GNU bug report logs -
#36350
[2.2.5] ‘read-headers’ blocks, thereby breaking web servers
Previous Next
Reported by: Ludovic Courtès <ludo <at> gnu.org>
Date: Mon, 24 Jun 2019 10:33:02 UTC
Severity: important
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
Message #16 received at 36350 <at> debbugs.gnu.org (full text, mbox):
Hi Ludovic,
Ludovic Courtès <ludo <at> gnu.org> writes:
> ./meta/guile examples/web/hello.scm &
> wget -O - http://localhost:8080
>
> You’ll notice that ‘wget’ hangs (never receives a response) because the
> server is actually stuck in a read(2) call that will never complete, in
> ‘read-headers’.
>
> Reverting 73cde5ed7218a090ecee888870908af5445796f0 solves the problem.
>
> AIUI, before that commit, ‘read-header-line’ would read exactly one
> line. After this change, it calls ‘lookahead-char’, which can block,
> and that’s exactly what’s happening here.
Gah, indeed!
Also, I see now that there was already some existing code to handle HTTP
continuation lines, before my commit referenced above, although it
neglects to fold the whitespace after the CRLF into a single SP octet.
I'm not sure how I failed to notice that.
The commit should simply be reverted, I think. Pushed as commit
e1225d013ed8673382d6d8f9300dd6b175c8b820 on the stable-2.2 branch.
I tried leaving the new test in place, but it failed due to the lack of
whitespace folding in the previous code.
I really messed up here, sorry.
> I also noticed that there are no unit tests for (web server), which we
> should probably address while we’re at it. :-)
Yes, that would be great. I won't be able to do it anytime soon,
though.
Mark
This bug report was last modified 5 years and 331 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.