[PATCH] Added logging to PROXY protocol write buffer check
Maxim Dounin
mdounin at mdounin.ru
Wed Nov 9 10:18:51 UTC 2022
Hello!
On Tue, Nov 08, 2022 at 02:45:10PM +0400, Roman Arutyunyan wrote:
> On Tue, Nov 08, 2022 at 12:46:42PM +0300, Maxim Dounin wrote:
> > # HG changeset patch
> > # User Maxim Dounin <mdounin at mdounin.ru>
> > # Date 1667891773 -10800
> > # Tue Nov 08 10:16:13 2022 +0300
> > # Node ID 22c65e5f1c372f251e2cefdd7aae743794ecfa9e
> > # Parent 17d6a537fb1bb587e4de22961bf5be5f0c648fa8
> > Added logging to PROXY protocol write buffer check.
> >
> > The check is not expected to fail unless there is a bug in the calling
> > code. But given the check is here, it should log an alert if it fails
> > instead of silently closing the connection.
> >
> > diff --git a/src/core/ngx_proxy_protocol.c b/src/core/ngx_proxy_protocol.c
> > --- a/src/core/ngx_proxy_protocol.c
> > +++ b/src/core/ngx_proxy_protocol.c
> > @@ -282,6 +282,8 @@ ngx_proxy_protocol_write(ngx_connection_
> > ngx_uint_t port, lport;
> >
> > if (last - buf < NGX_PROXY_PROTOCOL_V1_MAX_HEADER) {
> > + ngx_log_error(NGX_LOG_ALERT, c->log, 0,
> > + "too small buffer for PROXY protocol");
> > return NULL;
> > }
> >
>
> Looks fine
Pushed to http://mdounin.ru/hg/nginx along with the second patch,
thnx.
--
Maxim Dounin
http://mdounin.ru/
More information about the nginx-devel
mailing list