details: http://hg.nginx.org/nginx/rev/372cc6e532a6
branches:
changeset: 5625:372cc6e532a6
user: Valentin Bartenev <vb...@nginx.com>
date: Wed Mar 26 17:43:39 2014 +0400
description:
SPDY: detect premature end of frame while start parsing headers.
diffstat:
src/http/ngx_http_spdy.c | 9 +++++++++
1 files changed, 9 insertions(+), 0 deletions(-)
diffs (19 lines):
diff -r bd91f286ee0a -r 372cc6e532a6 src/http/ngx_http_spdy.c
--- a/src/http/ngx_http_spdy.c Mon Mar 24 16:35:44 2014 -0700
+++ b/src/http/ngx_http_spdy.c Wed Mar 26 17:43:39 2014 +0400
@@ -1049,6 +1049,15 @@ ngx_http_spdy_state_headers(ngx_http_spd
if (r->headers_in.headers.part.elts == NULL) {
if (buf->last - buf->pos < NGX_SPDY_NV_NUM_SIZE) {
+
+ if (complete) {
+ ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
+ "client sent SYN_STREAM frame "
+ "with invalid HEADERS block");
+ ngx_http_spdy_close_stream(sc->stream, NGX_HTTP_BAD_REQUEST);
+ return ngx_http_spdy_state_protocol_error(sc);
+ }
+
return ngx_http_spdy_state_save(sc, pos, end,
ngx_http_spdy_state_headers);
}
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
