fix header with underscore character #8475
Conversation
|
Fixed: #3580 |
packages/bun-uws/src/HttpParser.h
Outdated
| static inline void *consumeFieldName(char *p) | ||
| { | ||
| for (; true; p += 8) | ||
| { | ||
| uint64_t word; | ||
| memcpy(&word, p, sizeof(uint64_t)); | ||
| if (notFieldNameWord(word)) | ||
| if (isFieldNameFirstByte(*(unsigned char *)p)) |
There was a problem hiding this comment.
This is too many changes. The only change in the parser code should be to check for _ and .
There was a problem hiding this comment.
Yes, but per request @paperdave link i also added first character check for letter only
If it's extra, I can return it
There was a problem hiding this comment.
i was under the assumption the parser was already this way but it wasnt, i change my mind on this. sorry
There was a problem hiding this comment.
lets do just the added | to keep this as minimal as possible to reduce breaking something
There was a problem hiding this comment.
will it be enough if i change to
static inline bool notFieldNameWord(uint64_t x)
{
return hasLess(x, '9') |
hasBetween(x, '9', 'A') |
hasBetween(x, 'Z', 'a') |
hasMore(x, 'z');
}There was a problem hiding this comment.
This will be a small enough change to not break anything, but enough to allow only letters
also a couple of cpu instructions less)
however, in my unprofessional opinion, my version (without hasLess, hasBetween, hasMore) has even fewer cpu instructions
There was a problem hiding this comment.
|
Any update on merging & publishing this? This is a rather critical bug that's been opened for a while. |
we are instead going with a fix done upstream into usockets itself (which is actually much more permissive than this one was i think) |
|
Fixed in #8830 |
What does this PR do?
Fix response header with underscore character
Fixed: #8446
When bun receive request header with underscore request is stuck
How did you verify your code works?
bun-debug test test-file-name.test)