summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorIgor Sysoev <igor@sysoev.ru>2009-09-07 11:11:24 +0000
committerIgor Sysoev <igor@sysoev.ru>2009-09-07 11:11:24 +0000
commitcaf21c99d8cf5af400eae41fcefdd96a41cd9b96 (patch)
treed15267f6f0e94cdf527af970d4d95b277617f0a8
parente5fb02e01f77aca2c9ea784d8dc14d7e4bd3c6ea (diff)
downloadnginx-caf21c99d8cf5af400eae41fcefdd96a41cd9b96.tar.gz
nginx-caf21c99d8cf5af400eae41fcefdd96a41cd9b96.tar.bz2
merge r3076, r3077, r3080:
fix invalid header logging: *) fix segfault when a header starts with "\rX" and logging is set to info or debug level *) use %*s instead of %V
Diffstat
-rw-r--r--src/http/ngx_http_parse.c2
-rw-r--r--src/http/ngx_http_request.c36
2 files changed, 17 insertions, 21 deletions
diff --git a/src/http/ngx_http_parse.c b/src/http/ngx_http_parse.c
index 0b7356598..160f96dbe 100644
--- a/src/http/ngx_http_parse.c
+++ b/src/http/ngx_http_parse.c
@@ -739,6 +739,7 @@ ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b,
/* first char */
case sw_start:
+ r->header_name_start = p;
r->invalid_header = 0;
switch (ch) {
@@ -751,7 +752,6 @@ ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b,
goto header_done;
default:
state = sw_name;
- r->header_name_start = p;
c = lowcase[ch];
diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c
index 837434b4d..4930b502f 100644
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -885,9 +885,10 @@ ngx_http_process_request_line(ngx_event_t *rev)
static void
ngx_http_process_request_headers(ngx_event_t *rev)
{
+ u_char *p;
+ size_t len;
ssize_t n;
ngx_int_t rc, rv;
- ngx_str_t header;
ngx_table_elt_t *h;
ngx_connection_t *c;
ngx_http_header_t *hh;
@@ -927,19 +928,17 @@ ngx_http_process_request_headers(ngx_event_t *rev)
}
if (rv == NGX_DECLINED) {
- header.len = r->header_in->end - r->header_name_start;
- header.data = r->header_name_start;
-
- if (header.len > NGX_MAX_ERROR_STR - 300) {
- header.len = NGX_MAX_ERROR_STR - 300;
- header.data[header.len++] = '.';
- header.data[header.len++] = '.';
- header.data[header.len++] = '.';
+ len = r->header_in->end - r->header_name_start;
+ p = r->header_name_start;
+
+ if (len > NGX_MAX_ERROR_STR - 300) {
+ len = NGX_MAX_ERROR_STR - 300;
+ p[len++] = '.'; p[len++] = '.'; p[len++] = '.';
}
ngx_log_error(NGX_LOG_INFO, c->log, 0,
- "client sent too long header line: \"%V\"",
- &header);
+ "client sent too long header line: \"%*s\"",
+ len, r->header_name_start);
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
return;
}
@@ -961,12 +960,10 @@ ngx_http_process_request_headers(ngx_event_t *rev)
/* there was error while a header line parsing */
- header.len = r->header_end - r->header_name_start;
- header.data = r->header_name_start;
-
ngx_log_error(NGX_LOG_INFO, c->log, 0,
- "client sent invalid header line: \"%V\"",
- &header);
+ "client sent invalid header line: \"%*s\"",
+ r->header_end - r->header_name_start,
+ r->header_name_start);
continue;
}
@@ -1046,11 +1043,10 @@ ngx_http_process_request_headers(ngx_event_t *rev)
/* rc == NGX_HTTP_PARSE_INVALID_HEADER: "\r" is not followed by "\n" */
- header.len = r->header_end - r->header_name_start;
- header.data = r->header_name_start;
ngx_log_error(NGX_LOG_INFO, c->log, 0,
- "client sent invalid header line: \"%V\\r...\"",
- &header);
+ "client sent invalid header line: \"%*s\\r...\"",
+ r->header_end - r->header_name_start,
+ r->header_name_start);
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
return;
}
generated by cgit (git 2.34.1) at 2025-12-06 08:58:04 +0000