Mercurial > hg > nginx
comparison src/http/ngx_http_request.c @ 6075:7fcfe113827d stable-1.6
Fixed possible buffer overrun in "too long header line" logging.
Additionally, ellipsis now always added to make it clear that
the header logged is incomplete.
Reported by Daniil Bondarev.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Wed, 08 Oct 2014 17:16:04 +0400 |
parents | b8188afb3bbb |
children |
comparison
equal
deleted
inserted
replaced
6074:dfb23e4361da | 6075:7fcfe113827d |
---|---|
1225 | 1225 |
1226 len = r->header_in->end - p; | 1226 len = r->header_in->end - p; |
1227 | 1227 |
1228 if (len > NGX_MAX_ERROR_STR - 300) { | 1228 if (len > NGX_MAX_ERROR_STR - 300) { |
1229 len = NGX_MAX_ERROR_STR - 300; | 1229 len = NGX_MAX_ERROR_STR - 300; |
1230 p[len++] = '.'; p[len++] = '.'; p[len++] = '.'; | |
1231 } | 1230 } |
1232 | 1231 |
1233 ngx_log_error(NGX_LOG_INFO, c->log, 0, | 1232 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
1234 "client sent too long header line: \"%*s\"", | 1233 "client sent too long header line: \"%*s...\"", |
1235 len, r->header_name_start); | 1234 len, r->header_name_start); |
1236 | 1235 |
1237 ngx_http_finalize_request(r, | 1236 ngx_http_finalize_request(r, |
1238 NGX_HTTP_REQUEST_HEADER_TOO_LARGE); | 1237 NGX_HTTP_REQUEST_HEADER_TOO_LARGE); |
1239 return; | 1238 return; |
1240 } | 1239 } |