]> git.kaiwu.me - nginx.git/commit
Upstream: limit header length for HTTP/2 and gRPC
authorRoman Arutyunyan <arut@nginx.com>
Tue, 2 Jun 2026 15:37:17 +0000 (19:37 +0400)
committerRoman Arutyunyan <arutyunyan.roman@gmail.com>
Wed, 17 Jun 2026 15:15:33 +0000 (08:15 -0700)
commit131be8514da8985b15b74150521afedbf9cc4ea3
tree3d10af5adfd990c12565f108b16a78ddcb60bdd2
parentde1e34c693d6d38f4223d4ebd5cbdfdca452de1a
Upstream: limit header length for HTTP/2 and gRPC

The change applies the HTTP/2 header length limits to avoid buffer
overflow.  See 58a7bc3406ac for details.

Reported by Mufeed VH of Winfunc Research.
src/http/modules/ngx_http_grpc_module.c
src/http/modules/ngx_http_proxy_v2_module.c