IntenseWebs/nginx
3
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

merge r3076, r3077, r3080:

Browse Source 
fix invalid header logging:

*) fix segfault when a header starts with "\rX"
   and logging is set to info or debug level
*) use %*s instead of %V
This commit is contained in:
Igor Sysoev 2009-09-07 11:11:24 +00:00
parent e5fb02e01f
commit caf21c99d8
2 changed files with 16 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/http/ngx_http_parse.c
View File

@ -739,6 +739,7 @@ ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b,
/* first char */ /* first char */
case sw_start: case sw_start:
r->header_name_start = p;
r->invalid_header = 0; r->invalid_header = 0;
switch (ch) { switch (ch) {
@ -751,7 +752,6 @@ ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b,
goto header_done; goto header_done;
default: default:
state = sw_name; state = sw_name;
r->header_name_start = p;
c = lowcase[ch]; c = lowcase[ch];

34
src/http/ngx_http_request.c
View File

@ -885,9 +885,10 @@ ngx_http_process_request_line(ngx_event_t *rev)
static void static void
ngx_http_process_request_headers(ngx_event_t *rev) ngx_http_process_request_headers(ngx_event_t *rev)
{ {
u_char *p;
size_t len;
ssize_t n; ssize_t n;
ngx_int_t rc, rv; ngx_int_t rc, rv;
ngx_str_t header;
ngx_table_elt_t *h; ngx_table_elt_t *h;
ngx_connection_t *c; ngx_connection_t *c;
ngx_http_header_t *hh; ngx_http_header_t *hh;
@ -927,19 +928,17 @@ ngx_http_process_request_headers(ngx_event_t *rev)
} }
if (rv == NGX_DECLINED) { if (rv == NGX_DECLINED) {
header.len = r->header_in->end - r->header_name_start; len = r->header_in->end - r->header_name_start;
header.data = r->header_name_start; p = r->header_name_start;
if (header.len > NGX_MAX_ERROR_STR - 300) { if (len > NGX_MAX_ERROR_STR - 300) {
header.len = NGX_MAX_ERROR_STR - 300; len = NGX_MAX_ERROR_STR - 300;
header.data[header.len++] = '.'; p[len++] = '.'; p[len++] = '.'; p[len++] = '.';
header.data[header.len++] = '.';
header.data[header.len++] = '.';
} }
ngx_log_error(NGX_LOG_INFO, c->log, 0, ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent too long header line: \"%V\"", "client sent too long header line: \"%*s\"",
&header); len, r->header_name_start);
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST); ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
return; return;
} }
@ -961,12 +960,10 @@ ngx_http_process_request_headers(ngx_event_t *rev)
/* there was error while a header line parsing */ /* there was error while a header line parsing */
header.len = r->header_end - r->header_name_start;
header.data = r->header_name_start;
ngx_log_error(NGX_LOG_INFO, c->log, 0, ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent invalid header line: \"%V\"", "client sent invalid header line: \"%*s\"",
&header); r->header_end - r->header_name_start,
r->header_name_start);
continue; continue;
} }
@ -1046,11 +1043,10 @@ ngx_http_process_request_headers(ngx_event_t *rev)
/* rc == NGX_HTTP_PARSE_INVALID_HEADER: "\r" is not followed by "\n" */ /* rc == NGX_HTTP_PARSE_INVALID_HEADER: "\r" is not followed by "\n" */
header.len = r->header_end - r->header_name_start;
header.data = r->header_name_start;
ngx_log_error(NGX_LOG_INFO, c->log, 0, ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent invalid header line: \"%V\\r...\"", "client sent invalid header line: \"%*s\\r...\"",
&header); r->header_end - r->header_name_start,
r->header_name_start);
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST); ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
return; return;
} }