Opened 6 months ago
Closed 6 months ago
#2645 closed defect (invalid)
SSL_read bad length error when uploading large files over HTTPS
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | nginx-module | Version: | |
| Keywords: | Cc: | ||
| uname -a: | Linux example.com 5.10.0-29-amd64 #1 SMP Debian 5.10.216-1 (2024-05-03) x86_64 GNU/Linux | ||
| nginx -V: |
root@s8a49d169:~# nginx -V
nginx version: nginx/1.26.0 built by gcc 10.2.1 20210110 (Debian 10.2.1-6) built with OpenSSL 1.1.1n 15 Mar 2022 (running with OpenSSL 1.1.1w 11 Sep 2023) TLS SNI support enabled configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-http_v3_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-g -O2 -ffile-prefix-map=/data/builder/debuild/nginx-1.26.0/debian/debuild-base/nginx-1.26.0=. -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie' |
||
Description
When attempting to upload files of approximately 2.8 GB via HTTPS, we encounter the following error:
SSL_read() failed (SSL: error:140DF10F:SSL routines:SSL_read:bad length)
We suspect that this issue is related to the use of the SSL_read() function, which is overflowing.
Not sure, but a possible solution might be to use the SSL_read_ex() function instead.
Attachments (1)
Change History (4)
by , 6 months ago
follow-up: 2 comment:1 by , 6 months ago
comment:2 by , 6 months ago
Replying to Roman Arutyunyan:
SSL_read()may fail if buffer size does not fit in anint, which is typically a 32-bit integer. What's the value ofclient_body_buffer_sizein your configuration? Setting it to something like 2Gb is a bad idea.
You are right, the value of client_body_buffer_size was too high. Shame on me.
Sorry for the time you spent. Please close the ticket.
Best regards.
comment:3 by , 6 months ago
| Resolution: | → invalid |
|---|---|
| Status: | new → closed |
SSL_read()may fail if buffer size does not fit in anint, which is typically a 32-bit integer. What's the value ofclient_body_buffer_sizein your configuration? Setting it to something like 2Gb is a bad idea.