# HG changeset patch
# User Roman Arutyunyan <[email protected]>
# Date 1717774526 -14400
# Fri Jun 07 19:35:26 2024 +0400
# Node ID 231701a85ca1943113f3a3cd9174bd9c9dea1b2f
# Parent e2f6f5d01ff6f0dd2e3f0c9328e794af52e65881
Stream: limit SOCK_DGRAM preread to a single datagram.
Previously, returning NGX_AGAIN from a preread handler for a datagram resulted
in an attempt to read another datagram from the socket. This attempt could
fail or result in a datagram unrelated to the current client session. Now
an error is triggered if bytes beyond the first datagram are requested by a
preread handler.
The only preread module available in nginx is ngx_stream_ssl_preread_module,
which does not support SOCK_DGRAM. However a SOCK_DGRAM preread handler can
be implemented in njs or a third-party module.
diff --git a/src/stream/ngx_stream_core_module.c
b/src/stream/ngx_stream_core_module.c
--- a/src/stream/ngx_stream_core_module.c
+++ b/src/stream/ngx_stream_core_module.c
@@ -254,6 +254,12 @@ ngx_stream_core_preread_phase(ngx_stream
}
}
+ if (c->type == SOCK_DGRAM) {
+ ngx_log_error(NGX_LOG_ERR, c->log, 0, "datagram preread failed");
+ rc = NGX_STREAM_BAD_REQUEST;
+ goto done;
+ }
+
if (c->buffer == NULL) {
c->buffer = ngx_create_temp_buf(c->pool, cscf->preread_buffer_size);
if (c->buffer == NULL) {
_______________________________________________
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
