GNU bug report logs -
#36350
[2.2.5] ‘read-headers’ blocks, thereby breaking web servers
Previous Next
Reported by: Ludovic Courtès <ludo <at> gnu.org>
Date: Mon, 24 Jun 2019 10:33:02 UTC
Severity: important
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
Hi Mark,
Mark H Weaver <mhw <at> netris.org> skribis:
> Ludovic Courtès <ludo <at> gnu.org> writes:
>
>> ./meta/guile examples/web/hello.scm &
>> wget -O - http://localhost:8080
>>
>> You’ll notice that ‘wget’ hangs (never receives a response) because the
>> server is actually stuck in a read(2) call that will never complete, in
>> ‘read-headers’.
>>
>> Reverting 73cde5ed7218a090ecee888870908af5445796f0 solves the problem.
>>
>> AIUI, before that commit, ‘read-header-line’ would read exactly one
>> line. After this change, it calls ‘lookahead-char’, which can block,
>> and that’s exactly what’s happening here.
>
> Gah, indeed!
>
> Also, I see now that there was already some existing code to handle HTTP
> continuation lines, before my commit referenced above, although it
> neglects to fold the whitespace after the CRLF into a single SP octet.
> I'm not sure how I failed to notice that.
>
> The commit should simply be reverted, I think. Pushed as commit
> e1225d013ed8673382d6d8f9300dd6b175c8b820 on the stable-2.2 branch.
> I tried leaving the new test in place, but it failed due to the lack of
> whitespace folding in the previous code.
OK, reverting sounds good to me.
> I really messed up here, sorry.
No problem. Perhaps we should consider releasing 2.0.6 soon and use
that in Guix on ‘core-updates’.
Thanks,
Ludo’.
This bug report was last modified 5 years and 331 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.