P
Philip Mak
--8NvZYKFJsRX2Djef
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Net::HTTP will crash if the remote HTTP server returns a Content-Range
header without a Content-Length header. I have attached a program that
will reproduce the bug. The program has a self-contained dummy HTTP
server that listens on localhost 12345. It then connects to that
server using Net::HTTP, which feeds Net::HTTP a response containing a
Content-Range header without a Content-Length header, causing it to
crash due to the bug.
Here are the error messages I get:
Under ruby 1.6.8 (2002-12-24) [i686-linux]:
/usr/local/lib/ruby/1.6/net/protocol.rb:614:in `sysread': End of file
reached (EOFError)
Under ruby 1.8.0 (2003-05-26) [i386-mswin32]:
c:/ruby/lib/ruby/1.8/net/http.rb:1147:in `range_length': undefined
method `length' for 1..11:Range (NoMethodError)
--8NvZYKFJsRX2Djef
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="bug.rb"
require 'net/http'
require 'socket'
require 'thread'
response = "HTTP/1.1 200 OK
Connection: close
Content-Range: bytes 1-10/10
Content-Type: application/octet-stream
1234567890"
Thread.new do
# Server thread
server = TCPserver.new('localhost', 12345)
while socket = server.accept
# read until blank line is seen
while !socket.eof
break unless line = socket.gets
line.chop!
break if line == ""
end
# write "response"
socket.write response
socket.close
end
end
Net::HTTP.new('localhost', 12345).get('/', {"Range" => "bytes=1-10"})
--8NvZYKFJsRX2Djef--
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Net::HTTP will crash if the remote HTTP server returns a Content-Range
header without a Content-Length header. I have attached a program that
will reproduce the bug. The program has a self-contained dummy HTTP
server that listens on localhost 12345. It then connects to that
server using Net::HTTP, which feeds Net::HTTP a response containing a
Content-Range header without a Content-Length header, causing it to
crash due to the bug.
Here are the error messages I get:
Under ruby 1.6.8 (2002-12-24) [i686-linux]:
/usr/local/lib/ruby/1.6/net/protocol.rb:614:in `sysread': End of file
reached (EOFError)
Under ruby 1.8.0 (2003-05-26) [i386-mswin32]:
c:/ruby/lib/ruby/1.8/net/http.rb:1147:in `range_length': undefined
method `length' for 1..11:Range (NoMethodError)
--8NvZYKFJsRX2Djef
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="bug.rb"
require 'net/http'
require 'socket'
require 'thread'
response = "HTTP/1.1 200 OK
Connection: close
Content-Range: bytes 1-10/10
Content-Type: application/octet-stream
1234567890"
Thread.new do
# Server thread
server = TCPserver.new('localhost', 12345)
while socket = server.accept
# read until blank line is seen
while !socket.eof
break unless line = socket.gets
line.chop!
break if line == ""
end
# write "response"
socket.write response
socket.close
end
end
Net::HTTP.new('localhost', 12345).get('/', {"Range" => "bytes=1-10"})
--8NvZYKFJsRX2Djef--