summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorMax Romanov <max.romanov@nginx.com>2020-03-12 17:54:19 +0300
committerMax Romanov <max.romanov@nginx.com>2020-03-12 17:54:19 +0300
commit0b5aabfc3f6dafa00d4cd4da595bceeefd1a1d27 (patch)
treea2e15a24880b57c7991e2b0a7ee47a2fd888801f
parentf3e6726098220701dc2193c440852d04508cf972 (diff)
downloadunit-0b5aabfc3f6dafa00d4cd4da595bceeefd1a1d27.tar.gz
unit-0b5aabfc3f6dafa00d4cd4da595bceeefd1a1d27.tar.bz2
Checking Content-Length value right after header parse.
The check was moved from the request body read stage.
Diffstat (limited to '')
-rw-r--r--src/nxt_h1proto.c5
-rw-r--r--src/nxt_http_request.c9
2 files changed, 8 insertions, 6 deletions
diff --git a/src/nxt_h1proto.c b/src/nxt_h1proto.c
index 1a6c537e..c326ef30 100644
--- a/src/nxt_h1proto.c
+++ b/src/nxt_h1proto.c
@@ -847,11 +847,6 @@ nxt_h1p_request_body_read(nxt_task_t *task, nxt_http_request_t *r)
goto ready;
}
- if (r->content_length_n > (nxt_off_t) r->conf->socket_conf->max_body_size) {
- status = NXT_HTTP_PAYLOAD_TOO_LARGE;
- goto error;
- }
-
body_length = (size_t) r->content_length_n;
b = r->body;
diff --git a/src/nxt_http_request.c b/src/nxt_http_request.c
index 14c75dab..d610f65d 100644
--- a/src/nxt_http_request.c
+++ b/src/nxt_http_request.c
@@ -186,7 +186,7 @@ nxt_int_t
nxt_http_request_content_length(void *ctx, nxt_http_field_t *field,
uintptr_t data)
{
- nxt_off_t n;
+ nxt_off_t n, max_body_size;
nxt_http_request_t *r;
r = ctx;
@@ -198,6 +198,13 @@ nxt_http_request_content_length(void *ctx, nxt_http_field_t *field,
if (nxt_fast_path(n >= 0)) {
r->content_length_n = n;
+
+ max_body_size = r->conf->socket_conf->max_body_size;
+
+ if (nxt_slow_path(n > max_body_size)) {
+ return NXT_HTTP_PAYLOAD_TOO_LARGE;
+ }
+
return NXT_OK;
}
}