Request body: avoid potential overflow.

author Maxim Dounin <mdounin@mdounin.ru>

Mon, 3 Mar 2014 13:39:53 +0000 (17:39 +0400)

committer Maxim Dounin <mdounin@mdounin.ru>

Mon, 3 Mar 2014 13:39:53 +0000 (17:39 +0400)
author Maxim Dounin <mdounin@mdounin.ru>
Mon, 3 Mar 2014 13:39:53 +0000 (17:39 +0400)
committer Maxim Dounin <mdounin@mdounin.ru>
Mon, 3 Mar 2014 13:39:53 +0000 (17:39 +0400)
diff --git a/src/http/ngx_http_request_body.c b/src/http/ngx_http_request_body.c

index 94cdbeed63fe48c31b19b65a14f089658666c8d3..bbf16fd257638623f46d6dd214a1d8a75e9d5429 100644 (file)
--- a/src/http/ngx_http_request_body.c
+++ b/src/http/ngx_http_request_body.c
@@ -953,13 +953,13 @@ ngx_http_request_body_chunked_filter(ngx_http_request_t *r, ngx_chain_t *in)
  
                  if (clcf->client_max_body_size
                      && clcf->client_max_body_size
-                       < r->headers_in.content_length_n + rb->chunked->size)
+                       - r->headers_in.content_length_n < rb->chunked->size)
                  {
                      ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
                                    "client intended to send too large chunked "
-                                  "body: %O bytes",
-                                  r->headers_in.content_length_n
-                                  + rb->chunked->size);
+                                  "body: %O+%O bytes",
+                                  r->headers_in.content_length_n,
+                                  rb->chunked->size);
  
                      r->lingering_close = 1;
author	Maxim Dounin <mdounin@mdounin.ru>
	Mon, 3 Mar 2014 13:39:53 +0000 (17:39 +0400)
committer	Maxim Dounin <mdounin@mdounin.ru>
	Mon, 3 Mar 2014 13:39:53 +0000 (17:39 +0400)