diff --git a/doc/configuration.txt b/doc/configuration.txt index 49bfd858c..082b85788 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -1374,9 +1374,9 @@ tune.http.maxhdr are blocked with "502 Bad Gateway". The default value is 101, which is enough for all usages, considering that the widely deployed Apache server uses the same limit. It can be useful to push this limit further to temporarily allow - a buggy application to work by the time it gets fixed. Keep in mind that each - new header consumes 32bits of memory for each session, so don't push this - limit too high. + a buggy application to work by the time it gets fixed. The accepted range is + 1..32767. Keep in mind that each new header consumes 32bits of memory for + each session, so don't push this limit too high. tune.idletimer Sets the duration after which haproxy will consider that an empty buffer is diff --git a/src/cfgparse.c b/src/cfgparse.c index 261a0ebbe..3706bca52 100644 --- a/src/cfgparse.c +++ b/src/cfgparse.c @@ -916,7 +916,13 @@ int cfg_parse_global(const char *file, int linenum, char **args, int kwm) err_code |= ERR_ALERT | ERR_FATAL; goto out; } - global.tune.max_http_hdr = atol(args[1]); + global.tune.max_http_hdr = atoi(args[1]); + if (global.tune.max_http_hdr < 1 || global.tune.max_http_hdr > 32767) { + Alert("parsing [%s:%d] : '%s' expects a numeric value between 1 and 32767\n", + file, linenum, args[0]); + err_code |= ERR_ALERT | ERR_FATAL; + goto out; + } } else if (!strcmp(args[0], "tune.comp.maxlevel")) { if (alertif_too_many_args(1, file, linenum, args, &err_code))