Mercurial > hg > nginx

changeset 7387:6afba58cd5a3 stable-1.14

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
gRPC: limited allocations due to ping and settings frames.
author Maxim Dounin <mdounin@mdounin.ru>
date Tue, 06 Nov 2018 16:29:59 +0300
parents 9200b41db765
children fe8e8322d9c1
files src/http/modules/ngx_http_grpc_module.c
diffstat 1 files changed, 15 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/src/http/modules/ngx_http_grpc_module.c
+++ b/src/http/modules/ngx_http_grpc_module.c
@@ -78,6 +78,9 @@ typedef struct {
 
     ngx_uint_t                 id;
 
+    ngx_uint_t                 pings;
+    ngx_uint_t                 settings;
+
     ssize_t                    send_window;
     size_t                     recv_window;
 
@@ -3531,6 +3534,12 @@ ngx_http_grpc_parse_settings(ngx_http_re
                           ctx->rest);
             return NGX_ERROR;
         }
+
+        if (ctx->free == NULL && ctx->settings++ > 1000) {
+            ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+                          "upstream sent too many settings frames");
+            return NGX_ERROR;
+        }
     }
 
     for (p = b->pos; p < last; p++) {
@@ -3683,6 +3692,12 @@ ngx_http_grpc_parse_ping(ngx_http_reques
                           "upstream sent ping frame with ack flag");
             return NGX_ERROR;
         }
+
+        if (ctx->free == NULL && ctx->pings++ > 1000) {
+            ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+                          "upstream sent too many ping frames");
+            return NGX_ERROR;
+        }
     }
 
     for (p = b->pos; p < last; p++) {