nginx-vendor-current: src/http/ngx_http

comparison src/http/ngx_http_request.c @ 540:c04fa65fe604 NGINX_0_8_22

nginx 0.8.22 *) Feature: the "proxy_bind", "fastcgi_bind", and "memcached_bind" directives. *) Feature: the "access" and the "deny" directives support IPv6. *) Feature: the "set_real_ip_from" directive supports IPv6 addresses in request headers. *) Feature: the "unix:" parameter of the "set_real_ip_from" directive. *) Bugfix: nginx did not delete unix domain socket after configuration testing. *) Bugfix: nginx deleted unix domain socket while online upgrade. *) Bugfix: the "!-x" operator did not work. Thanks to Maxim Dounin. *) Bugfix: a segmentation fault might occur in a worker process, if limit_rate was used in HTTPS server. Thanks to Maxim Dounin. *) Bugfix: a segmentation fault might occur in a worker process while $limit_rate logging. Thanks to Maxim Dounin. *) Bugfix: a segmentation fault might occur in a worker process, if there was no "listen" directive in "server" block; the bug had appeared in 0.8.21.

author	Igor Sysoev <http://sysoev.ru>
date	Tue, 03 Nov 2009 00:00:00 +0300
parents	1dcf6adad484
children	e19e5f542878

comparison

equal deleted inserted replaced

-:c88014f74832
+:c04fa65fe604
 ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
 return;
 }
 if (rv == NGX_DECLINED) {
-len = r->header_in->end - r->header_name_start;
 p = r->header_name_start;
+if (p == NULL) {
+ngx_log_error(NGX_LOG_INFO, c->log, 0,
+"client sent too large request");
+ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
+return;
+}
+len = r->header_in->end - p;
 if (len > NGX_MAX_ERROR_STR - 300) {
 len = NGX_MAX_ERROR_STR - 300;
 p[len++] = '.'; p[len++] = '.'; p[len++] = '.';
 }

Mercurial > hg > nginx-vendor-current

comparison src/http/ngx_http_request.c @ 540:c04fa65fe604 NGINX_0_8_22