rails 3 crash in json post without contentType #4424

Closed
pbrumm opened this Issue Jan 12, 2012 · 16 comments

7 participants

@pbrumm

It has something to do with the depth of the data

in jquery I did a post

$.ajax(
            type: "POST"
            url: "/offices/bulk"
            dataType: "json"
            data: JSON.stringify(changes)
            success: on_success
            error: on_error
        )

of

  [{"address":{"business":{"addr1":"5550 street Dr","city":"Test","state":"TN","zip":"35215","addr2":""}},"name":"asef1asdf","website_url":"http://asdf.com","email":"emal@addr.com","phones":{"fax":"2383838384","main":"5552693839"},"primary":true,"schedule_restrictions":[{"e_type":"b","name":"Breakfast Hours","day_times":{"1":[{"s_hm":7.3,"e_hm":8.3}],"2":[{"s_hm":7.3,"e_hm":8.3}],"3":[{"s_hm":7.3,"e_hm":8.3}],"4":[{"s_hm":7.3,"e_hm":8.3}],"5":[{"s_hm":7.3,"e_hm":8.3}],"6":[],"0":[]}},{"e_type":"l","name":"Lunch Hours","day_times":{"1":[{"s_hm":11.3,"e_hm":13}],"2":[{"s_hm":11.3,"e_hm":13}],"3":[{"s_hm":11.3,"e_hm":13}],"4":[{"s_hm":11.3,"e_hm":13}],"5":[{"s_hm":11.3,"e_hm":13}],"6":[],"0":[]}},{"e_type":"o","name":"Office Hours","day_times":{"1":[{"s_hm":7.3,"e_hm":16.3}],"2":[{"s_hm":7.3,"e_hm":16.3}],"3":[{"s_hm":7.3,"e_hm":16.3}],"4":[{"s_hm":7.3,"e_hm":16.3}],"5":[{"s_hm":7.3,"e_hm":16.3}],"6":[],"0":[]}},{"e_type":"v","name":"Vendor Hours","day_times":{"1":[{"s_hm":8.3,"e_hm":11.3},{"s_hm":13,"e_hm":16.3}],"2":[{"s_hm":8.3,"e_hm":11.3},{"s_hm":13,"e_hm":16.3}],"3":[{"s_hm":8.3,"e_hm":11.3},{"s_hm":13,"e_hm":16.3}],"4":[{"s_hm":8.3,"e_hm":11.3},{"s_hm":13,"e_hm":16.3}],"5":[{"s_hm":8.3,"e_hm":11.3},{"s_hm":13,"e_hm":16.3}],"6":[],"0":[]}}],"id":"4f049cb319ede8061300000f","loc":[-86.7989489,36.709057]},{"address":{"business":{"addr1":"1401 addr12 dr","city":"Nashville","state":"tn","zip":"37215","addr2":""}},"name":"asef2asdf","website_url":"asdf.com","email":"asef@asdf.com","phones":{"fax":"1342334234","main":"5555555555"},"primary":true,"schedule_restrictions":[{"e_type":"b","name":"Breakfast Hours","day_times":{"1":[{"s_hm":7.3,"e_hm":8.3}],"2":[{"s_hm":7.3,"e_hm":8.3}],"3":[{"s_hm":7.3,"e_hm":8.3}],"4":[{"s_hm":7.3,"e_hm":8.3}],"5":[{"s_hm":7.3,"e_hm":8.3}],"6":[],"0":[]}},{"e_type":"l","name":"Lunch Hours","day_times":{"1":[{"s_hm":11.3,"e_hm":13}],"2":[{"s_hm":11.3,"e_hm":13}],"3":[{"s_hm":11.3,"e_hm":13}],"4":[{"s_hm":11.3,"e_hm":13}],"5":[{"s_hm":11.3,"e_hm":13}],"6":[],"0":[]}},{"e_type":"o","name":"Office Hours","day_times":{"1":[{"s_hm":7.3,"e_hm":16.3}],"2":[{"s_hm":7.3,"e_hm":16.3}],"3":[{"s_hm":7.3,"e_hm":16.3}],"4":[{"s_hm":7.3,"e_hm":16.3}],"5":[{"s_hm":7.3,"e_hm":16.3}],"6":[],"0":[]}},{"e_type":"v","name":"Vendor Hours","day_times":{"1":[{"s_hm":8.3,"e_hm":11.3},{"s_hm":13,"e_hm":16.3}],"2":[{"s_hm":8.3,"e_hm":11.3},{"s_hm":13,"e_hm":16.3}],"3":[{"s_hm":8.3,"e_hm":11.3},{"s_hm":13,"e_hm":16.3}],"4":[{"s_hm":8.3,"e_hm":11.3},{"s_hm":13,"e_hm":16.3}],"5":[{"s_hm":8.3,"e_hm":11.3},{"s_hm":13,"e_hm":16.3}],"6":[],"0":[]}}],"id":"4f049d7219ede80613000011","loc":[-86.7896684,36.1078298]}]

and every time rails would crash with a

Illegal instruction: 4

I then added a

contentType: "application/json"

and the crash goes away.
Simpler json doesn't cause a crash

My guess is that rails is trying to parse post as xml and crashing.

default jquery mime type is

 'application/x-www-form-urlencoded'

I am using rails 3.1.3 with a fresh local bundle install on ruby-1.9.2-p290
the route looks like this

match '/offices/bulk'     => 'offices#bulk', :via => :post

It crashes before it reaches the bulk method

@CodeOfficer

I'm having the exact same issue on a ruby 1.9.2p290/rails 3.1.1 project. If I don't specify contentType: "application/json" manually in the ajax call then the rails app quits under webrick with "Illegal instruction: 4". If I do specify contentType, it doesn't crash but I get a MultiJson::DecodeError (751: unexpected token at 'user%5Bemail%5D=admin%40test.com&user%5Bpassword%5D=password') error from rails.

I tried the exact same things under Thin and instead of crashing the server, I get a stack level too deep error. I figured it might be a poorly compiled JSON gem but I just removed my entire RVM install and reinstalled to find the problem persists. A coworker on the same project is NOT having these issues so it seems it might be environment specific.

I'd love to hear from other people on this one.

@CodeOfficer

Sooo, I thought I would post back here that my issue was resolved. Some of the data in our api's json payload was coming from a redis feed and that data was corrupt. We're looking into it further, but the problem was not in rails itself or the multijson/json gems.

@pbrumm

have you tried without the contenttype?

are you still getting the illegal instruction: 4?

I am getting that with valid json passing in

@CodeOfficer

My JSON was not invalid, it was data that was being fetched from redis that was invalid. When I removed just the redis portion of the data from my JSON payload, all worked as expected and I did not get a illegal instruction: 4.

@ahawkins

@pbrumm Rails param parser only parses JSON if the Content-Type header is set to "application/json". You'll get an error because Rails will try to parse the body using URI encoding (but the body is json). I suggest you read the code for this class: https://github.com/rails/rails/blob/master/actionpack/lib/action_dispatch/middleware/params_parser.rb

Also, IIRC, dataType sets the Accept header. The accept header tells Rails to give JSON back and not parse JSON input.

@steveklabnik can you close this one too?

@rafaelfranca
Ruby on Rails member

@twinturbo right. Closing it now

@pbrumm

my concern is not that this didn't return an error. it is that the rails instance crashed.

So basically if you send that json to any body post the rails instance crash.

@rafaelfranca rafaelfranca reopened this Apr 30, 2012
@rafaelfranca
Ruby on Rails member

Reopened

@ahawkins

@pbrumm are you saying that if you send a request without a Content-Type with a JSON encoded body Rails Crashes? If that is true then that is the correct behavior because the params parser chokes on incorrect data.

@pbrumm

I am saying that if you run

bundle exec rails server

hit a post with that json data without a content type

the rails server instance throws a stack trace and an "illegal instruction: 4" and shuts down.

the browser that made the request gets a "server not found message:" since it is no longer listening on port 3000.

This is probably an issue with the xml parser, but it shouldn't crash on bad data. it should return an exception.

@steveklabnik
Ruby on Rails member

Yeah 👍. If you can crash someone's Rails app by sending bad data, that's bad.

@ahawkins

@pbrumm you're welcome to open a PR to patch params parser to return a 500 response. This happens inside the middleware stack before it even hits your Rails code.

@pbrumm

So is this is a Rack issue?

@simao

Do you still have this problem? i can't reproduce it with rails 3.2.8.

@timraymond

I tried reproducing with rails 3.1.1 and 1.9.2-p290 by following your steps, but was unsuccessful. Could you post a minimal rails app that has this issue?

@steveklabnik
Ruby on Rails member

@pbrumm a few people can't reproduce this, and we haven't heard from you in a long while, I'm closing this. If you can give us a reproduction, I'll re-open. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment