Bug #2131
closedmax-request-size comparing mistake
Description
There is a bug in request.c line 577:
573 /* check if we have read post data */
574 if (con->request.content_length != -1) {
575 /* divide by 1024 as srvconf.max_request_size is in kBytes */
576 if (srv->srvconf.max_request_size != 0 &&
577 ((size_t)(con->request.content_length >> 10)) > srv->srvconf.max_request_size) {
578 /* the request body itself is larger then
579 * our our max_request_size
580 */
581
582 con->http_status = 413;
583 con->keep_alive = 0;
584
if server.max-request-size = 1, client sends a post request with content-length: 1300 (>1024) , it will pass.
I think the condition should be "con->request.content_length > (srv->srvconf.max_request_size << 10)"
Files
Updated by gstrauss about 8 years ago
lighttpd 1.4 request.c contains the following (after checking srv->srvconf.max_request_size is non-zero)
(con->request.content_length >> 10) > srv->srvconf.max_request_size)
1.5.x branch has been abandoned. Please withdraw ticket.
Updated by stbuehler about 8 years ago
gstrauss wrote:
1.5.x branch has been abandoned. Please withdraw ticket.
As long as the target version is 1.5.0 those issues are fine for now; I could probably close them in one go, perhaps adding a new Status "Not supported anymore" or something like that for it.
Updated by gstrauss almost 8 years ago
- Category set to core
- Target version changed from 1.5.0 to 1.4.40
@liming: you are correct, this is a minor bug. It allows up to 1k more data than the configured limit
A patch is staged which makes server.max-request-size more precise. Thanks for your report.
Updated by gstrauss almost 8 years ago
- Status changed from Patch Pending to Fixed
- % Done changed from 0 to 100
Applied in changeset 28841bfc3dee3c80cc8feb3fe89e1f5803fddfc3.
Also available in: Atom