Too strict HTTP Status Line parsing
Alexander Zhuravlev
a.zhuravlev@REDACTED
Tue Jun 1 23:48:35 CEST 2010
On Wed, Jun 02, 2010 at 01:22:29AM +0400, Alexander Zhuravlev wrote:
> Hello,
>
> I've tried to use lhttpc library (http://bitbucket.org/etc/lhttpc) to fetch
> a resource (http://www.qype.com/review/1376848) and got the following
> error:
>
> {{http_error,"HTTP/1.1 200\r\n"},
> [{lhttpc_client,read_response,5},
> {lhttpc_client,execute,8},
> {lhttpc_client,request,9}]}
Almost forgot, the error was reproduced with erlang R13B04:
Erlang R13B04 (erts-5.7.5) [source] [64-bit] [smp:2:2] [rq:2] [async-threads:0] [hipe] [kernel-poll:false]
lhttpc version 1.2.4
> I've checked lhttpc source code and found out that to receive and parse an HTTP
> response it uses _standard_ erlang module gen_tcp on a socket in
> {packet, http} mode. So it looks like the {http_error,"HTTP/1.1 200\r\n"} error was
> in fact generated by erlang's http packet parsing code.
>
> I found the following code in packet_parse_http function from
> erts/emulator/beam/packet_parser.c file:
>
> ...
> p0 = ptr;
> while (n && SP(ptr)) {
> ptr++; n--;
> }
> if (ptr==p0) return -1;
> ...
>
> As far as I understand "HTTP/1.1 200\r\n" line does not have any spaces
> after the status code "200", and the function strips \r\n as a first step of
> its operation. So the "while" cycle does not run and we get into the
> "if (ptr==p0) branch" this basically leads to returning of
> {http_error, "HTTP/1.1 200\r\n"} atom up to the call stack.
>
> Strictly speaking this is not a bug in erlang, but I suppose it
> should take a more relaxed approach to HTTP Status Line parsing
> and not return http_error if an HTTP response Status Line does not have
> a Reason-phrase part.
--
Alexander Zhuravlev
More information about the erlang-questions
mailing list