fix: restore missing max_body_size guard for chunked body in 1.29.2.4 patch (client_max_body_size 0 wrongly 413s chunked)#115
Conversation
The 1.29.2.4 client_max_body_size patch dropped the `&& max_body_size` guard in the
chunked body check that 1.27.1.1 has. After preprocessing, the NGX_HTTP_APISIX branch became:
if (max_body_size - r->headers_in.content_length_n < rb->chunked->size)
So with client_max_body_size 0 (unlimited) and a chunked request (content_length_n == 0),
`0 - 0 < chunk_size` is always true for any non-empty chunk, producing a spurious 413
"client intended to send too large chunked body".
This breaks chunked uploads through APISIX (which renders client_max_body_size 0 by default):
docker push blob upload (chunked PATCH), large file/attachment uploads, etc. Only chunked is
affected; the content-length and rb->received checks in the same patch kept their guard.
Restore `&& max_body_size` so 0 short-circuits, matching patch/1.27.1.1 and stock nginx.
Add regression tests: client_max_body_size 0 + Transfer-Encoding: chunked (http1 + http2)
with non-empty body must pass, not 413.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: Peng Yong <ppyy@netegn.com>
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (2)
📝 WalkthroughWalkthroughA patch to Changesclient_max_body_size=0 bypass for chunked and HTTP/2
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes 🚥 Pre-merge checks | ✅ 6✅ Passed checks (6 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
|
What this fixes
patch/1.29.2.4/nginx-client_max_body_size.patchdropped the&& max_body_sizeguard in thechunked-body check that
patch/1.27.1.1/nginx-client_max_body_size.patchhas.After C preprocessing, the
NGX_HTTP_APISIXbranch ofngx_http_request_body_chunked_filter()becomes:
So with
client_max_body_size 0(unlimited) and a chunked request (content_length_n == 0),0 - 0 < chunk_sizeis true for any non-empty chunk → spurious 413client intended to send too large chunked body.The content-length check and the
rb->receivedcheck in the same patch kept their&& max_body_sizeguard, so only chunked requests are affected.Impact
APISIX renders
client_max_body_size 0by default. Once APISIX bundles this runtime(APISIX 3.17.0 → apisix-runtime 1.3.6 → OpenResty 1.29.2.4 + apisix-nginx-module 1.19.5),
any chunked upload through APISIX returns 413:
docker pushblob upload (chunked PATCH),large file/attachment uploads, etc.
Confirmed in production on APISIX 3.17.0 (docker push to a registry behind APISIX failed with
413), reproduced with a standalone OpenResty 1.29.2.4 build; OpenResty 1.27.1.2 (this module's
1.27.1.1patch) is unaffected.Fix
Restore the missing
&& max_body_sizeline somax_body_size == 0short-circuits the chunkedcheck, matching
patch/1.27.1.1/...and stock nginx semantics.#if (NGX_HTTP_APISIX) (void) clcf; /* unused */ if (max_body_size + && max_body_size #else if (clcf->client_max_body_size && clcf->client_max_body_size #endif - r->headers_in.content_length_n < rb->chunked->size)Tests
Added regression cases to
t/client_max_body_size.t:set_client_max_body_size(0)+Transfer-Encoding: chunked(HTTP/1.1),non-empty body → must pass, not 413.
(TEST 11 already covered max-body-size 0 for
Content-Length; chunked was the gap.)Related
This was originally reported (mistakenly) against OpenResty core in openresty/openresty#1139;
the actual root cause is this module's
1.29.2.4patch, not nginx/OpenResty core.Summary by CodeRabbit
413response.