Issue #802 resolved

parseRequestLine: Some URIs cause unrecoverable error

Anonymous created an issue

After starting a HelloWorld application on port 8080 requests to URLs like http://localhost:8080/%0Dx or http://localhost:8080/%0Ax cause unrecoverable server error because reqest line splits to more than three parts.

The application:

{{{ import cherrypy

class HelloWorld(object): def index(self): return "Hello World!" index.exposed = True

cherrypy.root = HelloWorld() cherrypy.server.start() }}}

The output: {{{ 26/Mar/2008:18:23:43 ENGINE INFO <Ctrl-C> hit: shutting down autoreloader 26/Mar/2008:18:23:43 HTTP INFO HTTP Server shut down 26/Mar/2008:18:23:43 ENGINE INFO CherryPy shut down 26/Mar/2008:18:23:38 CONFIG INFO Server parameters: 26/Mar/2008:18:23:38 CONFIG INFO server.environment: development 26/Mar/2008:18:23:38 CONFIG INFO server.log_to_screen: True 26/Mar/2008:18:23:38 CONFIG INFO server.log_file: 26/Mar/2008:18:23:38 CONFIG INFO server.log_tracebacks: True 26/Mar/2008:18:23:38 CONFIG INFO server.log_request_headers: True 26/Mar/2008:18:23:38 CONFIG INFO server.protocol_version: HTTP/1.0 26/Mar/2008:18:23:38 CONFIG INFO server.socket_host: 26/Mar/2008:18:23:38 CONFIG INFO server.socket_port: 8080 26/Mar/2008:18:23:38 CONFIG INFO server.socket_file: 26/Mar/2008:18:23:38 CONFIG INFO server.reverse_dns: False 26/Mar/2008:18:23:38 CONFIG INFO server.socket_queue_size: 5 26/Mar/2008:18:23:38 CONFIG INFO server.thread_pool: 10 26/Mar/2008:18:23:38 HTTP INFO Serving HTTP on http://0.0.0.0:8080/ 26/Mar/2008:18:23:41 HTTP INFO Traceback (most recent call last): File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/_cphttptools.py", line 98, in _run self.processRequestLine() File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/_cphttptools.py", line 148, in processRequestLine method, path, qs, proto = httptools.parseRequestLine(rl) File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/lib/httptools.py", line 320, in parseRequestLine method, path, protocol = requestLine.split() ValueError: too many values to unpack Request Headers: Content-Length: USER-AGENT: Wget/1.10.2 CONNECTION: Keep-Alive HOST: localhost:8080 ACCEPT: / Remote-Addr: ::ffff:127.0.0.1 Content-Type: 26/Mar/2008:18:23:41 INFO Traceback (most recent call last): File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/_cpwsgi.py", line 125, in wsgiApp environ['wsgi.input']) File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/_cphttptools.py", line 84, in run if self.method == "HEAD": AttributeError: 'Request' object has no attribute 'method'

26/Mar/2008:18:23:41 INFO Traceback (most recent call last): File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/filters/init.py", line 145, in applyFilters method() File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/filters/sessionfilter.py", line 210, in on_end_request sess = cherrypy.request._session File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/init.py", line 47, in getattr return getattr(childobject, name) AttributeError: 'Request' object has no attribute '_session'

26/Mar/2008:18:23:41 INFO Traceback (most recent call last): File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/filters/init.py", line 145, in applyFilters method() File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/filters/cachefilter.py", line 165, in on_end_request if not cherrypy.request.cacheable: File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/init.py", line 47, in getattr return getattr(childobject, name) AttributeError: 'Request' object has no attribute 'cacheable'

26/Mar/2008:18:23:43 ENGINE INFO <Ctrl-C> hit: shutting down autoreloader 26/Mar/2008:18:23:43 HTTP INFO HTTP Server shut down 26/Mar/2008:18:23:43 ENGINE INFO CherryPy shut down

}}}

Reported by timochka@gmail.com

Comments (8)

  1. Robert Brewer

    This is almost certainly due to the client passing illegal characters in the Request-Line. The Request-URI must "% hex hex" escape many characters, including %0D and %0A. It's likely that your client is silently and incorrectly converting those characters to their unescaped equivalents before passing them over the wire.

  2. guest

    I wouldn't be so sure. I tried both Firefox and wget with same result. Moreover, not all versions of CP display this behaviour (sorry, can't be more specific right now).

  3. Anonymous

    Bellow is the output I get from a TurboGears application (CherryPy 2.2.1). No server error:

    -su-2.05b$ wget -O - "http://localhost:8080/%0Ax"
    --12:34:57--  http://localhost:8080/%0Ax
               => `-'
    Resolving localhost... 127.0.0.1
    Connecting to localhost|127.0.0.1|:8080... connected.
    HTTP request sent, awaiting response... 404 Not Found
    12:34:57 ERROR 404: Not Found.
    
    -su-2.05b$ wget -O - "http://localhost:8080/%0Dx"
    --12:35:00--  http://localhost:8080/%0Dx
               => `-'
    Resolving localhost... 127.0.0.1
    Connecting to localhost|127.0.0.1|:8080... connected.
    HTTP request sent, awaiting response... 404 Not Found
    12:35:00 ERROR 404: Not Found.
    
  4. Nick Kamper

    With a fresh copy of 2.3.0 from CherryPy.org, I was able to reproduce this issue, both with wget 1.11.2 and Firefox 3.0.

    09/Jul/2008:12:30:17 HTTP INFO Traceback (most recent call last):
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/_cphttptools.py", line 98, in _run
        self.processRequestLine()
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/_cphttptools.py", line 148, in processRequestLine
        method, path, qs, proto = httptools.parseRequestLine(rl)
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/lib/httptools.py", line 320, in parseRequestLine
        method, path, protocol = requestLine.split()
    ValueError: too many values to unpack
    Request Headers:
      Content-Length: 
      USER-AGENT: Wget/1.11.2
      CONNECTION: Keep-Alive
      HOST: localhost:8080
      ACCEPT: */*
      Remote-Addr: ::ffff:127.0.0.1
      Content-Type: 
    09/Jul/2008:12:30:17  INFO Traceback (most recent call last):
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/_cpwsgi.py", line 125, in wsgiApp
        environ['wsgi.input'])
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/_cphttptools.py", line 84, in run
        if self.method == "HEAD":
    AttributeError: 'Request' object has no attribute 'method'
    
    09/Jul/2008:12:30:17  INFO Traceback (most recent call last):
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/filters/__init__.py", line 145, in applyFilters
        method()
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/filters/sessionfilter.py", line 210, in on_end_request
        sess = cherrypy.request._session
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/__init__.py", line 47, in __getattr__
        return getattr(childobject, name)
    AttributeError: 'Request' object has no attribute '_session'
    
    09/Jul/2008:12:30:17  INFO Traceback (most recent call last):
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/filters/__init__.py", line 145, in applyFilters
        method()
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/filters/cachefilter.py", line 165, in on_end_request
        if not cherrypy.request.cacheable:
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/__init__.py", line 47, in __getattr__
        return getattr(childobject, name)
    AttributeError: 'Request' object has no attribute 'cacheable'
    
  5. Log in to comment