ngx::http::NgxListIterator: ngx_str_t items are NgxStr, not str

pchickey · pchickey · commit de2727339b79 · 2025-07-28T14:04:14.000-07:00
The ngx_str_items in the header name and value are often untrusted
input, and may not have utf-8 contents. The use of ngx_str_t::to_str
in this iterator will panic when the contents are not utf-8. So, instead
of yielding a pair of strs here, yield a pair of &amp;NgxStr, which is like
ngx_str_t but with more methods.
diff --git a/examples/awssig.rs b/examples/awssig.rs
@@ -286,8 +286,16 @@ http_request_handler!(awssigv4_header_handler, |request: &mut Request| {
         // Copy only headers that will be used to sign the request
         let mut headers = HeaderMap::new();
         for (name, value) in request.headers_in_iterator() {
-            if name.to_lowercase() == "host" {
-                headers.insert(http::header::HOST, value.parse().unwrap());
+            if let Ok(name) = name.to_str() {
+                if name.to_lowercase() == "host" {
+                    if let Ok(value) = http::HeaderValue::from_bytes(value.as_bytes()) {
+                        headers.insert(http::header::HOST, value);
+                    } else {
+                        return core::Status::NGX_DECLINED;
+                    }
+                }
+            } else {
+                return core::Status::NGX_DECLINED;
             }
         }
         headers.insert("X-Amz-Date", datetime_now.parse().unwrap());
@@ -313,12 +321,11 @@ http_request_handler!(awssigv4_header_handler, |request: &mut Request| {
     request.add_header_in("authorization", signature.as_str());
     request.add_header_in("X-Amz-Date", datetime_now.as_str());
 
-    // done signing, let's print values we have in request.headers_out, request.headers_in
     for (name, value) in request.headers_out_iterator() {
-        ngx_log_debug_http!(request, "headers_out {}: {}", name, value);
+        ngx_log_debug_http!(request, "headers_out {name}: {value}",);
     }
     for (name, value) in request.headers_in_iterator() {
-        ngx_log_debug_http!(request, "headers_in  {}: {}", name, value);
+        ngx_log_debug_http!(request, "headers_in  {name}: {value}",);
     }
 
     core::Status::NGX_OK
diff --git a/src/http/request.rs b/src/http/request.rs
@@ -462,7 +462,7 @@ impl<'a> Iterator for NgxListIterator<'a> {
     // something like pub struct Header(ngx_table_elt_t);
     // then header would have key and value
 
-    type Item = (&'a str, &'a str);
+    type Item = (&'a NgxStr, &'a NgxStr);
 
     fn next(&mut self) -> Option<Self::Item> {
         let part = self.part.as_mut()?;
@@ -478,7 +478,12 @@ impl<'a> Iterator for NgxListIterator<'a> {
         }
         let header = &part.arr[self.i];
         self.i += 1;
-        Some((header.key.to_str(), header.value.to_str()))
+        unsafe {
+            Some((
+                NgxStr::from_ngx_str(header.key),
+                NgxStr::from_ngx_str(header.value),
+            ))
+        }
     }
 }
 

Original file line number	Diff line number	Diff line change
`@@ -462,7 +462,7 @@ impl<'a> Iterator for NgxListIterator<'a> {`
`462`	`462`	`// something like pub struct Header(ngx_table_elt_t);`
`463`	`463`	`// then header would have key and value`
`464`	`464`
`465`		`- type Item = (&'a str, &'a str);`
	`465`	`+ type Item = (&'a NgxStr, &'a NgxStr);`
`466`	`466`
`467`	`467`	`fn next(&mut self) -> Option<Self::Item> {`
`468`	`468`	`let part = self.part.as_mut()?;`
`@@ -478,7 +478,12 @@ impl<'a> Iterator for NgxListIterator<'a> {`
`478`	`478`	`}`
`479`	`479`	`let header = &part.arr[self.i];`
`480`	`480`	`self.i += 1;`
`481`		`- Some((header.key.to_str(), header.value.to_str()))`
	`481`	`+ unsafe {`
	`482`	`+ Some((`
	`483`	`+ NgxStr::from_ngx_str(header.key),`
	`484`	`+ NgxStr::from_ngx_str(header.value),`
	`485`	`+ ))`
	`486`	`+ }`
`482`	`487`	`}`
`483`	`488`	`}`
`484`	`489`