Mercurial > hg > nginx

diff src/http/v3/ngx_http_v3_request.c @ 8707:ffcaf0aad9f2 quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
HTTP/3: limited client header size. The limit is the size of all large client header buffers. Client header size is the total size of all client header names and values.
author Roman Arutyunyan <arut@nginx.com>
date Wed, 17 Feb 2021 11:58:32 +0300
parents 3057bae4dba7
children 265062a99043
line wrap: on
line diff
--- a/src/http/v3/ngx_http_v3_request.c
+++ b/src/http/v3/ngx_http_v3_request.c
@@ -118,6 +118,9 @@ ngx_http_v3_init(ngx_connection_t *c)
         return;
     }
 
+    r->v3_parse->header_limit = cscf->large_client_header_buffers.size
+                                * cscf->large_client_header_buffers.num;
+
     c->data = r;
 
     rev = c->read;
@@ -261,11 +264,23 @@ static ngx_int_t
 ngx_http_v3_process_header(ngx_http_request_t *r, ngx_str_t *name,
     ngx_str_t *value)
 {
+    size_t                      len;
     ngx_table_elt_t            *h;
     ngx_http_header_t          *hh;
     ngx_http_core_srv_conf_t   *cscf;
     ngx_http_core_main_conf_t  *cmcf;
 
+    len = name->len + value->len;
+
+    if (len > r->v3_parse->header_limit) {
+        ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
+                      "client sent too large header");
+        ngx_http_finalize_request(r, NGX_HTTP_REQUEST_HEADER_TOO_LARGE);
+        return NGX_ERROR;
+    }
+
+    r->v3_parse->header_limit -= len;
+
     if (ngx_http_v3_validate_header(r, name, value) != NGX_OK) {
         ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
         return NGX_ERROR;