Fixed interaction of limit_rate and sendfile_max_chunk.

It's possible that configured limit_rate will permit more bytes per
single operation than sendfile_max_chunk.  To protect disk from takeover
by a single client it is necessary to apply sendfile_max_chunk as a limit
regardless of configured limit_rate.

See here for report (in Russian):
http://mailman.nginx.org/pipermail/nginx-ru/2010-March/032806.html

diff --git a/src/http/ngx_http_write_filter_module.c b/src/http/ngx_http_write_filter_module.c
index f5dc6c1960fc5910982e1940cbb4e504e9a98312..a9660ee1fd2bea54e555bfa3caf551ad7f036a9f 100644 (file)
--- a/src/http/ngx_http_write_filter_module.c
+++ b/src/http/ngx_http_write_filter_module.c
@@ -223,11 +223,14 @@ ngx_http_write_filter(ngx_http_request_t *r, ngx_chain_t *in)
             return NGX_AGAIN;
         }
 
-    } else if (clcf->sendfile_max_chunk) {
-        limit = clcf->sendfile_max_chunk;
+        if (clcf->sendfile_max_chunk
+            && (off_t) clcf->sendfile_max_chunk < limit)
+        {
+            limit = clcf->sendfile_max_chunk;
+        }
 
     } else {
-        limit = 0;
+        limit = clcf->sendfile_max_chunk;
     }
 
     sent = c->sent;
@@ -265,14 +268,15 @@ ngx_http_write_filter(ngx_http_request_t *r, ngx_chain_t *in)
         delay = (ngx_msec_t) ((nsent - sent) * 1000 / r->limit_rate);
 
         if (delay > 0) {
+            limit = 0;
             c->write->delayed = 1;
             ngx_add_timer(c->write, delay);
         }
+    }
 
-    } else if (c->write->ready
-               && clcf->sendfile_max_chunk
-               && (size_t) (c->sent - sent)
-                      >= clcf->sendfile_max_chunk - 2 * ngx_pagesize)
+    if (limit
+        && c->write->ready
+        && c->sent - sent >= limit - (off_t) (2 * ngx_pagesize))
     {
         c->write->delayed = 1;
         ngx_add_timer(c->write, 1);