From 4337cb52675cf61386397079495bdf90ac672d38 Mon Sep 17 00:00:00 2001 From: Waqas Hussain Date: Fri, 8 Feb 2013 00:18:40 +0500 Subject: net.http.parser: Fix traceback on invalid URL in status line. --- net/http/parser.lua | 1 + 1 file changed, 1 insertion(+) (limited to 'net/http') diff --git a/net/http/parser.lua b/net/http/parser.lua index 64cf38c0..9fd707d1 100644 --- a/net/http/parser.lua +++ b/net/http/parser.lua @@ -99,6 +99,7 @@ function httpstream.new(success_cb, error_cb, parser_type, options_cb) parsed_url = { path = _path, query = _query }; else parsed_url = url_parse(path); + if not parsed_url then error = true; return error_cb("invalid-url"); end end path = preprocess_path(parsed_url.path); headers.host = parsed_url.host or headers.host; -- cgit v1.2.3 From 42c8d5bd2416ae0cd8a12f718f3ae9e10ea43e42 Mon Sep 17 00:00:00 2001 From: Waqas Hussain Date: Fri, 8 Feb 2013 00:27:59 +0500 Subject: net.http.parser: Ensure full URL in status line contains a path. --- net/http/parser.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'net/http') diff --git a/net/http/parser.lua b/net/http/parser.lua index 9fd707d1..2545b5ac 100644 --- a/net/http/parser.lua +++ b/net/http/parser.lua @@ -99,7 +99,7 @@ function httpstream.new(success_cb, error_cb, parser_type, options_cb) parsed_url = { path = _path, query = _query }; else parsed_url = url_parse(path); - if not parsed_url then error = true; return error_cb("invalid-url"); end + if not(parsed_url and parsed_url.path) then error = true; return error_cb("invalid-url"); end end path = preprocess_path(parsed_url.path); headers.host = parsed_url.host or headers.host; -- cgit v1.2.3 From db6081d6e073cb625b280397e6b73808f7476a92 Mon Sep 17 00:00:00 2001 From: Waqas Hussain Date: Tue, 26 Feb 2013 19:41:52 +0500 Subject: net.http.server: Ensure HTTP callbacks are never called recursively for pipelined requests. --- net/http/server.lua | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) (limited to 'net/http') diff --git a/net/http/server.lua b/net/http/server.lua index 7cf25009..87d82418 100644 --- a/net/http/server.lua +++ b/net/http/server.lua @@ -89,29 +89,30 @@ function listener.onconnect(conn) local pending = {}; local waiting = false; local function process_next() - --if waiting then log("debug", "can't process_next, waiting"); return; end - if sessions[conn] and #pending > 0 then + if waiting then log("debug", "can't process_next, waiting"); return; end + waiting = true; + while sessions[conn] and #pending > 0 do local request = t_remove(pending); --log("debug", "process_next: %s", request.path); - waiting = true; --handle_request(conn, request, process_next); _1, _2, _3 = conn, request, process_next; if not xpcall(_handle_request, _traceback_handler) then conn:write("HTTP/1.0 500 Internal Server Error\r\n\r\n"..events.fire_event("http-error", { code = 500, private_message = last_err })); conn:close(); end - else - --log("debug", "ready for more"); - waiting = false; end + --log("debug", "ready for more"); + waiting = false; end local function success_cb(request) --log("debug", "success_cb: %s", request.path); + if waiting then + log("error", "http connection handler is not reentrant: %s", request.path); + assert(false, "http connection handler is not reentrant"); + end request.secure = secure; t_insert(pending, request); - if not waiting then - process_next(); - end + process_next(); end local function error_cb(err) log("debug", "error_cb: %s", err or ""); -- cgit v1.2.3