Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

Fixed evhttp_parse_query to not fail in particular cases #15

Open
wants to merge 1 commit into
from

Conversation

Projects

todo in http

4 participants

VittGam commented Aug 2, 2012

Hi,

I've made those changes to the evhttp_parse_query_impl function to avoid an error on those query strings:

  • test=123&test2 (test2 is now saved as "")
  • test=123&&test2=1 (it no longer crashes on this)
  • test=123&=456&test2=1 (it no longer crashes on this; the no-name entry is discarded)

I also changed this to make the function behave as PHP and others do:

  • test=123&test=456 (test was 123, now is 456)
@VittGam VittGam evhttp_parse_query doesn't fail anymore in particular cases
- test=123&test2 (test2 is now saved as "")
- test=123&test=456 (test was 123, now is 456, as PHP and others do)
- test=123&&test2=1 (it no longer crashes on this)
- test=123&=456&test2=1 (it no longer crashes on this; the no-name entry is discarded)
a555ddb
Owner

nmathewson commented Aug 23, 2012

When I saw that you said "crashes", I freaked out a little, but it turns out that it's just failing. ("Crashing" would mean hitting an assert or a null pointer dereference or something.)

I'm looking at your changes, and I don't understand the reasoning behind all of them. In particular:

  • What standard, if any, specifies query strings like "test=123&test2" ?
  • What standard, if any, allows a query string like "test=123&&test2=1" ?
  • What standard, if any, allows a query string like "test=123&=456&test2=1" ?

As far as I can tell, none of these is standard. Is there some horrible codebase out there that's generating these nonconformant requests that you need to be compatible with or something?

As for "test=123&test=456", is there a standard on that one? I'd hesitate to break existing code that could be relying on the current behavior. It seems to me more reasonable just to include both values in the headers list.

ploxiln commented Jan 20, 2015

re: parameters with no value, I've seen that before, and it seems to be allowed by the URI RFC (though there is some stuff in there that nobody uses)

http://stackoverflow.com/questions/4557387/is-a-url-query-parameter-valid-if-it-has-no-value
http://tools.ietf.org/html/rfc3986#section-3.4

@azat azat self-assigned this Aug 19, 2015

@azat azat added a commit that referenced this pull request Sep 10, 2015

@azat azat test: fix bufferevent/bufferevent_pair_release_lock for freebsd
On FreeBSD with kqueue there is a call to evthread_debug_lock_mark_unlocked()
during event_base_free(), that will fail with an assert because of unmatched
"held_by", fix this by reseting lock callbacks to NULL before
event_base_free().

Trace:
  bufferevent/bufferevent_pair_release_lock: [warn] Trying to disable lock functions after they have been set up will probaby not work.
  [warn] Trying to disable lock functions after they have been set up will probaby not work.

    FAIL libevent/test/regress_bufferevent.c:259: lock: lock error[err] libevent/evthread.c:277: Assertion lock->held_by == me failed in evthread_debug_lock_mark_unlocked
  [New Thread 802006400 (LWP 100070/regress)]

  Program received signal SIGABRT, Aborted.
  [Switching to Thread 802006400 (LWP 100070/regress)]
  0x000000080167d6ca in thr_kill () from /lib/libc.so.7
  (gdb) bt
  #0  0x000000080167d6ca in thr_kill () from /lib/libc.so.7
  #1  0x0000000801752149 in abort () from /lib/libc.so.7
  #2  0x00000000004dff44 in event_exit (errcode=-559030611) at libevent/log.c:105
  #3  0x00000000004e053c in event_errx (eval=-559030611, fmt=0x5182cc "%s:%d: Assertion %s failed in %s") at libevent/log.c:162
  #4  0x00000000004d9954 in evthread_debug_lock_mark_unlocked (mode=0, lock=0x802017060) at libevent/evthread.c:277
  #5  0x00000000004d909a in debug_lock_unlock (mode=0, lock_=0x802017060) at libevent/evthread.c:290
  #6  0x00000000004e132c in evsig_dealloc_ (base=0x80201e300) at libevent/signal.c:434
  #7  0x00000000004e36c1 in kq_dealloc (base=0x80201e300) at libevent/kqueue.c:435
  #8  0x00000000004c9a44 in event_base_free_ (base=0x80201e300, run_finalizers=1) at libevent/event.c:855
  #9  0x00000000004c931a in event_base_free (base=0x0) at libevent/event.c:887
  #10 0x0000000000452657 in lock_unlock_free_thread_cbs () at libevent/test/regress_bufferevent.c:279
  #11 0x0000000000452621 in free_lock_unlock_profiler (data=0x8020170a0) at libevent/test/regress_bufferevent.c:317
  #12 0x000000000044bc8f in test_bufferevent_pair_release_lock (arg=0x8020170a0) at libevent/test/regress_bufferevent.c:334
  #13 0x00000000004b2288 in testcase_run_bare_ (testcase=0x737660) at libevent/test/tinytest.c:105
  #14 0x00000000004b1e72 in testcase_run_one (group=0x738c90, testcase=0x737660) at libevent/test/tinytest.c:252
  #15 0x00000000004b2930 in tinytest_main (c=3, v=0x7fffffffead0, groups=0x738c20) at libevent/test/tinytest.c:434
  #16 0x00000000004982fe in main (argc=3, argv=0x7fffffffead0) at libevent/test/regress_main.c:459
  (gdb) f 4
  #4  0x00000000004d9954 in evthread_debug_lock_mark_unlocked (mode=0, lock=0x802017060) at libevent/evthread.c:277
  277                     EVUTIL_ASSERT(lock->held_by == me);
  Current language:  auto; currently minimal
  (gdb) p lock
  $1 = (struct debug_lock *) 0x802017060
  (gdb) p lock->held_by
  $2 = 0
  (gdb) p me
  $3 = 34393318400
79f9ace

@azat azat added the prio:deferred label Oct 30, 2015

@azat azat added to todo in http May 28, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment