From: Maxim Dounin <mdounin@mdounin.ru>
Date: Wed, 8 Oct 2014 13:16:04 +0000 (+0400)
Subject: Fixed possible buffer overrun in "too long header line" logging.
X-Git-Tag: release-1.6.3~17
X-Git-Url: http://www.kaiwu.me/postgresql/commit/static/gitweb.js?a=commitdiff_plain;h=e875df1842c901c8bf98c00299e645afdb0387e9;p=nginx.git

Fixed possible buffer overrun in "too long header line" logging.

Additionally, ellipsis now always added to make it clear that
the header logged is incomplete.

Reported by Daniil Bondarev.
---

diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c
index 845ada322..560c5f512 100644
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -1227,12 +1227,11 @@ ngx_http_process_request_headers(ngx_event_t *rev)
 
                     if (len > NGX_MAX_ERROR_STR - 300) {
                         len = NGX_MAX_ERROR_STR - 300;
-                        p[len++] = '.'; p[len++] = '.'; p[len++] = '.';
                     }
 
                     ngx_log_error(NGX_LOG_INFO, c->log, 0,
-                                  "client sent too long header line: \"%*s\"",
-                                  len, r->header_name_start);
+                                "client sent too long header line: \"%*s...\"",
+                                len, r->header_name_start);
 
                     ngx_http_finalize_request(r,
                                             NGX_HTTP_REQUEST_HEADER_TOO_LARGE);