A bug in functon parse-content-type.

Hans Hübner hans.huebner at gmail.com
Wed May 22 07:32:52 UTC 2013 

I'm interested in seeing an actual content-type header value that triggers
the problem - Raising an uncaught error in response to some user input is
certainly undesirable and warrants a fix, but I would like to understand
what valid content types are handled incorrectly.


On Wed, May 22, 2013 at 8:35 AM, Jingtao Xu <jingtaozf at gmail.com> wrote:

> I have add a log to hunchentoot so I can get the content header when it
> happens,
>
> But I think Ron have reproduced the problem:
>
> ? (WITH-INPUT-FROM-VECTOR (s (map '(VECTOR (UNSIGNED-BYTE 8))
> 'char-code "x=/y"))
>
> With Best Regards,
> jingtao.
>
>
> On Wed, May 22, 2013 at 1:33 PM, Hans Hübner <hans.huebner at gmail.com>
> wrote:
> > Jingtao,
> >
> > before I make any changes to Chunga, I need to have an understanding what
> > the problem is and how it can be triggered.  As you have already invested
> > quite some time in reporting this bug (thanks for that), please go the
> extra
> > mile and determine what the real cause is and how the bug that you have
> > found is triggered.
> >
> > Thanks,
> > -Hans
> >
> >
> > On Wed, May 22, 2013 at 7:15 AM, Jingtao Xu <jingtaozf at gmail.com> wrote:
> >>
> >> Hi Hans,
> >>
> >> As hunchentoot have not logged them to message.log,I could not give
> >> out the content-type header to you.
> >> And this bug don't appear always,so I have no way reproduce this bug
> >> at this time.
> >>
> >> But I have made some patch to chunga and hunchentoot by cloning the
> >> repository:
> >> https://github.com/jingtaozf/chunga/commits/master
> >> https://github.com/jingtaozf/hunchentoot/commits/master
> >>
> >>
> >> With Best Regards,
> >> jingtao.
> >>
> >>
> >> On Wed, May 22, 2013 at 1:03 PM, Hans Hübner <hans.huebner at gmail.com>
> >> wrote:
> >> > Jingtao,
> >> >
> >> > thank you for your bug report.  Can you please share the actual value
> of
> >> > the
> >> > Content-type header that triggered the bug?
> >> >
> >> > Thanks,
> >> > Hans
> >> >
> >> >
> >> > On Wed, May 22, 2013 at 4:28 AM, Jingtao Xu <jingtaozf at gmail.com>
> wrote:
> >> >>
> >> >> Hi All,
> >> >>
> >> >> My website use hunchentoot and allow some external website post  url
> >> >> request to hunchentoot server(which is necessary),and I found an
> error
> >> >> log in message.log:
> >> >>
> >> >> ---------------------------------------------------
> >> >> Error when reading POST parameters from body: Corrupted Content-Type
> >> >> header:
> >> >> Read character #\/, but expected #\=.
> >> >> ---------------------------------------------------
> >> >>
> >> >> I found this bug is caused in function parse-content-type when it
> want
> >> >> to get parameters
> >> >> by calling function read-name-value-pairs then
> read-name-value-pair,in
> >> >> lisp function read-name-value-pair,there exist an assert which raise
> >> >> this exception:
> >> >>
> >> >> ------------------------------------------
> >> >>           (when (or value-required-p
> >> >>                     (eql (peek-char* stream nil) #\=))
> >> >>             (assert-char stream #\=)
> >> >> ------------------------------------------
> >> >>
> >> >> And this will make hunchentoot thread stop the request processing and
> >> >> exit,which is wrong.
> >> >>
> >> >> When I have a deep investigation,I found that this bug should be
> >> >> caused by package chuga
> >> >> when try to read-token,its function token-char-p will call function
> >> >> separatorp and allow character #\/
> >> >> as a token character,which is not practical well,because both java
> and
> >> >> ruby and many other launguage don't allow them as a token
> >> >> character,more details you can get in a discussion:
> >> >>
> >> >> http://bugs.python.org/issue2193
> >> >>
> >> >> and a java implemention of token-char-p is like this:
> >> >>
> >> >> -------------------------------------------------------------
> >> >>
> >> >> private static final String tspecials = ",; ";
> >> >>
> >> >> private boolean isToken(String value) {
> >> >>     int len = value.length();
> >> >>     for (int i = 0; i < len; i++) {
> >> >>         char c = value.charAt(i);
> >> >>         if (c < 0x20 || c >= 0x7f || tspecials.indexOf(c) != -1)
> >> >>             return false;
> >> >>         }
> >> >>     return true;
> >> >> }
> >> >> -------------------------------------------------------------
> >> >>
> >> >> Anyway, hunchentoot should not raise an exception in
> >> >> parse-content-type,which make my site could not receive user's
> >> >> request.
> >> >> And to be more compatible with other web client/server, hunchentoot
> >> >> should read token
> >> >> like java/ruby.
> >> >>
> >> >> Hope some patch can be done to package chunga and hunchentoot to fix
> my
> >> >> issue.
> >> >>
> >> >> With Best Regards,
> >> >> jingtao.
> >> >>
> >> >
> >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.common-lisp.net/pipermail/tbnl-devel/attachments/20130522/3c5d3117/attachment.html>

More information about the Tbnl-devel mailing list