h1p 1.0 → 1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/test.yml +1 -3
  3. data/CHANGELOG.md +4 -0
  4. data/Gemfile.lock +1 -1
  5. data/LICENSE +1 -1
  6. data/ext/h1p/h1p.c +27 -14
  7. data/h1p.gemspec +1 -1
  8. data/lib/h1p/version.rb +1 -1
  9. data/test/test_h1p.rb +1 -1
  10. data/test/test_h1p_server.rb +12 -2
  11. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 2d2493b6fc11d7deb1231f9a2d0bf1c6dc59b00a01065da7086e8c65326f74df
4
- data.tar.gz: e30bf2c5a3213a4744a66a412e2db34a2b26b05baa8073409a18c7e0bd314de3
3
+ metadata.gz: 33974d5940b6a9ad9282df7d946486a1ee265ed67e2d5004bbe3e3572c4233db
4
+ data.tar.gz: a0b175ce9eb77d83457376902ab71cf597eedc41009c6094564e8de20e8532f5
5
5
  SHA512:
6
- metadata.gz: 2adc85f461d3a41e7e67f9c199be486b85fd46407e60455329ac065a5779c60d62328a049091bb9d4b7d0be2f1610db38a8744c35f7071b06991ec837235a981
7
- data.tar.gz: 926acbd38590f74666e8d774b6f54d3b610cbf0570495727049b2c2ba628a80888d30e2e0bd83ac26b3897c9a0875be42ce336a439a9e07a2dfb8160aebc8441
6
+ metadata.gz: b8826e6c0039d1721ba0d662fb542a19ed9349bdc0ec6aadc976b172266284955c0d6784da9b1d1b9d8e5ef76181cc8b1299eb2164ab1b56817899e66ae1ec53
7
+ data.tar.gz: 6d9343d65ffc31dadaa7fd9a01e5221d183a830d7d79fa82d79381832160ad1c342ffa6f1a4892f8aad78f7f1adde161517b79f571fdb5efc098cc4e55c99781
data/.github/workflows/test.yml CHANGED
@@ -8,7 +8,7 @@ jobs:
8
8
  fail-fast: false
9
9
  matrix:
10
10
  os: [ubuntu-latest]
11
- ruby: [2.7, 3.0, 3.1, 3.2]
11
+ ruby: ['3.0', '3.1', '3.2', 'head']
12
12
 
13
13
  name: >-
14
14
  ${{matrix.os}}, ${{matrix.ruby}}
@@ -24,8 +24,6 @@ jobs:
24
24
  run: |
25
25
  gem install bundler
26
26
  bundle install
27
- - name: Show Linux kernel version
28
- run: uname -r
29
27
  - name: Compile C-extension
30
28
  run: bundle exec rake compile
31
29
  - name: Run tests
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ## 1.1 2023-07-01
2
+
3
+ - Rescue `ArgumentError` in `#parse_headers` (#4)
4
+
1
5
  ## 1.0 2023-06-07
2
6
 
3
7
  - Add support for array as header value (#2)
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- h1p (1.0)
4
+ h1p (1.1)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
data/LICENSE CHANGED
@@ -1,6 +1,6 @@
1
1
  MIT License
2
2
 
3
- Copyright (c) 2021 Digital Fabric
3
+ Copyright (c) 2023 Digital Fabric
4
4
 
5
5
  Permission is hereby granted, free of charge, to any person obtaining a copy
6
6
  of this software and associated documentation files (the "Software"), to deal
data/ext/h1p/h1p.c CHANGED
@@ -1,3 +1,4 @@
1
+ #include <stdnoreturn.h>
1
2
  #include "h1p.h"
2
3
 
3
4
  // Security-related limits are defined in limits.rb and injected as
@@ -724,20 +725,7 @@ eof:
724
725
  return 0;
725
726
  }
726
727
 
727
- /* call-seq: parser.parse_headers -> headers
728
- *
729
- * Parses headers from the associated IO instance, returning a hash mapping
730
- * header keys to their respective values. Header keys are downcased and dashes
731
- * are converted to underscores. The returned headers will also include the
732
- * following pseudo-headers:
733
- *
734
- * - `':protocol'` - the protocol as specified in the query line / status line
735
- * - `':path'` - the query path (for HTTP requests)
736
- * - `':method'` - the HTTP method (for HTTP requests)
737
- * - `':status'` - the HTTP status (for HTTP responses)
738
- * - `':rx'` - the total number of bytes read by the parser
739
- */
740
- VALUE Parser_parse_headers(VALUE self) {
728
+ VALUE Parser_parse_headers_safe(VALUE self) {
741
729
  Parser_t *parser;
742
730
  GetParser(self, parser);
743
731
  parser->headers = rb_hash_new();
@@ -775,6 +763,31 @@ done:
775
763
  return parser->headers;
776
764
  }
777
765
 
766
+ noreturn VALUE Parser_parse_headers_rescue(VALUE args, VALUE error) {
767
+ RAISE_BAD_REQUEST("Invalid character sequences in method or header name");
768
+ }
769
+
770
+ /* call-seq: parser.parse_headers -> headers
771
+ *
772
+ * Parses headers from the associated IO instance, returning a hash mapping
773
+ * header keys to their respective values. Header keys are downcased and dashes
774
+ * are converted to underscores. The returned headers will also include the
775
+ * following pseudo-headers:
776
+ *
777
+ * - `':protocol'` - the protocol as specified in the query line / status line
778
+ * - `':path'` - the query path (for HTTP requests)
779
+ * - `':method'` - the HTTP method (for HTTP requests)
780
+ * - `':status'` - the HTTP status (for HTTP responses)
781
+ * - `':rx'` - the total number of bytes read by the parser
782
+ */
783
+ VALUE Parser_parse_headers(VALUE self) {
784
+ return rb_rescue2(
785
+ Parser_parse_headers_safe, self,
786
+ Parser_parse_headers_rescue, self,
787
+ eArgumentError, (VALUE)0
788
+ );
789
+ }
790
+
778
791
  ////////////////////////////////////////////////////////////////////////////////
779
792
 
780
793
  static inline int str_to_int(VALUE value, const char *error_msg) {
data/h1p.gemspec CHANGED
@@ -16,7 +16,7 @@ Gem::Specification.new do |s|
16
16
  s.extra_rdoc_files = ["README.md"]
17
17
  s.extensions = ["ext/h1p/extconf.rb"]
18
18
  s.require_paths = ["lib"]
19
- s.required_ruby_version = '>= 2.7'
19
+ s.required_ruby_version = '>= 3.0'
20
20
 
21
21
  s.add_development_dependency 'rake-compiler', '1.2.3'
22
22
  s.add_development_dependency 'rake', '~>13.0.6'
data/lib/h1p/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module H1P
4
- VERSION = '1.0'
4
+ VERSION = '1.1'
5
5
  end
data/test/test_h1p.rb CHANGED
@@ -105,7 +105,7 @@ class SendBodyChunkTest < MiniTest::Test
105
105
  len = H1P.send_body_chunk(o, chunk)
106
106
  o.close
107
107
  end
108
-
108
+
109
109
  response = i.read
110
110
  assert_equal "#{chunk.bytesize.to_s(16)}\r\n#{chunk}\r\n", response
111
111
  assert_equal chunk.bytesize + chunk.bytesize.to_s(16).bytesize + 4, len
data/test/test_h1p_server.rb CHANGED
@@ -88,6 +88,11 @@ class H1PServerTest < MiniTest::Test
88
88
  assert_raises(Error) { @parser.parse_headers }
89
89
  end
90
90
 
91
+ def test_invalid_method_string
92
+ @o << "\x02\x78\x83\x2 / HTTP/1.1\r\n\r\n"
93
+ assert_raises(Error) { @parser.parse_headers }
94
+ end
95
+
91
96
  def test_path_characters
92
97
  @o << "GET /äBçDé¤23~{@€ HTTP/1.1\r\n\r\n"
93
98
  headers = @parser.parse_headers
@@ -191,6 +196,11 @@ class H1PServerTest < MiniTest::Test
191
196
  assert_equal 'ddd', headers['c']
192
197
  end
193
198
 
199
+ def test_invalid_headers
200
+ @o << "GET / HTTP/1.1\r\n\foo\x02\x78\x83\x02: bar\n\r\n"
201
+ assert_raises(Error) { @parser.parse_headers }
202
+ end
203
+
194
204
  def test_headers_multiple_values
195
205
  @o << "GET / HTTP/1.1\r\nFoo: Bar\r\nfoo: baz\r\n\r\n"
196
206
  headers = @parser.parse_headers
@@ -471,7 +481,7 @@ class H1PServerTest < MiniTest::Test
471
481
  @o.close
472
482
  end
473
483
  def w.__write_method__; :backend_write; end
474
-
484
+
475
485
  headers = @parser.parse_headers
476
486
  @parser.splice_body_to(w)
477
487
  w.close
@@ -492,7 +502,7 @@ class H1PServerTest < MiniTest::Test
492
502
  @o.close
493
503
  end
494
504
  def w.__write_method__; :backend_write; end
495
-
505
+
496
506
  headers = @parser.parse_headers
497
507
  @parser.splice_body_to(w)
498
508
  w.close
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: h1p
3
3
  version: !ruby/object:Gem::Version
4
- version: '1.0'
4
+ version: '1.1'
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sharon Rosner
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-06-07 00:00:00.000000000 Z
11
+ date: 2023-07-01 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake-compiler
@@ -102,7 +102,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
102
102
  requirements:
103
103
  - - ">="
104
104
  - !ruby/object:Gem::Version
105
- version: '2.7'
105
+ version: '3.0'
106
106
  required_rubygems_version: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - ">="