[PATCH devel-2.1] Fix two potentially endless loops in http library

Fri, 26 Feb 2010 04:34:44 -0800 

The first can be problematic if poll(2) returns POLLHUP|POLLERR on a
socket. Before it would be only be respected for SOCKOP_RECV, but since
they can also occur on other socket operations, esp. in combination with
OpenSSL, letting the socket functions handle POLLHUP|POLLERR seems to be
the right thing.

The second is a typo leading to an endless loop if the first line of an
HTTP connection is empty (simply "\r\n"). Instead of removing the empty
line, it would remove anything after it.

Signed-off-by: Michael Hanselmann <[email protected]>
---
 lib/http/__init__.py |    8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/http/__init__.py b/lib/http/__init__.py
index ce2243a..b39866a 100644
--- a/lib/http/__init__.py
+++ b/lib/http/__init__.py
@@ -394,23 +394,23 @@ def SocketOperation(sock, op, arg1, timeout):
     if event_override or op in (SOCKOP_SEND, SOCKOP_RECV, SOCKOP_HANDSHAKE):
       if event_override:
         wait_for_event = event_override
       else:
         wait_for_event = event_poll
 
       event = WaitForSocketCondition(sock, wait_for_event, timeout)
       if event is None:
         raise HttpSocketTimeout()
 
-      if (op == SOCKOP_RECV and
-          event & (select.POLLNVAL | select.POLLHUP | select.POLLERR)):
-        return ""
+      if event & (select.POLLNVAL | select.POLLHUP | select.POLLERR):
+        # Let the socket functions handle these
+        break
 
       if not event & wait_for_event:
         continue
 
     # Reset override
     event_override = 0
 
     try:
       try:
         if op == SOCKOP_SEND:
@@ -838,21 +838,21 @@ class HttpMessageReader(object):
       while True:
         idx = buf.find("\r\n")
 
         # RFC2616, section 4.1: "In the interest of robustness, servers SHOULD
         # ignore any empty line(s) received where a Request-Line is expected.
         # In other words, if the server is reading the protocol stream at the
         # beginning of a message and receives a CRLF first, it should ignore
         # the CRLF."
         if idx == 0:
           # TODO: Limit number of CRLFs/empty lines for safety?
-          buf = buf[:2]
+          buf = buf[2:]
           continue
 
         if idx > 0:
           self.start_line_buffer = buf[:idx]
 
           self._CheckStartLineLength(len(self.start_line_buffer))
 
           # Remove status line, including CRLF
           buf = buf[idx + 2:]
 
-- 
1.6.6

Reply via email to