parseRequestLine: Some URIs cause unrecoverable error

Anonymous avatarAnonymous created an issue

After starting a HelloWorld application on port 8080 requests to URLs like http://localhost:8080/%0Dx or http://localhost:8080/%0Ax cause unrecoverable server error because reqest line splits to more than three parts.

The application:

import cherrypy

class HelloWorld(object):
    def index(self):
        return "Hello World!"
    index.exposed = True

cherrypy.root = HelloWorld()
cherrypy.server.start()

The output:

26/Mar/2008:18:23:43 ENGINE INFO <Ctrl-C> hit: shutting down autoreloader
26/Mar/2008:18:23:43 HTTP INFO HTTP Server shut down
26/Mar/2008:18:23:43 ENGINE INFO CherryPy shut down
26/Mar/2008:18:23:38 CONFIG INFO Server parameters:
26/Mar/2008:18:23:38 CONFIG INFO   server.environment: development
26/Mar/2008:18:23:38 CONFIG INFO   server.log_to_screen: True
26/Mar/2008:18:23:38 CONFIG INFO   server.log_file: 
26/Mar/2008:18:23:38 CONFIG INFO   server.log_tracebacks: True
26/Mar/2008:18:23:38 CONFIG INFO   server.log_request_headers: True
26/Mar/2008:18:23:38 CONFIG INFO   server.protocol_version: HTTP/1.0
26/Mar/2008:18:23:38 CONFIG INFO   server.socket_host: 
26/Mar/2008:18:23:38 CONFIG INFO   server.socket_port: 8080
26/Mar/2008:18:23:38 CONFIG INFO   server.socket_file: 
26/Mar/2008:18:23:38 CONFIG INFO   server.reverse_dns: False
26/Mar/2008:18:23:38 CONFIG INFO   server.socket_queue_size: 5
26/Mar/2008:18:23:38 CONFIG INFO   server.thread_pool: 10
26/Mar/2008:18:23:38 HTTP INFO Serving HTTP on http://0.0.0.0:8080/
26/Mar/2008:18:23:41 HTTP INFO Traceback (most recent call last):
  File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/_cphttptools.py", line 98, in _run
    self.processRequestLine()
  File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/_cphttptools.py", line 148, in processRequestLine
    method, path, qs, proto = httptools.parseRequestLine(rl)
  File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/lib/httptools.py", line 320, in parseRequestLine
    method, path, protocol = requestLine.split()
ValueError: too many values to unpack
Request Headers:
  Content-Length: 
  USER-AGENT: Wget/1.10.2
  CONNECTION: Keep-Alive
  HOST: localhost:8080
  ACCEPT: */*
  Remote-Addr: ::ffff:127.0.0.1
  Content-Type: 
26/Mar/2008:18:23:41  INFO Traceback (most recent call last):
  File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/_cpwsgi.py", line 125, in wsgiApp
    environ['wsgi.input'])
  File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/_cphttptools.py", line 84, in run
    if self.method == "HEAD":
AttributeError: 'Request' object has no attribute 'method'

26/Mar/2008:18:23:41  INFO Traceback (most recent call last):
  File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/filters/__init__.py", line 145, in applyFilters
    method()
  File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/filters/sessionfilter.py", line 210, in on_end_request
    sess = cherrypy.request._session
  File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/__init__.py", line 47, in __getattr__
    return getattr(childobject, name)
AttributeError: 'Request' object has no attribute '_session'

26/Mar/2008:18:23:41  INFO Traceback (most recent call last):
  File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/filters/__init__.py", line 145, in applyFilters
    method()
  File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/filters/cachefilter.py", line 165, in on_end_request
    if not cherrypy.request.cacheable:
  File "/home/timur/lib/python/CherryPy-2.3.0-py2.4.egg/cherrypy/__init__.py", line 47, in __getattr__
    return getattr(childobject, name)
AttributeError: 'Request' object has no attribute 'cacheable'

26/Mar/2008:18:23:43 ENGINE INFO <Ctrl-C> hit: shutting down autoreloader
26/Mar/2008:18:23:43 HTTP INFO HTTP Server shut down
26/Mar/2008:18:23:43 ENGINE INFO CherryPy shut down

Reported by timochka@gmail.com

Comments (8)

  1. Robert Brewer

    This is almost certainly due to the client passing illegal characters in the Request-Line. The Request-URI must "% hex hex" escape many characters, including %0D and %0A. It's likely that your client is silently and incorrectly converting those characters to their unescaped equivalents before passing them over the wire.

  2. guest

    I wouldn't be so sure. I tried both Firefox and wget with same result. Moreover, not all versions of CP display this behaviour (sorry, can't be more specific right now).

  3. Anonymous

    Bellow is the output I get from a TurboGears application (CherryPy 2.2.1). No server error:

    -su-2.05b$ wget -O - "http://localhost:8080/%0Ax"
    --12:34:57--  http://localhost:8080/%0Ax
               => `-'
    Resolving localhost... 127.0.0.1
    Connecting to localhost|127.0.0.1|:8080... connected.
    HTTP request sent, awaiting response... 404 Not Found
    12:34:57 ERROR 404: Not Found.
    
    -su-2.05b$ wget -O - "http://localhost:8080/%0Dx"
    --12:35:00--  http://localhost:8080/%0Dx
               => `-'
    Resolving localhost... 127.0.0.1
    Connecting to localhost|127.0.0.1|:8080... connected.
    HTTP request sent, awaiting response... 404 Not Found
    12:35:00 ERROR 404: Not Found.
    
  4. Nick Kamper

    With a fresh copy of 2.3.0 from CherryPy.org, I was able to reproduce this issue, both with wget 1.11.2 and Firefox 3.0.

    09/Jul/2008:12:30:17 HTTP INFO Traceback (most recent call last):
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/_cphttptools.py", line 98, in _run
        self.processRequestLine()
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/_cphttptools.py", line 148, in processRequestLine
        method, path, qs, proto = httptools.parseRequestLine(rl)
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/lib/httptools.py", line 320, in parseRequestLine
        method, path, protocol = requestLine.split()
    ValueError: too many values to unpack
    Request Headers:
      Content-Length: 
      USER-AGENT: Wget/1.11.2
      CONNECTION: Keep-Alive
      HOST: localhost:8080
      ACCEPT: */*
      Remote-Addr: ::ffff:127.0.0.1
      Content-Type: 
    09/Jul/2008:12:30:17  INFO Traceback (most recent call last):
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/_cpwsgi.py", line 125, in wsgiApp
        environ['wsgi.input'])
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/_cphttptools.py", line 84, in run
        if self.method == "HEAD":
    AttributeError: 'Request' object has no attribute 'method'
    
    09/Jul/2008:12:30:17  INFO Traceback (most recent call last):
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/filters/__init__.py", line 145, in applyFilters
        method()
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/filters/sessionfilter.py", line 210, in on_end_request
        sess = cherrypy.request._session
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/__init__.py", line 47, in __getattr__
        return getattr(childobject, name)
    AttributeError: 'Request' object has no attribute '_session'
    
    09/Jul/2008:12:30:17  INFO Traceback (most recent call last):
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/filters/__init__.py", line 145, in applyFilters
        method()
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/filters/cachefilter.py", line 165, in on_end_request
        if not cherrypy.request.cacheable:
      File "/home/nick/code/temp/CherryPy-2.3.0/cherrypy/__init__.py", line 47, in __getattr__
        return getattr(childobject, name)
    AttributeError: 'Request' object has no attribute 'cacheable'
    
  5. Log in to comment
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.