Hello! On Wed, Aug 22, 2018 at 11:57:02PM +0000, Chris Caputo wrote:
> At present, ngx_http_uwsgi_module.c's ngx_http_uwsgi_create_request() has > nothing to stop it from dispatching a request exceeding what is possible > per the uwsgi protocol: > > https://uwsgi-docs.readthedocs.io/en/latest/Protocol.html > > The limit is 65,535 (0xffff) and when a request exceeds that size, this > function is currently just overflowing, with the uwsgi handler receiving a > large buffer with a length that doesn't match it. > > Would someone review and help me get the below code to be accepted? > > Thank you, > Chris > > --- ngx_http_uwsgi_module.c.original 2018-08-22 23:41:16.309151481 +0000 > +++ ngx_http_uwsgi_module.c 2018-08-22 23:43:39.546795158 +0000 > @@ -960,6 +960,13 @@ > } > #endif > > + /* enforce uwsgi protocol max len of uint16 */ > + if (len > 0xffff) { > + ngx_log_error (NGX_LOG_ALERT, r->connection->log, 0, > + "uwsgi request is too large for uwsgi protocol: %uz", > len); > + return NGX_ERROR; > + } > + > b = ngx_create_temp_buf(r->pool, len + 4); > if (b == NULL) { > return NGX_ERROR; Thanks, I've pushed a slightly simplier patch: http://hg.nginx.org/nginx/rev/f6e7831a17d4 -- Maxim Dounin http://mdounin.ru/ _______________________________________________ nginx-devel mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx-devel
