diff options
| author | Maxim Dounin <mdounin@mdounin.ru> | 2014-03-03 17:39:53 +0400 |
|---|---|---|
| committer | Maxim Dounin <mdounin@mdounin.ru> | 2014-03-03 17:39:53 +0400 |
| commit | 03fcee5d78450fcb4a2055a23e538655a93751b7 (patch) | |
| tree | 9cb9246091899f463fa2b473221f722925ad39a9 | |
| parent | d5da8fa776ff62ea3ccb81f8438a4bfe340d364b (diff) | |
| download | nginx-03fcee5d78450fcb4a2055a23e538655a93751b7.tar.gz nginx-03fcee5d78450fcb4a2055a23e538655a93751b7.tar.bz2 | |
Request body: avoid potential overflow.
Diffstat (limited to '')
| -rw-r--r-- | src/http/ngx_http_request_body.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/http/ngx_http_request_body.c b/src/http/ngx_http_request_body.c index 1d8bc4a28..e9cf3e930 100644 --- a/src/http/ngx_http_request_body.c +++ b/src/http/ngx_http_request_body.c @@ -953,13 +953,13 @@ ngx_http_request_body_chunked_filter(ngx_http_request_t *r, ngx_chain_t *in) if (clcf->client_max_body_size && clcf->client_max_body_size - < r->headers_in.content_length_n + rb->chunked->size) + - r->headers_in.content_length_n < rb->chunked->size) { ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, "client intended to send too large chunked " - "body: %O bytes", - r->headers_in.content_length_n - + rb->chunked->size); + "body: %O+%O bytes", + r->headers_in.content_length_n, + rb->chunked->size); r->lingering_close = 1; |