diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/http/modules/ngx_http_limit_req_module.c | 38 |
1 files changed, 23 insertions, 15 deletions
diff --git a/src/http/modules/ngx_http_limit_req_module.c b/src/http/modules/ngx_http_limit_req_module.c index 164ef9886..43c9e9fdf 100644 --- a/src/http/modules/ngx_http_limit_req_module.c +++ b/src/http/modules/ngx_http_limit_req_module.c @@ -589,7 +589,8 @@ static char * ngx_http_limit_req_zone(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) { u_char *p; - size_t size, len; + size_t len; + ssize_t size; ngx_str_t *value, name, s; ngx_int_t rate, scale; ngx_uint_t i; @@ -612,25 +613,32 @@ ngx_http_limit_req_zone(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) p = (u_char *) ngx_strchr(name.data, ':'); - if (p) { - *p = '\0'; + if (p == NULL) { + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, + "invalid zone size \"%V\"", &value[i]); + return NGX_CONF_ERROR; + } - name.len = p - name.data; + name.len = p - name.data; - p++; + s.data = p + 1; + s.len = value[i].data + value[i].len - s.data; - s.len = value[i].data + value[i].len - p; - s.data = p; + size = ngx_parse_size(&s); - size = ngx_parse_size(&s); - if (size > 8191) { - continue; - } + if (size == NGX_ERROR) { + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, + "invalid zone size \"%V\"", &value[i]); + return NGX_CONF_ERROR; + } + + if (size < (ssize_t) (8 * ngx_pagesize)) { + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, + "zone \"%V\" is too small", &value[i]); + return NGX_CONF_ERROR; } - ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "invalid zone size \"%V\"", &value[i]); - return NGX_CONF_ERROR; + continue; } if (ngx_strncmp(value[i].data, "rate=", 5) == 0) { @@ -682,7 +690,7 @@ ngx_http_limit_req_zone(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) return NGX_CONF_ERROR; } - if (name.len == 0 || size == 0) { + if (name.len == 0) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "\"%V\" must have \"zone\" parameter", &cmd->name); |