kotovalexarian-likes-github/puma--puma
1
0
Fork 0
mirror of https://github.com/puma/puma.git synced 2022-11-09 13:48:40 -05:00
Code Releases Activity

Allow a bare % in a query string. Fixes #958

Browse source
This commit is contained in:
Evan Phoenix 2016-04-22 17:06:18 -07:00
parent 2e9ee6d0fb
commit 806e46f72a
4 changed files with 358 additions and 512 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

709
ext/puma_http11/http11_parser.c
View file

File diff suppressed because it is too large Load diff

2
ext/puma_http11/http11_parser_common.rl
View file

@ -15,7 +15,7 @@
national = any -- (alpha | digit | reserved | extra | safe | unsafe);
unreserved = (alpha | digit | safe | extra | national);
escape = ("%" xdigit xdigit);
uchar = (unreserved | escape);
uchar = (unreserved | escape | "%");
pchar = (uchar | ":" | "@" | "&" | "=" | "+");
tspecials = ("(" | ")" | "<" | ">" | "@" | "," | ";" | ":" | "\\" | "\"" | "/" | "[" | "]" | "?" | "=" | "{" | "}" | " " | "\t");

141
ext/puma_http11/org/jruby/puma/Http11Parser.java
View file

@ -32,10 +32,9 @@ private static short[] init__puma_parser_key_offsets_0()
{
return new short [] {
0, 0, 8, 17, 27, 29, 30, 31, 32, 33, 34, 36,
39, 41, 44, 45, 61, 62, 78, 80, 81, 90, 99, 105,
111, 121, 130, 136, 142, 153, 159, 165, 175, 181, 187, 196,
205, 211, 217, 226, 235, 244, 253, 262, 271, 280, 289, 298,
307, 316, 325, 334, 343, 352, 361, 370, 379, 380
39, 41, 44, 45, 61, 62, 78, 80, 81, 89, 97, 107,
115, 125, 134, 142, 150, 159, 168, 177, 186, 195, 204, 213,
222, 231, 240, 249, 258, 267, 276, 285, 294, 303, 312, 313
};
}
@ -51,32 +50,27 @@ private static char[] init__puma_parser_trans_keys_0()
46, 48, 57, 48, 57, 13, 48, 57, 10, 13, 33, 124,
126, 35, 39, 42, 43, 45, 46, 48, 57, 65, 90, 94,
122, 10, 33, 58, 124, 126, 35, 39, 42, 43, 45, 46,
48, 57, 65, 90, 94, 122, 13, 32, 13, 32, 37, 60,
62, 127, 0, 31, 34, 35, 32, 37, 60, 62, 127, 0,
31, 34, 35, 48, 57, 65, 70, 97, 102, 48, 57, 65,
70, 97, 102, 43, 58, 45, 46, 48, 57, 65, 90, 97,
122, 32, 34, 35, 37, 60, 62, 127, 0, 31, 48, 57,
65, 70, 97, 102, 48, 57, 65, 70, 97, 102, 32, 34,
35, 37, 59, 60, 62, 63, 127, 0, 31, 48, 57, 65,
70, 97, 102, 48, 57, 65, 70, 97, 102, 32, 34, 35,
37, 60, 62, 63, 127, 0, 31, 48, 57, 65, 70, 97,
102, 48, 57, 65, 70, 97, 102, 32, 34, 35, 37, 60,
62, 127, 0, 31, 32, 34, 35, 37, 60, 62, 127, 0,
31, 48, 57, 65, 70, 97, 102, 48, 57, 65, 70, 97,
102, 32, 36, 95, 45, 46, 48, 57, 65, 90, 32, 36,
95, 45, 46, 48, 57, 65, 90, 32, 36, 95, 45, 46,
48, 57, 65, 90, 32, 36, 95, 45, 46, 48, 57, 65,
90, 32, 36, 95, 45, 46, 48, 57, 65, 90, 32, 36,
95, 45, 46, 48, 57, 65, 90, 32, 36, 95, 45, 46,
48, 57, 65, 90, 32, 36, 95, 45, 46, 48, 57, 65,
90, 32, 36, 95, 45, 46, 48, 57, 65, 90, 32, 36,
95, 45, 46, 48, 57, 65, 90, 32, 36, 95, 45, 46,
48, 57, 65, 90, 32, 36, 95, 45, 46, 48, 57, 65,
90, 32, 36, 95, 45, 46, 48, 57, 65, 90, 32, 36,
95, 45, 46, 48, 57, 65, 90, 32, 36, 95, 45, 46,
48, 57, 65, 90, 32, 36, 95, 45, 46, 48, 57, 65,
90, 32, 36, 95, 45, 46, 48, 57, 65, 90, 32, 36,
95, 45, 46, 48, 57, 65, 90, 32, 0
48, 57, 65, 90, 94, 122, 13, 32, 13, 32, 60, 62,
127, 0, 31, 34, 35, 32, 60, 62, 127, 0, 31, 34,
35, 43, 58, 45, 46, 48, 57, 65, 90, 97, 122, 32,
34, 35, 60, 62, 127, 0, 31, 32, 34, 35, 59, 60,
62, 63, 127, 0, 31, 32, 34, 35, 60, 62, 63, 127,
0, 31, 32, 34, 35, 60, 62, 127, 0, 31, 32, 34,
35, 60, 62, 127, 0, 31, 32, 36, 95, 45, 46, 48,
57, 65, 90, 32, 36, 95, 45, 46, 48, 57, 65, 90,
32, 36, 95, 45, 46, 48, 57, 65, 90, 32, 36, 95,
45, 46, 48, 57, 65, 90, 32, 36, 95, 45, 46, 48,
57, 65, 90, 32, 36, 95, 45, 46, 48, 57, 65, 90,
32, 36, 95, 45, 46, 48, 57, 65, 90, 32, 36, 95,
45, 46, 48, 57, 65, 90, 32, 36, 95, 45, 46, 48,
57, 65, 90, 32, 36, 95, 45, 46, 48, 57, 65, 90,
32, 36, 95, 45, 46, 48, 57, 65, 90, 32, 36, 95,
45, 46, 48, 57, 65, 90, 32, 36, 95, 45, 46, 48,
57, 65, 90, 32, 36, 95, 45, 46, 48, 57, 65, 90,
32, 36, 95, 45, 46, 48, 57, 65, 90, 32, 36, 95,
45, 46, 48, 57, 65, 90, 32, 36, 95, 45, 46, 48,
57, 65, 90, 32, 36, 95, 45, 46, 48, 57, 65, 90,
32, 0
};
}
@ -87,10 +81,9 @@ private static byte[] init__puma_parser_single_lengths_0()
{
return new byte [] {
0, 2, 3, 4, 2, 1, 1, 1, 1, 1, 0, 1,
0, 1, 1, 4, 1, 4, 2, 1, 5, 5, 0, 0,
2, 7, 0, 0, 9, 0, 0, 8, 0, 0, 7, 7,
0, 0, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3,
3, 3, 3, 3, 3, 3, 3, 3, 1, 0
0, 1, 1, 4, 1, 4, 2, 1, 4, 4, 2, 6,
8, 7, 6, 6, 3, 3, 3, 3, 3, 3, 3, 3,
3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 1, 0
};
}
@ -101,10 +94,9 @@ private static byte[] init__puma_parser_range_lengths_0()
{
return new byte [] {
0, 3, 3, 3, 0, 0, 0, 0, 0, 0, 1, 1,
1, 1, 0, 6, 0, 6, 0, 0, 2, 2, 3, 3,
4, 1, 3, 3, 1, 3, 3, 1, 3, 3, 1, 1,
3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3,
3, 3, 3, 3, 3, 3, 3, 3, 0, 0
1, 1, 0, 6, 0, 6, 0, 0, 2, 2, 4, 1,
1, 1, 1, 1, 3, 3, 3, 3, 3, 3, 3, 3,
3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 0, 0
};
}
@ -115,10 +107,9 @@ private static short[] init__puma_parser_index_offsets_0()
{
return new short [] {
0, 0, 6, 13, 21, 24, 26, 28, 30, 32, 34, 36,
39, 41, 44, 46, 57, 59, 70, 73, 75, 83, 91, 95,
99, 106, 115, 119, 123, 134, 138, 142, 152, 156, 160, 169,
178, 182, 186, 193, 200, 207, 214, 221, 228, 235, 242, 249,
256, 263, 270, 277, 284, 291, 298, 305, 312, 314
39, 41, 44, 46, 57, 59, 70, 73, 75, 82, 89, 96,
104, 114, 123, 131, 139, 146, 153, 160, 167, 174, 181, 188,
195, 202, 209, 216, 223, 230, 237, 244, 251, 258, 265, 267
};
}
@ -134,27 +125,23 @@ private static byte[] init__puma_parser_indicies_0()
16, 15, 1, 17, 1, 18, 17, 1, 19, 1, 20, 21,
21, 21, 21, 21, 21, 21, 21, 21, 1, 22, 1, 23,
24, 23, 23, 23, 23, 23, 23, 23, 23, 1, 26, 27,
25, 29, 28, 30, 32, 1, 1, 1, 1, 1, 31, 33,
35, 1, 1, 1, 1, 1, 34, 36, 36, 36, 1, 34,
34, 34, 1, 37, 38, 37, 37, 37, 37, 1, 8, 1,
9, 39, 1, 1, 1, 1, 38, 40, 40, 40, 1, 38,
38, 38, 1, 41, 1, 43, 44, 45, 1, 1, 46, 1,
1, 42, 47, 47, 47, 1, 42, 42, 42, 1, 8, 1,
9, 49, 1, 1, 50, 1, 1, 48, 51, 51, 51, 1,
48, 48, 48, 1, 52, 1, 54, 55, 1, 1, 1, 1,
53, 56, 1, 58, 59, 1, 1, 1, 1, 57, 60, 60,
60, 1, 57, 57, 57, 1, 2, 61, 61, 61, 61, 61,
1, 2, 62, 62, 62, 62, 62, 1, 2, 63, 63, 63,
63, 63, 1, 2, 64, 64, 64, 64, 64, 1, 2, 65,
65, 65, 65, 65, 1, 2, 66, 66, 66, 66, 66, 1,
2, 67, 67, 67, 67, 67, 1, 2, 68, 68, 68, 68,
68, 1, 2, 69, 69, 69, 69, 69, 1, 2, 70, 70,
70, 70, 70, 1, 2, 71, 71, 71, 71, 71, 1, 2,
72, 72, 72, 72, 72, 1, 2, 73, 73, 73, 73, 73,
1, 2, 74, 74, 74, 74, 74, 1, 2, 75, 75, 75,
75, 75, 1, 2, 76, 76, 76, 76, 76, 1, 2, 77,
77, 77, 77, 77, 1, 2, 78, 78, 78, 78, 78, 1,
2, 1, 1, 0
25, 29, 28, 30, 1, 1, 1, 1, 1, 31, 32, 1,
1, 1, 1, 1, 33, 34, 35, 34, 34, 34, 34, 1,
8, 1, 9, 1, 1, 1, 1, 35, 36, 1, 38, 39,
1, 1, 40, 1, 1, 37, 8, 1, 9, 1, 1, 42,
1, 1, 41, 43, 1, 45, 1, 1, 1, 1, 44, 46,
1, 48, 1, 1, 1, 1, 47, 2, 49, 49, 49, 49,
49, 1, 2, 50, 50, 50, 50, 50, 1, 2, 51, 51,
51, 51, 51, 1, 2, 52, 52, 52, 52, 52, 1, 2,
53, 53, 53, 53, 53, 1, 2, 54, 54, 54, 54, 54,
1, 2, 55, 55, 55, 55, 55, 1, 2, 56, 56, 56,
56, 56, 1, 2, 57, 57, 57, 57, 57, 1, 2, 58,
58, 58, 58, 58, 1, 2, 59, 59, 59, 59, 59, 1,
2, 60, 60, 60, 60, 60, 1, 2, 61, 61, 61, 61,
61, 1, 2, 62, 62, 62, 62, 62, 1, 2, 63, 63,
63, 63, 63, 1, 2, 64, 64, 64, 64, 64, 1, 2,
65, 65, 65, 65, 65, 1, 2, 66, 66, 66, 66, 66,
1, 2, 1, 1, 0
};
}
@ -164,13 +151,12 @@ private static final byte _puma_parser_indicies[] = init__puma_parser_indicies_0
private static byte[] init__puma_parser_trans_targs_0()
{
return new byte [] {
2, 0, 3, 38, 4, 24, 28, 25, 5, 20, 6, 7,
8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 57, 17,
18, 19, 14, 18, 19, 14, 5, 21, 22, 5, 21, 22,
23, 24, 25, 26, 27, 5, 28, 20, 29, 31, 34, 30,
31, 32, 34, 33, 5, 35, 20, 36, 5, 35, 20, 36,
37, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49,
50, 51, 52, 53, 54, 55, 56
2, 0, 3, 28, 4, 22, 24, 23, 5, 20, 6, 7,
8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 47, 17,
18, 19, 14, 18, 19, 14, 5, 21, 5, 21, 22, 23,
5, 24, 20, 25, 26, 25, 26, 5, 27, 20, 5, 27,
20, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39,
40, 41, 42, 43, 44, 45, 46
};
}
@ -182,10 +168,9 @@ private static byte[] init__puma_parser_trans_actions_0()
return new byte [] {
1, 0, 11, 0, 1, 1, 1, 1, 13, 13, 1, 0,
0, 0, 0, 0, 0, 0, 19, 0, 0, 28, 23, 3,
5, 7, 31, 7, 0, 9, 25, 1, 1, 15, 0, 0,
0, 0, 0, 0, 0, 37, 0, 37, 0, 21, 21, 0,
0, 0, 0, 0, 40, 17, 40, 17, 34, 0, 34, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
5, 7, 31, 7, 0, 9, 25, 1, 15, 0, 0, 0,
37, 0, 37, 21, 21, 0, 0, 40, 17, 40, 34, 0,
34, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0
};
}
@ -194,7 +179,7 @@ private static final byte _puma_parser_trans_actions[] = init__puma_parser_trans
static final int puma_parser_start = 1;
static final int puma_parser_first_final = 57;
static final int puma_parser_first_final = 47;
static final int puma_parser_error = 0;
static final int puma_parser_en_main = 1;
@ -236,7 +221,7 @@ static final int puma_parser_en_main = 1;
cs = 0;
// line 240 "ext/puma_http11/org/jruby/puma/Http11Parser.java"
// line 225 "ext/puma_http11/org/jruby/puma/Http11Parser.java"
{
cs = puma_parser_start;
}
@ -268,7 +253,7 @@ static final int puma_parser_en_main = 1;
parser.buffer = buffer;
// line 272 "ext/puma_http11/org/jruby/puma/Http11Parser.java"
// line 257 "ext/puma_http11/org/jruby/puma/Http11Parser.java"
{
int _klen;
int _trans = 0;
@ -433,7 +418,7 @@ case 1:
{ p += 1; _goto_targ = 5; if (true) continue _goto;}
}
break;
// line 437 "ext/puma_http11/org/jruby/puma/Http11Parser.java"
// line 422 "ext/puma_http11/org/jruby/puma/Http11Parser.java"
}
}
}

18
test/test_http11.rb
View file

@ -29,6 +29,24 @@ class Http11ParserTest < Test::Unit::TestCase
assert parser.nread == 0, "Number read after reset should be 0"
end
def test_parse_escaping_in_query
parser = HttpParser.new
req = {}
http = "GET /admin/users?search=%27%%27 HTTP/1.1\r\n\r\n"
nread = parser.execute(req, http, 0)
assert nread == http.length, "Failed to parse the full HTTP request"
assert parser.finished?, "Parser didn't finish"
assert !parser.error?, "Parser had error"
assert nread == parser.nread, "Number read returned from execute does not match"
assert_equal '/admin/users?search=%27%%27', req['REQUEST_URI']
assert_equal "search=%27%%27", req['QUERY_STRING']
parser.reset
assert parser.nread == 0, "Number read after reset should be 0"
end
def test_parse_absolute_uri
parser = HttpParser.new
req = {}