Klaus Demo nginx / c01481a
Fixed possible buffer overrun in "too long header line" logging. Additionally, ellipsis now always added to make it clear that the header logged is incomplete. Reported by Daniil Bondarev. Maxim Dounin 6 years ago
1 changed file(s) with 2 addition(s) and 3 deletion(s). Raw diff Collapse all Expand all
12261226
12271227 if (len > NGX_MAX_ERROR_STR - 300) {
12281228 len = NGX_MAX_ERROR_STR - 300;
1229 p[len++] = '.'; p[len++] = '.'; p[len++] = '.';
12301229 }
12311230
12321231 ngx_log_error(NGX_LOG_INFO, c->log, 0,
1233 "client sent too long header line: \"%*s\"",
1234 len, r->header_name_start);
1232 "client sent too long header line: \"%*s...\"",
1233 len, r->header_name_start);
12351234
12361235 ngx_http_finalize_request(r,
12371236 NGX_HTTP_REQUEST_HEADER_TOO_LARGE);