# HG changeset patch
# User Maxim Dounin <mdounin@mdounin.ru>
# Date 1412774164 -14400
# Node ID 7fcfe113827d7b27cf9420271d53ab72fa06755a
# Parent  dfb23e4361da0c1baafacea4a096ade688ce5a31
Fixed possible buffer overrun in "too long header line" logging.

Additionally, ellipsis now always added to make it clear that
the header logged is incomplete.

Reported by Daniil Bondarev.

diff -r dfb23e4361da -r 7fcfe113827d src/http/ngx_http_request.c
--- a/src/http/ngx_http_request.c	Thu Oct 02 12:00:17 2014 -0700
+++ b/src/http/ngx_http_request.c	Wed Oct 08 17:16:04 2014 +0400
@@ -1227,12 +1227,11 @@
 
                     if (len > NGX_MAX_ERROR_STR - 300) {
                         len = NGX_MAX_ERROR_STR - 300;
-                        p[len++] = '.'; p[len++] = '.'; p[len++] = '.';
                     }
 
                     ngx_log_error(NGX_LOG_INFO, c->log, 0,
-                                  "client sent too long header line: \"%*s\"",
-                                  len, r->header_name_start);
+                                "client sent too long header line: \"%*s...\"",
+                                len, r->header_name_start);
 
                     ngx_http_finalize_request(r,
                                             NGX_HTTP_REQUEST_HEADER_TOO_LARGE);