IntenseWebs/nginx
3
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fixed possible buffer overrun in "too long header line" logging.

Browse Source 
Additionally, ellipsis now always added to make it clear that
the header logged is incomplete.

Reported by Daniil Bondarev.
This commit is contained in:
Maxim Dounin
2014-10-08 17:16:04 +04:00
parent 52e4dc2f74
commit c01481a4cb
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/http/ngx_http_request.c
View File

@@ -1227,12 +1227,11 @@ ngx_http_process_request_headers(ngx_event_t *rev)
if (len > NGX_MAX_ERROR_STR - 300) {
len = NGX_MAX_ERROR_STR - 300;
p[len++] = '.'; p[len++] = '.'; p[len++] = '.';
}
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent too long header line: \"%*s\"",
len, r->header_name_start);
"client sent too long header line: \"%*s...\"",
len, r->header_name_start);
ngx_http_finalize_request(r,
NGX_HTTP_REQUEST_HEADER_TOO_LARGE);