Re: Range-Bug

[Dan Winship <danw gnome org>]

Fixed in git. Thanks

On 07/31/2013 02:28 PM, Kai Lüke wrote:
> Hello,
>
> because bugzilla.gnome.org doesn't load for me rightnow, I will post it
> here.
> While I'm happy that libsoup handles range requests automatically, I
> found out that invalid range requests lead to an integer overflow in
> Content-Lenght.
>
> Reproduce:
>
> printf "GET / HTTP/1.0\r\n\r\n" |nc localhost 8000
> printf "GET / HTTP/1.0\r\nRange: bytes=0-\r\n\r\n" |nc localhost 8000
> printf "GET / HTTP/1.0\r\nRange: bytes=4-\r\n\r\n" |nc localhost 8000
> printf "GET / HTTP/1.0\r\nRange: bytes=5-\r\n\r\n" |nc localhost 8000
> printf "GET / HTTP/1.0\r\nRange: bytes=6-\r\n\r\n" |nc localhost 8000
> printf "GET / HTTP/1.0\r\nRange: bytes=7-\r\n\r\n" |nc localhost 8000
>
> On this small server:
>
> #!/usr/bin/env python3
> from gi.repository import Soup, GObject
> import signal
>
> def w(server, msg, path, query, clientContext, userdata):
>   msg.set_status(200)
>   msg.set_response("text/html", Soup.MemoryUse.COPY,"hallo".encode())
> g = Soup.Server(port=8000)
> g.add_handler("", w, None)
> signal.signal(signal.SIGINT, signal.SIG_DFL)
> g.run()
>
> Leads to these answers:
>
> HTTP/1.0 200 OK
> Server: libsoup/2.42.2
> Date: Tue, 30 Jul 2013 16:40:36 GMT
> Content-Type: text/html
> Content-Length: 5
>
> hallo
> ---
> HTTP/1.0 206 Partial Content
> Server: libsoup/2.42.2
> Date: Tue, 30 Jul 2013 16:40:36 GMT
> Content-Type: text/html
> Content-Range: bytes 0-4/5
> Content-Length: 5
>
> hallo
> ---
> HTTP/1.0 206 Partial Content
> Server: libsoup/2.42.2
> Date: Tue, 30 Jul 2013 16:40:36 GMT
> Content-Type: text/html
> Content-Range: bytes 4-4/5
> Content-Length: 1
>
> o
> ---
> HTTP/1.0 206 Partial Content
> Server: libsoup/2.42.2
> Date: Tue, 30 Jul 2013 16:40:36 GMT
> Content-Type: text/html
> Content-Range: bytes 5-4/5
> Content-Length: 0
>
> ---
> HTTP/1.0 206 Partial Content
> Server: libsoup/2.42.2
> Date: Tue, 30 Jul 2013 16:40:36 GMT
> Content-Type: text/html
> Content-Range: bytes 6-4/5
> Content-Length: 18446744073709551615
>
> ---
> HTTP/1.0 206 Partial Content
> Server: libsoup/2.42.2
> Date: Tue, 30 Jul 2013 16:40:36 GMT
> Content-Type: text/html
> Content-Range: bytes 7-4/5
> Content-Length: 18446744073709551614
>
>
> And some two assertions failing:
> (process:31829): libsoup-CRITICAL **: soup_message_body_append_buffer:
> assertion `buffer->length > 0' failed
> (process:31829): libsoup-CRITICAL **: soup_message_body_append_buffer:
> assertion `buffer->length > 0' failed
>
> Of course the response behavior for unnormal requests is not easy to
> discuss, but at least Content-Lenght and Content-Range are somehow wrong.
>
> Thanks for reading,
>
> Kai
> _______________________________________________
> libsoup-list mailing list
> libsoup-list gnome org
> https://mail.gnome.org/mailman/listinfo/libsoup-list