]> git.kaiwu.me - nginx.git/commit
projects / nginx.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9cb22ef) | patch
Detect runaway chunks in ngx_http_parse_chunked().
authorSergey Kandaurov <pluknet@nginx.com>
Tue, 3 Sep 2019 14:26:56 +0000 (17:26 +0300)
committerSergey Kandaurov <pluknet@nginx.com>
Tue, 3 Sep 2019 14:26:56 +0000 (17:26 +0300)
commit77c01f10a1ab7796f57ef354fb1f078e09afe2c4
tree21a7e00b9548d030ed7bc476a62837229294b83btree | snapshot
parent9cb22efa3fe947f8474338b99d389a35da177bb9commit | diff
Detect runaway chunks in ngx_http_parse_chunked().

As defined in HTTP/1.1, body chunks have the following ABNF:

   chunk = chunk-size [ chunk-ext ] CRLF chunk-data CRLF

where chunk-data is a sequence of chunk-size octets.

With this change, chunk-data that doesn't end up with CRLF at chunk-size
offset will be treated as invalid, such as in the example provided below:

4
SEE-THIS-AND-
4
THAT
0
src/http/ngx_http_parse.c diff | blob | history
nginx upstream