moved back to tech@ with this diff:
diff --git server_http.c server_http.c
index e05cec56dfc..52698a66b2e 100644
--- server_http.c
+++ server_http.c
@@ -198,7 +198,6 @@ void
server_read_http(struct bufferevent *bev, void *arg)
{
struct client *clt = arg;
- struct server_config *srv_conf = clt->clt_srv_conf;
struct http_descriptor *desc = clt->clt_descreq;
struct evbuffer *src = EVBUFFER_INPUT(bev);
char *line = NULL, *key, *value;
@@ -357,11 +356,6 @@ server_read_http(struct bufferevent *bev, void *arg)
server_abort_http(clt, 500, errstr);
goto abort;
}
- if ((size_t)clt->clt_toread >
- srv_conf->maxrequestbody) {
- server_abort_http(clt, 413, NULL);
- goto abort;
- }
}
if (strcasecmp("Transfer-Encoding", key) == 0 &&
@@ -1334,6 +1328,12 @@ server_response(struct httpd *httpd, struct client *clt)
srv_conf = server_getlocation(clt, desc->http_path);
}
+ if (clt->clt_toread > 0 && (size_t)clt->clt_toread >
+ srv_conf->maxrequestbody) {
+ server_abort_http(clt, 413, NULL);
+ return (-1);
+ }
+
if (srv_conf->flags & SRVFLAG_BLOCK) {
server_abort_http(clt, srv_conf->return_code,
srv_conf->return_uri);
--
I'm not entirely sure you are real.
