Mercurial > hg > nginx
comparison src/http/ngx_http_request.c @ 5769:e0aa54a4357e
Reset of r->uri.len on URI parsing errors.
This ensures that debug logging and the $uri variable (if used in
400 Bad Request processing) will not try to access uninitialized
memory.
Found by Sergey Bobrov.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Fri, 18 Jul 2014 20:02:11 +0400 |
parents | 3a72b1805c52 |
children | 11790b461a6f 7fcfe113827d |
comparison
equal
deleted
inserted
replaced
5768:70a0408cca7b | 5769:e0aa54a4357e |
---|---|
1069 } | 1069 } |
1070 | 1070 |
1071 cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module); | 1071 cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module); |
1072 | 1072 |
1073 if (ngx_http_parse_complex_uri(r, cscf->merge_slashes) != NGX_OK) { | 1073 if (ngx_http_parse_complex_uri(r, cscf->merge_slashes) != NGX_OK) { |
1074 r->uri.len = 0; | |
1075 | |
1074 ngx_log_error(NGX_LOG_INFO, r->connection->log, 0, | 1076 ngx_log_error(NGX_LOG_INFO, r->connection->log, 0, |
1075 "client sent invalid request"); | 1077 "client sent invalid request"); |
1076 ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST); | 1078 ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST); |
1077 return NGX_ERROR; | 1079 return NGX_ERROR; |
1078 } | 1080 } |