Mercurial > hg > nginx
view auto/cc/bcc @ 5590:6808ea2d69e4
SPDY: fixed potential integer overflow while parsing headers.
Previously r->header_size was used to store length for a part of
value that represents an individual already parsed HTTP header,
while r->header_end pointed to the end of the whole value.
Instead of storing length of a following name or value as pointer
to a potential end address (r->header_name_end and r->header_end)
that might be overflowed, now r->lowercase_index counter is used
to store remaining length of a following unparsed field.
It also fixes incorrect $body_bytes_sent value if a request is
closed while parsing of the request header. Since r->header_size
is intended for counting header size, thus abusing it for header
parsing purpose was certainly a bad idea.
author | Valentin Bartenev <vbart@nginx.com> |
---|---|
date | Mon, 03 Mar 2014 19:24:55 +0400 |
parents | d620f497c50f |
children | b7b7f3a0cc28 |
line wrap: on
line source
# Copyright (C) Igor Sysoev # Copyright (C) Nginx, Inc. # Borland C++ 5.5 # optimizations # maximize speed CFLAGS="$CFLAGS -O2" case $CPU in pentium) # optimize for Pentium and Athlon CPU_OPT="-5" ;; pentiumpro) # optimize for Pentium Pro, Pentium II and Pentium III CPU_OPT="-6" ;; esac # __stdcall #CPU_OPT="$CPU_OPT -ps" # __fastcall #CPU_OPT="$CPU_OPT -pr" CFLAGS="$CFLAGS $CPU_OPT" # multithreaded CFLAGS="$CFLAGS -tWM" # stop on warning CFLAGS="$CFLAGS -w!" # disable logo CFLAGS="$CFLAGS -q" # precompiled headers CORE_DEPS="$CORE_DEPS $NGX_OBJS/ngx_config.csm" NGX_PCH="$NGX_OBJS/ngx_config.csm" NGX_BUILD_PCH="-H=$NGX_OBJS/ngx_config.csm" NGX_USE_PCH="-Hu -H=$NGX_OBJS/ngx_config.csm" # Win32 GUI mode application #LINK="\$(CC) -laa" # the resource file NGX_RES="$NGX_OBJS/nginx.res" NGX_RCC="brcc32 -fo$NGX_OBJS/nginx.res \$(CORE_INCS) $NGX_WIN32_RC" # the pragma allows to link the resource file using bcc32 and # to avoid the direct ilink32 calling and the c0w32.obj's WinMain/main problem NGX_PRAGMA="#pragma resource \"$NGX_OBJS/nginx.res\"" ngx_include_opt="-I" ngx_objout="-o" ngx_binout="-e" ngx_objext="obj" ngx_binext=".exe" ngx_long_start='@&&| ' ngx_long_end='|' ngx_regex_dirsep='\\' ngx_dirsep="\\"