diff options
| author | Sergey Kandaurov <pluknet@nginx.com> | 2023-10-21 18:48:24 +0400 |
|---|---|---|
| committer | Sergey Kandaurov <pluknet@nginx.com> | 2023-10-21 18:48:24 +0400 |
| commit | b19bc2e0fa60100ee8170acf161bc9b8f01cce26 (patch) | |
| tree | 506a578c080edb777fdd36fd42144b08e6232f22 /src/core/nginx.c | |
| parent | 31620d1a89edaf110feda05ac91d68ccb532afba (diff) | |
| download | nginx-b19bc2e0fa60100ee8170acf161bc9b8f01cce26.tar.gz nginx-b19bc2e0fa60100ee8170acf161bc9b8f01cce26.zip | |
HTTP/2: fixed buffer management with HTTP/2 auto-detection.
As part of normal HTTP/2 processing, incomplete frames are saved in the
control state using a fixed size memcpy of NGX_HTTP_V2_STATE_BUFFER_SIZE.
For this matter, two state buffers are reserved in the HTTP/2 recv buffer.
As part of HTTP/2 auto-detection on plain TCP connections, initial data
is first read into a buffer specified by the client_header_buffer_size
directive that doesn't have state reservation. Previously, this made it
possible to over-read the buffer as part of saving the state.
The fix is to read the available buffer size rather than a fixed size.
Although memcpy of a fixed size can produce a better optimized code,
handling of incomplete frames isn't a common execution path, so it was
sacrificed for the sake of simplicity of the fix.
Diffstat (limited to 'src/core/nginx.c')
0 files changed, 0 insertions, 0 deletions