Nginx-ru mailing list archive (nginx-ru@sysoev.ru)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] fix too much loyality in HTTP method parser
ðÁÔÞ ÆÉËÓÉÔ ×ÏÔ ÔÁËÏÅ:
[root@c1 c1]# telnet rambler.ru 80
Trying 81.19.70.3...
Connected to rambler.ru (81.19.70.3).
Escape character is '^]'.
HI_THERE / HTTP/1.0
Host: rambler.ru
HTTP/1.1 302 Moved Temporarily
Server: nginx/0.8.28
Date: Tue, 01 Dec 2009 03:09:30 GMT
Content-Type: text/html
Content-Length: 161
Connection: close
Location: http://www.rambler.ru/
<html>
<head><title>302 Found</title></head>
<body bgcolor="white">
<center><h1>302 Found</h1></center>
<hr><center>nginx/0.8.28</center>
</body>
</html>
Connection closed by foreign host.
:-)
--
br, Denis F. Latypoff. diff -ru nginx-0.8.29/src/http/ngx_http_parse.c
nginx-0.8.29.method/src/http/ngx_http_parse.c
--- nginx-0.8.29/src/http/ngx_http_parse.c 2009-09-25 04:30:06.000000000
-0500
+++ nginx-0.8.29.method/src/http/ngx_http_parse.c 2009-11-30
20:59:06.000000000 -0600
@@ -266,7 +266,11 @@
/* space* before URI */
case sw_spaces_before_uri:
- if (ch == '/' ){
+ if (r->method & NGX_HTTP_UNKNOWN) {
+ return NGX_HTTP_PARSE_INVALID_METHOD;
+ }
+
+ if (ch == '/') {
r->uri_start = p;
state = sw_after_slash_in_uri;
break;
_______________________________________________
nginx-ru mailing list
nginx-ru@xxxxxxxxx
http://nginx.org/mailman/listinfo/nginx-ru
| 
