_queue_add(&ngx_posted_events, &ngx_posted_next_events);
+        ngx_queue_init(&ngx_posted_next_events);
+        timer = 0;
+    }
+
     delta = ngx_current_msec;
 
     (void) ngx_process_events(cycle, timer, flags);
@@ -639,6 +645,7 @@
 #endif
 
     ngx_queue_init(&ngx_posted_accept_events);
+    ngx_queue_init(&ngx_posted_next_events);
     ngx_queue_init(&ngx_posted_events);
 
     if (ngx_event_timer_init(cycle->log) == NGX_ERROR) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/src/event/ngx_event.h 
new/nginx-1.17.5/src/event/ngx_event.h
--- old/nginx-1.17.4/src/event/ngx_event.h      2019-09-24 17:08:48.000000000 
+0200
+++ new/nginx-1.17.5/src/event/ngx_event.h      2019-10-22 17:16:08.000000000 
+0200
@@ -91,21 +91,14 @@
      *   write:      available space in buffer when event is ready
      *               or lowat when event is set with NGX_LOWAT_EVENT flag
      *
-     * epoll with EPOLLRDHUP:
-     *   accept:     1 if accept many, 0 otherwise
-     *   read:       1 if there can be data to read, 0 otherwise
-     *
      * iocp: TODO
      *
      * otherwise:
      *   accept:     1 if accept many, 0 otherwise
+     *   read:       bytes to read when event is ready, -1 if not known
      */
 
-#if (NGX_HAVE_KQUEUE) || (NGX_HAVE_IOCP)
     int              available;
-#else
-    unsigned         available:1;
-#endif
 
     ngx_event_handler_pt  handler;
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/src/event/ngx_event_openssl.c 
new/nginx-1.17.5/src/event/ngx_event_openssl.c
--- old/nginx-1.17.4/src/event/ngx_event_openssl.c      2019-09-24 
17:08:48.000000000 +0200
+++ new/nginx-1.17.5/src/event/ngx_event_openssl.c      2019-10-22 
17:16:08.000000000 +0200
@@ -43,6 +43,7 @@
 #endif
 static ngx_int_t ngx_ssl_handle_recv(ngx_connection_t *c, int n);
 static void ngx_ssl_write_handler(ngx_event_t *wev);
+static void ngx_ssl_next_read_handler(ngx_event_t *rev);
 #ifdef SSL_READ_EARLY_DATA_SUCCESS
 static ssize_t ngx_ssl_write_early(ngx_connection_t *c, u_char *data,
     size_t size);
@@ -1922,6 +1923,10 @@
             last += n;
             bytes += n;
 
+            if (!c->read->ready) {
+                return bytes;
+            }
+
             if (last == b->end) {
                 cl = cl->next;
 
@@ -1999,6 +2004,48 @@
 
             if (size == 0) {
                 c->read->ready = 1;
+
+                if (c->read->available >= 0) {
+                    c->read->available -= bytes;
+
+                    /*
+                     * there can be data buffered at SSL layer,
+                     * so we post an event to continue reading on the next
+                     * iteration of the event loop
+                     */
+
+                    if (c->read->available < 0) {
+                        c->read->available = 0;
+                        c->read->ready = 0;
+
+                        if (c->ssl->next_read_handler == NULL) {
+                            c->ssl->next_read_handler = c->read->handler;
+                            c->read->handler = ngx_ssl_next_read_handler;
+                        }
+
+                        ngx_post_event(c->read, &ngx_posted_next_events);
+                    }
+
+                    ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
+                                   "SSL_read: avail:%d", c->read->available);
+
+                } else {
+
+#if (NGX_HAVE_FIONREAD)
+
+                    if (ngx_socket_nread(c->fd, &c->read->available) == -1) {
+                        c->read->error = 1;
+                        ngx_connection_error(c, ngx_socket_errno,
+                                             ngx_socket_nread_n " failed");
+                        return NGX_ERROR;
+                    }
+
+                    ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
+                                   "SSL_read: avail:%d", c->read->available);
+
+#endif
+                }
+
                 return bytes;
             }
 
@@ -2281,6 +2328,31 @@
 }
 
 
+static void
+ngx_ssl_next_read_handler(ngx_event_t *rev)
+{
+    ngx_connection_t  *c;
+
+    c = rev->data;
+
+    ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL next read handler");
+
+    rev->handler = c->ssl->next_read_handler;
+    c->ssl->next_read_handler = NULL;
+
+    if (!rev->ready) {
+        rev->ready = 1;
+        rev->available = -1;
+    }
+
+    if (rev->posted) {
+        ngx_delete_posted_event(rev);
+    }
+
+    rev->handler(rev);
+}
+
+
 /*
  * OpenSSL has no SSL_writev() so we copy several bufs into our 16K buffer
  * before the SSL_write() call to decrease a SSL overhead.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/src/event/ngx_event_openssl.h 
new/nginx-1.17.5/src/event/ngx_event_openssl.h
--- old/nginx-1.17.4/src/event/ngx_event_openssl.h      2019-09-24 
17:08:48.000000000 +0200
+++ new/nginx-1.17.5/src/event/ngx_event_openssl.h      2019-10-22 
17:16:08.000000000 +0200
@@ -86,6 +86,7 @@
 
     ngx_event_handler_pt        saved_read_handler;
     ngx_event_handler_pt        saved_write_handler;
+    ngx_event_handler_pt        next_read_handler;
 
     u_char                      early_buf;
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/src/event/ngx_event_pipe.c 
new/nginx-1.17.5/src/event/ngx_event_pipe.c
--- old/nginx-1.17.4/src/event/ngx_event_pipe.c 2019-09-24 17:08:48.000000000 
+0200
+++ new/nginx-1.17.5/src/event/ngx_event_pipe.c 2019-10-22 17:16:08.000000000 
+0200
@@ -172,7 +172,11 @@
              */
 
             if (p->upstream->read->available == 0
-                && p->upstream->read->pending_eof)
+                && p->upstream->read->pending_eof
+#if (NGX_SSL)
+                && !p->upstream->ssl
+#endif
+                )
             {
                 p->upstream->read->ready = 0;
                 p->upstream->read->eof = 1;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/src/event/ngx_event_posted.c 
new/nginx-1.17.5/src/event/ngx_event_posted.c
--- old/nginx-1.17.4/src/event/ngx_event_posted.c       2019-09-24 
17:08:48.000000000 +0200
+++ new/nginx-1.17.5/src/event/ngx_event_posted.c       2019-10-22 
17:16:08.000000000 +0200
@@ -11,6 +11,7 @@
 
 
 ngx_queue_t  ngx_posted_accept_events;
+ngx_queue_t  ngx_posted_next_events;
 ngx_queue_t  ngx_posted_events;
 
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/src/event/ngx_event_posted.h 
new/nginx-1.17.5/src/event/ngx_event_posted.h
--- old/nginx-1.17.4/src/event/ngx_event_posted.h       2019-09-24 
17:08:48.000000000 +0200
+++ new/nginx-1.17.5/src/event/ngx_event_posted.h       2019-10-22 
17:16:08.000000000 +0200
@@ -42,6 +42,7 @@
 
 
 extern ngx_queue_t  ngx_posted_accept_events;
+extern ngx_queue_t  ngx_posted_next_events;
 extern ngx_queue_t  ngx_posted_events;
 
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/src/http/ngx_http_parse.c 
new/nginx-1.17.5/src/http/ngx_http_parse.c
--- old/nginx-1.17.4/src/http/ngx_http_parse.c  2019-09-24 17:08:48.000000000 
+0200
+++ new/nginx-1.17.5/src/http/ngx_http_parse.c  2019-10-22 17:16:08.000000000 
+0200
@@ -912,6 +912,8 @@
                         i = 1;
 
                     } else {
+                        hash = 0;
+                        i = 0;
                         r->invalid_header = 1;
                     }
 
@@ -922,6 +924,8 @@
                     return NGX_HTTP_PARSE_INVALID_HEADER;
                 }
 
+                hash = 0;
+                i = 0;
                 r->invalid_header = 1;
 
                 break;
@@ -1437,9 +1441,11 @@
                 state = sw_quoted;
                 break;
             case '?':
+                u--;
                 r->args_start = p;
                 goto args;
             case '#':
+                u--;
                 goto done;
             case '+':
                 r->plus_in_uri = 1;
@@ -1467,8 +1473,9 @@
             case '\\':
 #endif
             case '/':
-                state = sw_slash;
-                u -= 5;
+            case '?':
+            case '#':
+                u -= 4;
                 for ( ;; ) {
                     if (u < r->uri.data) {
                         return NGX_HTTP_PARSE_INVALID_REQUEST;
@@ -1479,16 +1486,19 @@
                     }
                     u--;
                 }
+                if (ch == '?') {
+                    r->args_start = p;
+                    goto args;
+                }
+                if (ch == '#') {
+                    goto done;
+                }
+                state = sw_slash;
                 break;
             case '%':
                 quoted_state = state;
                 state = sw_quoted;
                 break;
-            case '?':
-                r->args_start = p;
-                goto args;
-            case '#':
-                goto done;
             case '+':
                 r->plus_in_uri = 1;
                 /* fall through */
@@ -1561,6 +1571,30 @@
         }
     }
 
+    if (state == sw_quoted || state == sw_quoted_second) {
+        return NGX_HTTP_PARSE_INVALID_REQUEST;
+    }
+
+    if (state == sw_dot) {
+        u--;
+
+    } else if (state == sw_dot_dot) {
+        u -= 4;
+
+        for ( ;; ) {
+            if (u < r->uri.data) {
+                return NGX_HTTP_PARSE_INVALID_REQUEST;
+            }
+
+            if (*u == '/') {
+                u++;
+                break;
+            }
+
+            u--;
+        }
+    }
+
 done:
 
     r->uri.len = u - r->uri.data;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/src/os/unix/ngx_readv_chain.c 
new/nginx-1.17.5/src/os/unix/ngx_readv_chain.c
--- old/nginx-1.17.4/src/os/unix/ngx_readv_chain.c      2019-09-24 
17:08:48.000000000 +0200
+++ new/nginx-1.17.5/src/os/unix/ngx_readv_chain.c      2019-10-22 
17:16:08.000000000 +0200
@@ -60,7 +60,7 @@
                        "readv: eof:%d, avail:%d",
                        rev->pending_eof, rev->available);
 
-        if (!rev->available && !rev->pending_eof) {
+        if (rev->available == 0 && !rev->pending_eof) {
             return NGX_AGAIN;
         }
     }
@@ -164,6 +164,40 @@
             }
 
 #endif
+
+#if (NGX_HAVE_FIONREAD)
+
+            if (rev->available >= 0) {
+                rev->available -= n;
+
+                /*
+                 * negative rev->available means some additional bytes
+                 * were received between kernel notification and readv(),
+                 * and therefore ev->ready can be safely reset even for
+                 * edge-triggered event methods
+                 */
+
+                if (rev->available < 0) {
+                    rev->available = 0;
+                    rev->ready = 0;
+                }
+
+                ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
+                               "readv: avail:%d", rev->available);
+
+            } else if (n == size) {
+
+                if (ngx_socket_nread(c->fd, &rev->available) == -1) {
+                    n = ngx_connection_error(c, ngx_socket_errno,
+                                             ngx_socket_nread_n " failed");
+                    break;
+                }
+
+                ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
+                               "readv: avail:%d", rev->available);
+            }
+
+#endif
 
 #if (NGX_HAVE_EPOLLRDHUP)
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/src/os/unix/ngx_recv.c 
new/nginx-1.17.5/src/os/unix/ngx_recv.c
--- old/nginx-1.17.4/src/os/unix/ngx_recv.c     2019-09-24 17:08:48.000000000 
+0200
+++ new/nginx-1.17.5/src/os/unix/ngx_recv.c     2019-10-22 17:16:08.000000000 
+0200
@@ -57,7 +57,7 @@
                        "recv: eof:%d, avail:%d",
                        rev->pending_eof, rev->available);
 
-        if (!rev->available && !rev->pending_eof) {
+        if (rev->available == 0 && !rev->pending_eof) {
             rev->ready = 0;
             return NGX_AGAIN;
         }
@@ -115,6 +115,40 @@
             }
 
 #endif
+
+#if (NGX_HAVE_FIONREAD)
+
+            if (rev->available >= 0) {
+                rev->available -= n;
+
+                /*
+                 * negative rev->available means some additional bytes
+                 * were received between kernel notification and recv(),
+                 * and therefore ev->ready can be safely reset even for
+                 * edge-triggered event methods
+                 */
+
+                if (rev->available < 0) {
+                    rev->available = 0;
+                    rev->ready = 0;
+                }
+
+                ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
+                               "recv: avail:%d", rev->available);
+
+            } else if ((size_t) n == size) {
+
+                if (ngx_socket_nread(c->fd, &rev->available) == -1) {
+                    n = ngx_connection_error(c, ngx_socket_errno,
+                                             ngx_socket_nread_n " failed");
+                    break;
+                }
+
+                ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
+                               "recv: avail:%d", rev->available);
+            }
+
+#endif
 
 #if (NGX_HAVE_EPOLLRDHUP)
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/nginx-1.17.4/src/os/unix/ngx_socket.h 
new/nginx-1.17.5/src/os/unix/ngx_socket.h
--- old/nginx-1.17.4/src/os/unix/ngx_socket.h   2019-09-24 17:08:48.000000000 
+0200
+++ new/nginx-1.17.5/src/os/unix/ngx_socket.h   2019-10-22 17:16:08.000000000 
+0200
@@ -38,6 +38,13 @@
 
 #endif
 
+#if (NGX_HAVE_FIONREAD)
+
+#define ngx_socket_nread(s, n)  ioctl(s, FIONREAD, n)
+#define ngx_socket_nread_n      "ioctl(FIONREAD)"
+
+#endif
+
 int ngx_tcp_nopush(ngx_socket_t s);
 int ngx_tcp_push(ngx_socket_t s);
 



Reply via email to