replace sizeof with strlen (#116)

JoshMcCullough · web-flow · commit 07f6f996975e · 2023-12-04T13:32:29.000-05:00
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -15,10 +15,11 @@ on:
 
 jobs:
   build:
+    name: "NGINX: ${{ matrix.nginx-version }}; libjwt: ${{ matrix.libjwt-version }}"
     strategy:
       matrix:
         # Each nginx version to build against
-        nginx-version: ['1.20.2', '1.22.1', '1.24.0', '1.25.1']
+        nginx-version: ['1.20.2', '1.22.1', '1.24.0', '1.25.3']
         # The following versions of libjwt are compatible:
         #   * v1.0 - v1.12.0
         #   * v1.12.1 - v1.14.0
@@ -90,14 +91,14 @@ jobs:
     - name: Create release archive
       run: |
         cp ./nginx/objs/ngx_http_auth_jwt_module.so ./
-        tar czf ngx_http_auth_jwt_module_${{github.ref_name}}_libjwt_${{matrix.libjwt-version}}_nginx_${{matrix.nginx-version}}.tgz ngx_http_auth_jwt_module.so
+        tar czf ngx_http_auth_jwt_module_libjwt_${{matrix.libjwt-version}}_nginx_${{matrix.nginx-version}}.tgz ngx_http_auth_jwt_module.so
 
     - name: Upload build artifact
       uses: actions/upload-artifact@v3
       with:
         if-no-files-found: error
-        name: ngx_http_auth_jwt_module_${{github.ref_name}}_libjwt_${{matrix.libjwt-version}}_nginx_${{matrix.nginx-version}}.tgz
-        path: ngx_http_auth_jwt_module_${{github.ref_name}}_libjwt_${{matrix.libjwt-version}}_nginx_${{matrix.nginx-version}}.tgz
+        name: ngx_http_auth_jwt_module_libjwt_${{matrix.libjwt-version}}_nginx_${{matrix.nginx-version}}.tgz
+        path: ngx_http_auth_jwt_module_libjwt_${{matrix.libjwt-version}}_nginx_${{matrix.nginx-version}}.tgz
 
   update_releases_page:
     name: Upload builds to Releases
diff --git a/src/ngx_http_auth_jwt_module.c b/src/ngx_http_auth_jwt_module.c
@@ -489,7 +489,7 @@ static ngx_int_t redirect(ngx_http_request_t *r, auth_jwt_conf_t *jwtcf)
     }
 
     r->headers_out.location->hash = 1;
-    r->headers_out.location->key.len = sizeof("Location") - 1;
+    r->headers_out.location->key.len = strlen("Location");
     r->headers_out.location->key.data = (u_char *)"Location";
 
     if (r->method == NGX_HTTP_GET)
@@ -526,21 +526,21 @@ static ngx_int_t redirect(ngx_http_request_t *r, auth_jwt_conf_t *jwtcf)
       uri_escaped.len = escaped_len;
       ngx_escape_uri(uri_escaped.data, uri.data, uri.len, NGX_ESCAPE_ARGS);
 
-      r->headers_out.location->value.len = loginlen + sizeof("?return_url=") - 1 + strlen(scheme) + sizeof("://") - 1 + server.len + uri_escaped.len;
+      r->headers_out.location->value.len = loginlen + strlen("?return_url=") + strlen(scheme) + strlen("://") + server.len + uri_escaped.len;
 
       return_url = ngx_palloc(r->pool, r->headers_out.location->value.len);
       ngx_memcpy(return_url, jwtcf->loginurl.data, jwtcf->loginurl.len);
 
       return_url_idx = jwtcf->loginurl.len;
-      ngx_memcpy(return_url + return_url_idx, "?return_url=", sizeof("?return_url=") - 1);
+      ngx_memcpy(return_url + return_url_idx, "?return_url=", strlen("?return_url="));
 
-      return_url_idx += sizeof("?return_url=") - 1;
+      return_url_idx += strlen("?return_url=");
       ngx_memcpy(return_url + return_url_idx, scheme, strlen(scheme));
 
       return_url_idx += strlen(scheme);
-      ngx_memcpy(return_url + return_url_idx, "://", sizeof("://") - 1);
+      ngx_memcpy(return_url + return_url_idx, "://", strlen("://"));
 
-      return_url_idx += sizeof("://") - 1;
+      return_url_idx += strlen("://");
       ngx_memcpy(return_url + return_url_idx, server.data, server.len);
 
       return_url_idx += server.len;
@@ -617,25 +617,25 @@ static char *get_jwt(ngx_http_request_t *r, ngx_str_t jwt_location)
 
   ngx_log_debug(NGX_LOG_DEBUG, r->connection->log, 0, "jwt_location.len %d", jwt_location.len);
 
-  if (jwt_location.len > sizeof(HEADER_PREFIX) && ngx_strncmp(jwt_location.data, HEADER_PREFIX, sizeof(HEADER_PREFIX) - 1) == 0)
+  if (jwt_location.len > strlen(HEADER_PREFIX) && ngx_strncmp(jwt_location.data, HEADER_PREFIX, strlen(HEADER_PREFIX)) == 0)
   {
     ngx_table_elt_t *jwtHeaderVal;
 
-    jwt_location.data += sizeof(HEADER_PREFIX) - 1;
-    jwt_location.len -= sizeof(HEADER_PREFIX) - 1;
+    jwt_location.data += strlen(HEADER_PREFIX);
+    jwt_location.len -= strlen(HEADER_PREFIX);
 
     jwtHeaderVal = search_headers_in(r, jwt_location.data, jwt_location.len);
 
     if (jwtHeaderVal != NULL)
     {
       static const char *BEARER_PREFIX = "Bearer ";
 
-      if (ngx_strncmp(jwtHeaderVal->value.data, BEARER_PREFIX, sizeof(BEARER_PREFIX) - 1) == 0)
+      if (ngx_strncmp(jwtHeaderVal->value.data, BEARER_PREFIX, strlen(BEARER_PREFIX)) == 0)
       {
         ngx_str_t jwtHeaderValWithoutBearer = jwtHeaderVal->value;
         
-        jwtHeaderValWithoutBearer.data += sizeof(BEARER_PREFIX) - 1;
-        jwtHeaderValWithoutBearer.len -= sizeof(BEARER_PREFIX) - 1;
+        jwtHeaderValWithoutBearer.data += strlen(BEARER_PREFIX);
+        jwtHeaderValWithoutBearer.len -= strlen(BEARER_PREFIX);
 
         jwtPtr = ngx_str_t_to_char_ptr(r->pool, jwtHeaderValWithoutBearer);
       }
@@ -645,13 +645,13 @@ static char *get_jwt(ngx_http_request_t *r, ngx_str_t jwt_location)
       }
     }
   }
-  else if (jwt_location.len > sizeof(COOKIE_PREFIX) && ngx_strncmp(jwt_location.data, COOKIE_PREFIX, sizeof(COOKIE_PREFIX) - 1) == 0)
+  else if (jwt_location.len > strlen(COOKIE_PREFIX) && ngx_strncmp(jwt_location.data, COOKIE_PREFIX, strlen(COOKIE_PREFIX)) == 0)
   {
     bool has_cookie = false;
     ngx_str_t jwtCookieVal;
 
-    jwt_location.data += sizeof(COOKIE_PREFIX) - 1;
-    jwt_location.len -= sizeof(COOKIE_PREFIX) - 1;
+    jwt_location.data += strlen(COOKIE_PREFIX);
+    jwt_location.len -= strlen(COOKIE_PREFIX);
 
 #ifndef NGX_LINKED_LIST_COOKIES
     if (ngx_http_parse_multi_header_lines(&r->headers_in.cookies, &jwt_location, &jwtCookieVal) != NGX_DECLINED)
