Asp Forum - Re: unsafe readline(), anything better?

Yukihiro Matsumoto

12/30/2006 1:43:00 AM

Hi,

In message "Re: unsafe readline(), anything better?"
on Sat, 30 Dec 2006 04:55:04 +0900, Rob Muhlestein <rmuhlestein@yahoo.com> writes:

|Humm, from this last recent ruby CVS commit just today makes me wonder if
|matz is listening to this thread. If so, matz, thanks for getting me giddy
|about programming again, and thanks for taking a shot at addressing this!

I am listening. We still need update for Webrick. Here's the my
personal patch (not tested at all).

matz.

--- a/lib/webrick/httprequest.rb
+++ b/lib/webrick/httprequest.rb
@@ -317,10 +317,10 @@ module WEBrick
@remaining_size = 0
end

- def _read_data(io, method, arg)
+ def _read_data(io, method, *arg)
begin
WEBrick::Utils.timeout(@config[:RequestTimeout]){
- return io.__send__(method, arg)
+ return io.__send(method, *arg)
}
rescue Errno::ECONNRESET
return nil
@@ -330,7 +330,11 @@ module WEBrick
end

def read_line(io)
- _read_data(io, :gets, LF)
+ line = _read_data(io, :gets, [LF, 1024])
+ if line.size == 1024 and line[-1,1] != LF
+ raise HTTPStatus::RequestURITooLarge
+ end
+ line
end

def read_data(io, size)

Servizio di avviso nuovi messaggi

Ricevi direttamente nella tua mail i nuovi messaggi per
Re: unsafe readline(), anything better?

Inserendo la tua e-mail nella casella sotto, riceverai un avviso tramite posta elettronica ogni volta che il motore di ricerca troverà un nuovo messaggio per te

Il servizio è completamente GRATUITO!

comp.lang.ruby

Re: unsafe readline(), anything better?

Yukihiro Matsumoto

x Login to ForumsZone