At present, ngx_http_uwsgi_module.c's ngx_http_uwsgi_create_request() has nothing to stop it from dispatching a request exceeding what is possible per the uwsgi protocol:
https://uwsgi-docs.readthedocs.io/en/latest/Protocol.html The limit is 65,535 (0xffff) and when a request exceeds that size, this function is currently just overflowing, with the uwsgi handler receiving a large buffer with a length that doesn't match it. Would someone review and help me get the below code to be accepted? Thank you, Chris --- ngx_http_uwsgi_module.c.original 2018-08-22 23:41:16.309151481 +0000 +++ ngx_http_uwsgi_module.c 2018-08-22 23:43:39.546795158 +0000 @@ -960,6 +960,13 @@ } #endif + /* enforce uwsgi protocol max len of uint16 */ + if (len > 0xffff) { + ngx_log_error (NGX_LOG_ALERT, r->connection->log, 0, + "uwsgi request is too large for uwsgi protocol: %uz", len); + return NGX_ERROR; + } + b = ngx_create_temp_buf(r->pool, len + 4); if (b == NULL) { return NGX_ERROR; _______________________________________________ nginx-devel mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx-devel
