Mercurial > hg > nginx
comparison src/http/ngx_http_request.c @ 5871:21043ce2a005
Fixed possible buffer overrun in "too long header line" logging.
Additionally, ellipsis now always added to make it clear that
the header logged is incomplete.
Reported by Daniil Bondarev.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Wed, 08 Oct 2014 17:16:04 +0400 |
parents | 11790b461a6f |
children | 8dfee01ff0bd |
comparison
equal
deleted
inserted
replaced
5870:5e72578e6503 | 5871:21043ce2a005 |
---|---|
1225 | 1225 |
1226 len = r->header_in->end - p; | 1226 len = r->header_in->end - p; |
1227 | 1227 |
1228 if (len > NGX_MAX_ERROR_STR - 300) { | 1228 if (len > NGX_MAX_ERROR_STR - 300) { |
1229 len = NGX_MAX_ERROR_STR - 300; | 1229 len = NGX_MAX_ERROR_STR - 300; |
1230 p[len++] = '.'; p[len++] = '.'; p[len++] = '.'; | |
1231 } | 1230 } |
1232 | 1231 |
1233 ngx_log_error(NGX_LOG_INFO, c->log, 0, | 1232 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
1234 "client sent too long header line: \"%*s\"", | 1233 "client sent too long header line: \"%*s...\"", |
1235 len, r->header_name_start); | 1234 len, r->header_name_start); |
1236 | 1235 |
1237 ngx_http_finalize_request(r, | 1236 ngx_http_finalize_request(r, |
1238 NGX_HTTP_REQUEST_HEADER_TOO_LARGE); | 1237 NGX_HTTP_REQUEST_HEADER_TOO_LARGE); |
1239 return; | 1238 return; |
1240 } | 1239 } |