]> git.kaiwu.me - nginx.git/commit
Upstream: limit header length for HTTP/2 and gRPC
authorRoman Arutyunyan <arut@nginx.com>
Tue, 2 Jun 2026 15:37:17 +0000 (19:37 +0400)
committerRoman Arutyunyan <arutyunyan.roman@gmail.com>
Wed, 17 Jun 2026 14:40:35 +0000 (07:40 -0700)
commit26d824ec3a2f819300edce0ab3b055751c9843ff
tree7b8ce7e5067aad417f9cab1545527c67dedf0287
parent9e293766e73c469c015df5341f1c1d403fb532c6
Upstream: limit header length for HTTP/2 and gRPC

The change applies the HTTP/2 header length limits to avoid buffer
overflow.  See 58a7bc3406ac for details.

Reported by Mufeed VH of Winfunc Research.
src/http/modules/ngx_http_grpc_module.c
src/http/modules/ngx_http_proxy_v2_module.c