Mercurial > hg > nginx
view src/http/v2/ngx_http_v2_encode.c @ 7679:05e42236e95b
FastCGI: protection from responses with wrong length.
Previous behaviour was to pass everything to the client, but this
seems to be suboptimal and causes issues (ticket #1695). Fix is to
drop extra data instead, as it naturally happens in most clients.
Additionally, we now also issue a warning if the response is too
short, and make sure the fact it is truncated is propagated to the
client. The u->error flag is introduced to make it possible to
propagate the error to the client in case of unbuffered proxying.
For responses to HEAD requests there is an exception: we do allow
both responses without body and responses with body matching the
Content-Length header.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Mon, 06 Jul 2020 18:36:23 +0300 |
parents | 87e9e4aabf1b |
children | 336084ff943b |
line wrap: on
line source
/* * Copyright (C) Nginx, Inc. * Copyright (C) Valentin V. Bartenev */ #include <ngx_config.h> #include <ngx_core.h> #include <ngx_http.h> static u_char *ngx_http_v2_write_int(u_char *pos, ngx_uint_t prefix, ngx_uint_t value); u_char * ngx_http_v2_string_encode(u_char *dst, u_char *src, size_t len, u_char *tmp, ngx_uint_t lower) { size_t hlen; hlen = ngx_http_v2_huff_encode(src, len, tmp, lower); if (hlen > 0) { *dst = NGX_HTTP_V2_ENCODE_HUFF; dst = ngx_http_v2_write_int(dst, ngx_http_v2_prefix(7), hlen); return ngx_cpymem(dst, tmp, hlen); } *dst = NGX_HTTP_V2_ENCODE_RAW; dst = ngx_http_v2_write_int(dst, ngx_http_v2_prefix(7), len); if (lower) { ngx_strlow(dst, src, len); return dst + len; } return ngx_cpymem(dst, src, len); } static u_char * ngx_http_v2_write_int(u_char *pos, ngx_uint_t prefix, ngx_uint_t value) { if (value < prefix) { *pos++ |= value; return pos; } *pos++ |= prefix; value -= prefix; while (value >= 128) { *pos++ = value % 128 + 128; value /= 128; } *pos++ = (u_char) value; return pos; }