Comments (5)
@kenballus I submitted a pull request that uses your fix and adds a test: #125
from webrick.
Reviewing RFC 9112 section 7.1 (https://datatracker.ietf.org/doc/html/rfc9112#section-7.1), I think the issue is webrick is interpreting x3a
as a chunk extension when it is not a valid chunk extension. Maybe this will work (needs a test added):
diff --git a/lib/webrick/httprequest.rb b/lib/webrick/httprequest.rb
index 7a1686b..23d9b05 100644
--- a/lib/webrick/httprequest.rb
+++ b/lib/webrick/httprequest.rb
@@ -542,7 +542,7 @@ module WEBrick
def read_chunk_size(socket)
line = read_line(socket)
- if /^([0-9a-fA-F]+)(?:;(\S+))?/ =~ line
+ if /\A([0-9a-fA-F]+)(?:;(\S+=\S+))?\r\n\z/ =~ line
chunk_size = $1.hex
chunk_ext = $2
[ chunk_size, chunk_ext ]
from webrick.
The value of a chunk-ext
is optional:
chunk-ext = *( BWS ";" BWS chunk-ext-name [ BWS "=" BWS chunk-ext-val ] )
So I think the patch should maybe be this:
diff --git a/lib/webrick/httprequest.rb b/lib/webrick/httprequest.rb
index 7a1686b..23d9b05 100644
--- a/lib/webrick/httprequest.rb
+++ b/lib/webrick/httprequest.rb
@@ -542,7 +542,7 @@ module WEBrick
def read_chunk_size(socket)
line = read_line(socket)
- if /^([0-9a-fA-F]+)(?:;(\S+))?/ =~ line
+ if /\A([0-9a-fA-F]+)(?:;(\S+(?:=\S+)?))?\r\n\z/ =~ line
chunk_size = $1.hex
chunk_ext = $2
[ chunk_size, chunk_ext ]
from webrick.
Also, I think the primary issue was with the missing \z
from the end of the pattern, since WEBrick wouldn't see the x3a
as a chunk-ext
without there also being a ;
.
from webrick.
Agreed. I'm not sure when I'll have time to work on a test for this, but your patch looks good.
from webrick.
Related Issues (20)
- Is there any way to perform a connection upgrade (e.g. WebSockets) without monkey-patching `HTTPServer`? HOT 1
- WEBrick has an unsafe shutdown process it tries to concurrently write and close the @shutdown_pipe HOT 4
- Webrick `1.8.0` is incompatible with Rack `2.2.6.2` HOT 1
- Unicode handling in header location HOT 11
- test_httpresponse.rb test failures HOT 2
- MAX_URI_LENGTH exceeded results in nonsensical error HOT 2
- digest auth bug: wrong calculation for A1 HOT 1
- TypeError: no implicit conversion of Array into String HOT 5
- WEBrick RCE Vulnerability HOT 3
- Request Smuggling in WEBrick Due to Incorrect Parsing of Empty `Content-Length` Values HOT 2
- license helpful resource
- Stripping NUL from the ends of header values HOT 1
- Link to documentation in README HOT 1
- Improper handling of chunks with incorrect lengths
- CR incorrectly permitted within header values HOT 1
- Improper stripping of whitespace from header values
- Improper message termination on half-closed socket
- Ruby version is showing up in Webrick Headers, and we need to edit that for security reason HOT 4
- WEBRick::HTTPServer creates ipv6only socket for host `::` HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from webrick.