[nginx] Request body: block reading when returning errors.
Maxim Dounin
mdounin at mdounin.ru
Sat Apr 27 15:56:47 UTC 2024
details: http://freenginx.org/hg/nginx/rev/43fe0edddba1
branches:
changeset: 9256:43fe0edddba1
user: Maxim Dounin <mdounin at mdounin.ru>
date: Sat Apr 27 18:20:17 2024 +0300
description:
Request body: block reading when returning errors.
If reading is not blocked, additional client activity can result in
undefined behaviour, including segfaults, as seen with proxying with
proxy_ignore_client_abort before 4072:cf334deeea66. While unlikely
with low-level errors being returned when reading the request body, it
might be the case, for example, when chunked transfer encoding is used,
and error_page 400 (or 413) is proxied with proxy_ignore_client_abort.
diffstat:
src/http/ngx_http_request_body.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diffs (19 lines):
diff --git a/src/http/ngx_http_request_body.c b/src/http/ngx_http_request_body.c
--- a/src/http/ngx_http_request_body.c
+++ b/src/http/ngx_http_request_body.c
@@ -226,6 +226,7 @@ done:
if (rc >= NGX_HTTP_SPECIAL_RESPONSE) {
r->main->count--;
+ r->read_event_handler = ngx_http_block_reading;
}
return rc;
@@ -294,6 +295,7 @@ ngx_http_read_client_request_body_handle
rc = ngx_http_do_read_client_request_body(r);
if (rc >= NGX_HTTP_SPECIAL_RESPONSE) {
+ r->read_event_handler = ngx_http_block_reading;
ngx_http_finalize_request(r, rc);
}
}
More information about the nginx-devel
mailing list