首頁 探索 說明
登入
PUBLIC_REPOS
/
buildroot
镜像来自 git://git.buildroot.net/buildroot
2
1
複刻 0
檔案
瀏覽代碼

package/nginx: bump to version 1.22.1

- Drop eleventh patch (already in version)
- Update hash of LICENSE file (update in year)
- pcre2 is supported (and enabled by default) since
  https://github.com/nginx/nginx/commit/c6fec0b027569a4e0b1d8aaee7dea0f2e4d6052b

http://nginx.org/en/CHANGES-1.22

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine 2 年之前
父節點
5ec326fb97
當前提交
722b84eafa
共有 4 個文件被更改,包括 7 次插入325 次删除
分割檢視 顯示文件統計
  1. 0 315
      package/nginx/0011-Mp4-disabled-duplicate-atoms.patch
  2. 1 1
      package/nginx/Config.in
  3. 2 2
      package/nginx/nginx.hash
  4. 4 7
      package/nginx/nginx.mk

+ 0 - 315
package/nginx/0011-Mp4-disabled-duplicate-atoms.patch
查看文件 

@@ -1,315 +0,0 @@
 
-From 6b022a5556af22b6e18532e547a6ae46b0d8c6ea Mon Sep 17 00:00:00 2001
 
-From: Roman Arutyunyan <arut@nginx.com>
 
-Date: Wed, 19 Oct 2022 10:53:17 +0300
 
-Subject: [PATCH] Mp4: disabled duplicate atoms.
 
-
 
-Most atoms should not appear more than once in a container.  Previously,
 
-this was not enforced by the module, which could result in worker process
 
-crash, memory corruption and disclosure.
 
-
 
-Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 
----
 
- src/http/modules/ngx_http_mp4_module.c | 147 +++++++++++++++++++++++++
 
- 1 file changed, 147 insertions(+)
 
-
 
-diff --git a/src/http/modules/ngx_http_mp4_module.c b/src/http/modules/ngx_http_mp4_module.c
 
-index 9c3f627f..4eff01e9 100644
 
---- a/src/http/modules/ngx_http_mp4_module.c
 
-+++ b/src/http/modules/ngx_http_mp4_module.c
 
-@@ -1121,6 +1121,12 @@ ngx_http_mp4_read_ftyp_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
-         return NGX_ERROR;
 
-     }
 
- 
-+    if (mp4->ftyp_atom.buf) {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 ftyp atom in \"%s\"", mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     atom_size = sizeof(ngx_mp4_atom_header_t) + (size_t) atom_data_size;
 
- 
-     ftyp_atom = ngx_palloc(mp4->request->pool, atom_size);
 
-@@ -1179,6 +1185,12 @@ ngx_http_mp4_read_moov_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
-         return NGX_DECLINED;
 
-     }
 
- 
-+    if (mp4->moov_atom.buf) {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 moov atom in \"%s\"", mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     conf = ngx_http_get_module_loc_conf(mp4->request, ngx_http_mp4_module);
 
- 
-     if (atom_data_size > mp4->buffer_size) {
 
-@@ -1246,6 +1258,12 @@ ngx_http_mp4_read_mdat_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
- 
-     ngx_log_debug0(NGX_LOG_DEBUG_HTTP, mp4->file.log, 0, "mp4 mdat atom");
 
- 
-+    if (mp4->mdat_atom.buf) {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 mdat atom in \"%s\"", mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     data = &mp4->mdat_data_buf;
 
-     data->file = &mp4->file;
 
-     data->in_file = 1;
 
-@@ -1372,6 +1390,12 @@ ngx_http_mp4_read_mvhd_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
- 
-     ngx_log_debug0(NGX_LOG_DEBUG_HTTP, mp4->file.log, 0, "mp4 mvhd atom");
 
- 
-+    if (mp4->mvhd_atom.buf) {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 mvhd atom in \"%s\"", mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     atom_header = ngx_mp4_atom_header(mp4);
 
-     mvhd_atom = (ngx_mp4_mvhd_atom_t *) atom_header;
 
-     mvhd64_atom = (ngx_mp4_mvhd64_atom_t *) atom_header;
 
-@@ -1637,6 +1661,13 @@ ngx_http_mp4_read_tkhd_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
-     atom_size = sizeof(ngx_mp4_atom_header_t) + (size_t) atom_data_size;
 
- 
-     trak = ngx_mp4_last_trak(mp4);
 
-+
 
-+    if (trak->out[NGX_HTTP_MP4_TKHD_ATOM].buf) {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 tkhd atom in \"%s\"", mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     trak->tkhd_size = atom_size;
 
-     trak->movie_duration = duration;
 
- 
-@@ -1676,6 +1707,12 @@ ngx_http_mp4_read_mdia_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
- 
-     trak = ngx_mp4_last_trak(mp4);
 
- 
-+    if (trak->out[NGX_HTTP_MP4_MDIA_ATOM].buf) {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 mdia atom in \"%s\"", mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     atom = &trak->mdia_atom_buf;
 
-     atom->temporary = 1;
 
-     atom->pos = atom_header;
 
-@@ -1799,6 +1836,13 @@ ngx_http_mp4_read_mdhd_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
-     atom_size = sizeof(ngx_mp4_atom_header_t) + (size_t) atom_data_size;
 
- 
-     trak = ngx_mp4_last_trak(mp4);
 
-+
 
-+    if (trak->out[NGX_HTTP_MP4_MDHD_ATOM].buf) {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 mdhd atom in \"%s\"", mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     trak->mdhd_size = atom_size;
 
-     trak->timescale = timescale;
 
-     trak->duration = duration;
 
-@@ -1862,6 +1906,12 @@ ngx_http_mp4_read_hdlr_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
- 
-     trak = ngx_mp4_last_trak(mp4);
 
- 
-+    if (trak->out[NGX_HTTP_MP4_HDLR_ATOM].buf) {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 hdlr atom in \"%s\"", mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     atom = &trak->hdlr_atom_buf;
 
-     atom->temporary = 1;
 
-     atom->pos = atom_header;
 
-@@ -1890,6 +1940,12 @@ ngx_http_mp4_read_minf_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
- 
-     trak = ngx_mp4_last_trak(mp4);
 
- 
-+    if (trak->out[NGX_HTTP_MP4_MINF_ATOM].buf) {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 minf atom in \"%s\"", mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     atom = &trak->minf_atom_buf;
 
-     atom->temporary = 1;
 
-     atom->pos = atom_header;
 
-@@ -1933,6 +1989,15 @@ ngx_http_mp4_read_vmhd_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
- 
-     trak = ngx_mp4_last_trak(mp4);
 
- 
-+    if (trak->out[NGX_HTTP_MP4_VMHD_ATOM].buf
 
-+        || trak->out[NGX_HTTP_MP4_SMHD_ATOM].buf)
 
-+    {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 vmhd/smhd atom in \"%s\"",
 
-+                      mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     atom = &trak->vmhd_atom_buf;
 
-     atom->temporary = 1;
 
-     atom->pos = atom_header;
 
-@@ -1964,6 +2029,15 @@ ngx_http_mp4_read_smhd_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
- 
-     trak = ngx_mp4_last_trak(mp4);
 
- 
-+    if (trak->out[NGX_HTTP_MP4_VMHD_ATOM].buf
 
-+        || trak->out[NGX_HTTP_MP4_SMHD_ATOM].buf)
 
-+    {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 vmhd/smhd atom in \"%s\"",
 
-+                      mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     atom = &trak->smhd_atom_buf;
 
-     atom->temporary = 1;
 
-     atom->pos = atom_header;
 
-@@ -1995,6 +2069,12 @@ ngx_http_mp4_read_dinf_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
- 
-     trak = ngx_mp4_last_trak(mp4);
 
- 
-+    if (trak->out[NGX_HTTP_MP4_DINF_ATOM].buf) {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 dinf atom in \"%s\"", mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     atom = &trak->dinf_atom_buf;
 
-     atom->temporary = 1;
 
-     atom->pos = atom_header;
 
-@@ -2023,6 +2103,12 @@ ngx_http_mp4_read_stbl_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
- 
-     trak = ngx_mp4_last_trak(mp4);
 
- 
-+    if (trak->out[NGX_HTTP_MP4_STBL_ATOM].buf) {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 stbl atom in \"%s\"", mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     atom = &trak->stbl_atom_buf;
 
-     atom->temporary = 1;
 
-     atom->pos = atom_header;
 
-@@ -2144,6 +2230,12 @@ ngx_http_mp4_read_stsd_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
- 
-     trak = ngx_mp4_last_trak(mp4);
 
- 
-+    if (trak->out[NGX_HTTP_MP4_STSD_ATOM].buf) {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 stsd atom in \"%s\"", mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     atom = &trak->stsd_atom_buf;
 
-     atom->temporary = 1;
 
-     atom->pos = atom_header;
 
-@@ -2212,6 +2304,13 @@ ngx_http_mp4_read_stts_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
-     atom_end = atom_table + entries * sizeof(ngx_mp4_stts_entry_t);
 
- 
-     trak = ngx_mp4_last_trak(mp4);
 
-+
 
-+    if (trak->out[NGX_HTTP_MP4_STTS_ATOM].buf) {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 stts atom in \"%s\"", mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     trak->time_to_sample_entries = entries;
 
- 
-     atom = &trak->stts_atom_buf;
 
-@@ -2480,6 +2579,13 @@ ngx_http_mp4_read_stss_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
-                    "sync sample entries:%uD", entries);
 
- 
-     trak = ngx_mp4_last_trak(mp4);
 
-+
 
-+    if (trak->out[NGX_HTTP_MP4_STSS_ATOM].buf) {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 stss atom in \"%s\"", mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     trak->sync_samples_entries = entries;
 
- 
-     atom_table = atom_header + sizeof(ngx_http_mp4_stss_atom_t);
 
-@@ -2678,6 +2784,13 @@ ngx_http_mp4_read_ctts_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
-                    "composition offset entries:%uD", entries);
 
- 
-     trak = ngx_mp4_last_trak(mp4);
 
-+
 
-+    if (trak->out[NGX_HTTP_MP4_CTTS_ATOM].buf) {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 ctts atom in \"%s\"", mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     trak->composition_offset_entries = entries;
 
- 
-     atom_table = atom_header + sizeof(ngx_mp4_ctts_atom_t);
 
-@@ -2881,6 +2994,13 @@ ngx_http_mp4_read_stsc_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
-     atom_end = atom_table + entries * sizeof(ngx_mp4_stsc_entry_t);
 
- 
-     trak = ngx_mp4_last_trak(mp4);
 
-+
 
-+    if (trak->out[NGX_HTTP_MP4_STSC_ATOM].buf) {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 stsc atom in \"%s\"", mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     trak->sample_to_chunk_entries = entries;
 
- 
-     atom = &trak->stsc_atom_buf;
 
-@@ -3213,6 +3333,13 @@ ngx_http_mp4_read_stsz_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
-                    "sample uniform size:%uD, entries:%uD", size, entries);
 
- 
-     trak = ngx_mp4_last_trak(mp4);
 
-+
 
-+    if (trak->out[NGX_HTTP_MP4_STSZ_ATOM].buf) {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 stsz atom in \"%s\"", mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     trak->sample_sizes_entries = entries;
 
- 
-     atom_table = atom_header + sizeof(ngx_mp4_stsz_atom_t);
 
-@@ -3396,6 +3523,16 @@ ngx_http_mp4_read_stco_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
-     atom_end = atom_table + entries * sizeof(uint32_t);
 
- 
-     trak = ngx_mp4_last_trak(mp4);
 
-+
 
-+    if (trak->out[NGX_HTTP_MP4_STCO_ATOM].buf
 
-+        || trak->out[NGX_HTTP_MP4_CO64_ATOM].buf)
 
-+    {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 stco/co64 atom in \"%s\"",
 
-+                      mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     trak->chunks = entries;
 
- 
-     atom = &trak->stco_atom_buf;
 
-@@ -3602,6 +3739,16 @@ ngx_http_mp4_read_co64_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
 
-     atom_end = atom_table + entries * sizeof(uint64_t);
 
- 
-     trak = ngx_mp4_last_trak(mp4);
 
-+
 
-+    if (trak->out[NGX_HTTP_MP4_STCO_ATOM].buf
 
-+        || trak->out[NGX_HTTP_MP4_CO64_ATOM].buf)
 
-+    {
 
-+        ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
 
-+                      "duplicate mp4 stco/co64 atom in \"%s\"",
 
-+                      mp4->file.name.data);
 
-+        return NGX_ERROR;
 
-+    }
 
-+
 
-     trak->chunks = entries;
 
- 
-     atom = &trak->co64_atom_buf;
 
--- 
-2.30.2
 
-

+ 1 - 1
package/nginx/Config.in
查看文件 

@@ -214,7 +214,7 @@ config BR2_PACKAGE_NGINX_HTTP_REFERER_MODULE
 
 config BR2_PACKAGE_NGINX_HTTP_REWRITE_MODULE
 
 	bool "ngx_http_rewrite_module"
 
 	default y
 
-	select BR2_PACKAGE_PCRE
 
+	select BR2_PACKAGE_PCRE2
 
 	help
 
 	  Enable ngx_http_rewrite_module

+ 2 - 2
package/nginx/nginx.hash
查看文件 

@@ -1,4 +1,4 @@
 
 # Locally calculated after checking pgp signature
 
-sha256  e462e11533d5c30baa05df7652160ff5979591d291736cfa5edb9fd2edb48c49  nginx-1.20.1.tar.gz
 
+sha256  9ebb333a9e82b952acd3e2b4aeb1d4ff6406f72491bab6cd9fe69f0dea737f31  nginx-1.22.1.tar.gz
 
 # License files, locally calculated
 
-sha256  b57270c1f73eb6624b38b2d0a1affcec56b21fab39efbf8c837428f05cef1d73  LICENSE
 
+sha256  ececed0b0e7243a4766cbc62b26df4bd3513b41de3a07425da1679c836d06320  LICENSE

+ 4 - 7
package/nginx/nginx.mk
查看文件 

@@ -4,7 +4,7 @@
 
 #
 
 ################################################################################
 
 
-NGINX_VERSION = 1.20.1
 
+NGINX_VERSION = 1.22.1
 
 NGINX_SITE = http://nginx.org/download
 
 NGINX_LICENSE = BSD-2-Clause
 
 NGINX_LICENSE_FILES = LICENSE
 
@@ -19,9 +19,6 @@ NGINX_CONF_OPTS = \
 
 	--with-cpp="$(TARGET_CC)" \
 
 	--with-ld-opt="$(TARGET_LDFLAGS)"
 
 
-# 0011-Mp4-disabled-duplicate-atoms.patch
 
-NGINX_IGNORE_CVES += CVE-2022-41741 CVE-2022-41742
 
-
 
 # www-data user and group are used for nginx. Because these user and group
 
 # are already set by buildroot, it is not necessary to redefine them.
 
 # See system/skeleton/etc/passwd
 
@@ -83,8 +80,8 @@ else
 
 NGINX_CONF_ENV += ngx_force_have_libatomic=no
 
 endif
 
 
-ifeq ($(BR2_PACKAGE_PCRE),y)
 
-NGINX_DEPENDENCIES += pcre
 
+ifeq ($(BR2_PACKAGE_PCRE2),y)
 
+NGINX_DEPENDENCIES += pcre2
 
 NGINX_CONF_OPTS += --with-pcre
 
 else
 
 NGINX_CONF_OPTS += --without-pcre
 
@@ -167,7 +164,7 @@ NGINX_CONF_OPTS += --without-http_gzip_module
 
 endif
 
 
 ifeq ($(BR2_PACKAGE_NGINX_HTTP_REWRITE_MODULE),y)
 
-NGINX_DEPENDENCIES += pcre
 
+NGINX_DEPENDENCIES += pcre2
 
 else
 
 NGINX_CONF_OPTS += --without-http_rewrite_module
 
 endif