Opened 14 months ago
Closed 14 months ago
#2342 closed defect (invalid)
Setting a very high max-age value for Cache-Control causes int overflow
|Reported by:||Owned by:|
|uname -a:||Tested on Windows|
|nginx -V:||nginx version: nginx/1.20.2|
When proxying to a ruby on rails application, it is possible to receive 100 years (in seconds) as the max age value for the purpose of caching the response forever. In such cases, when nginx parses the value, it ends up being negative thus marking all cache responses as
According to the spechttps://datatracker.ietf.org/doc/html/rfc7234#section-1.2.1
the cache must consider the value to be either 2147483648 (2^31) or the greatest positive integer it can conveniently represent
I think the issue might be somewhere near https://github.com/nginx/nginx/blob/master/src/http/ngx_http_upstream.c#L4761 .
Change History (2)
comment:1 by , 14 months ago
comment:2 by , 14 months ago
|Status:||new → closed|
The maximum supported expiration time is limited by the size of time_t, and on most 32-bit platforms, including Windows, this means that only dates up to 2038 are supported. If you have to use higher expiration times for some reason, you have to switch to a 64-bit platform.
Note that standard Windows binaries as shipped on nginx.org are currently 32-bit, see #1391. If you need a 64-bit Windows binary, see here for instructions on how to build it yourself.
My bad, this is the result for