h1p 1.0 → 1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2d2493b6fc11d7deb1231f9a2d0bf1c6dc59b00a01065da7086e8c65326f74df
-  data.tar.gz: e30bf2c5a3213a4744a66a412e2db34a2b26b05baa8073409a18c7e0bd314de3
+  metadata.gz: 33974d5940b6a9ad9282df7d946486a1ee265ed67e2d5004bbe3e3572c4233db
+  data.tar.gz: a0b175ce9eb77d83457376902ab71cf597eedc41009c6094564e8de20e8532f5
 SHA512:
-  metadata.gz: 2adc85f461d3a41e7e67f9c199be486b85fd46407e60455329ac065a5779c60d62328a049091bb9d4b7d0be2f1610db38a8744c35f7071b06991ec837235a981
-  data.tar.gz: 926acbd38590f74666e8d774b6f54d3b610cbf0570495727049b2c2ba628a80888d30e2e0bd83ac26b3897c9a0875be42ce336a439a9e07a2dfb8160aebc8441
+  metadata.gz: b8826e6c0039d1721ba0d662fb542a19ed9349bdc0ec6aadc976b172266284955c0d6784da9b1d1b9d8e5ef76181cc8b1299eb2164ab1b56817899e66ae1ec53
+  data.tar.gz: 6d9343d65ffc31dadaa7fd9a01e5221d183a830d7d79fa82d79381832160ad1c342ffa6f1a4892f8aad78f7f1adde161517b79f571fdb5efc098cc4e55c99781

data/.github/workflows/test.yml

@@ -8,7 +8,7 @@ jobs:
       fail-fast: false
       matrix:
         os: [ubuntu-latest]
-        ruby: [2.7, 3.0, 3.1, 3.2]
+        ruby: ['3.0', '3.1', '3.2', 'head']
 
     name: >-
       ${{matrix.os}}, ${{matrix.ruby}}
@@ -24,8 +24,6 @@ jobs:
       run: |
         gem install bundler
         bundle install
-    - name: Show Linux kernel version
-      run: uname -r
     - name: Compile C-extension
       run: bundle exec rake compile
     - name: Run tests

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.1 2023-07-01
+
+- Rescue `ArgumentError` in `#parse_headers` (#4)
+
 ## 1.0 2023-06-07
 
 - Add support for array as header value (#2)

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    h1p (1.0)
+    h1p (1.1)
 
 GEM
   remote: https://rubygems.org/

data/LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2021 Digital Fabric
+Copyright (c) 2023 Digital Fabric
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/ext/h1p/h1p.c

@@ -1,3 +1,4 @@
+#include <stdnoreturn.h>
 #include "h1p.h"
 
 // Security-related limits are defined in limits.rb and injected as
@@ -724,20 +725,7 @@ eof:
   return 0;
 }
 
-/* call-seq: parser.parse_headers -> headers
- *
- * Parses headers from the associated IO instance, returning a hash mapping
- * header keys to their respective values. Header keys are downcased and dashes
- * are converted to underscores. The returned headers will also include the
- * following pseudo-headers:
- * 
- * - `':protocol'` - the protocol as specified in the query line / status line
- * - `':path'` - the query path (for HTTP requests)
- * - `':method'` - the HTTP method (for HTTP requests)
- * - `':status'` - the HTTP status (for HTTP responses)
- * - `':rx'` - the total number of bytes read by the parser
- */
-VALUE Parser_parse_headers(VALUE self) {
+VALUE Parser_parse_headers_safe(VALUE self) {
   Parser_t *parser;
   GetParser(self, parser);
   parser->headers = rb_hash_new();
@@ -775,6 +763,31 @@ done:
   return parser->headers;
 }
 
+noreturn VALUE Parser_parse_headers_rescue(VALUE args, VALUE error) {
+  RAISE_BAD_REQUEST("Invalid character sequences in method or header name");
+}
+
+/* call-seq: parser.parse_headers -> headers
+ *
+ * Parses headers from the associated IO instance, returning a hash mapping
+ * header keys to their respective values. Header keys are downcased and dashes
+ * are converted to underscores. The returned headers will also include the
+ * following pseudo-headers:
+ * 
+ * - `':protocol'` - the protocol as specified in the query line / status line
+ * - `':path'` - the query path (for HTTP requests)
+ * - `':method'` - the HTTP method (for HTTP requests)
+ * - `':status'` - the HTTP status (for HTTP responses)
+ * - `':rx'` - the total number of bytes read by the parser
+ */
+VALUE Parser_parse_headers(VALUE self) {
+  return rb_rescue2(
+    Parser_parse_headers_safe, self,
+    Parser_parse_headers_rescue, self,
+    eArgumentError, (VALUE)0
+  );
+}
+
 ////////////////////////////////////////////////////////////////////////////////
 
 static inline int str_to_int(VALUE value, const char *error_msg) {

data/h1p.gemspec

@@ -16,7 +16,7 @@ Gem::Specification.new do |s|
   s.extra_rdoc_files = ["README.md"]
   s.extensions = ["ext/h1p/extconf.rb"]
   s.require_paths = ["lib"]
-  s.required_ruby_version = '>= 2.7'
+  s.required_ruby_version = '>= 3.0'
 
   s.add_development_dependency  'rake-compiler',        '1.2.3'
   s.add_development_dependency  'rake',               '~>13.0.6'

data/lib/h1p/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module H1P
-  VERSION = '1.0'
+  VERSION = '1.1'
 end

data/test/test_h1p.rb

@@ -105,7 +105,7 @@ class SendBodyChunkTest < MiniTest::Test
       len = H1P.send_body_chunk(o, chunk)
       o.close
     end
-    
+
     response = i.read
     assert_equal "#{chunk.bytesize.to_s(16)}\r\n#{chunk}\r\n", response
     assert_equal chunk.bytesize + chunk.bytesize.to_s(16).bytesize + 4, len

data/test/test_h1p_server.rb

@@ -88,6 +88,11 @@ class H1PServerTest < MiniTest::Test
     assert_raises(Error) { @parser.parse_headers }
   end
 
+  def test_invalid_method_string
+    @o << "\x02\x78\x83\x2 / HTTP/1.1\r\n\r\n"
+    assert_raises(Error) { @parser.parse_headers }
+  end
+
   def test_path_characters
     @o << "GET /äBçDé¤23~{@€ HTTP/1.1\r\n\r\n"
     headers = @parser.parse_headers
@@ -191,6 +196,11 @@ class H1PServerTest < MiniTest::Test
     assert_equal 'ddd', headers['c']
   end
 
+  def test_invalid_headers
+    @o << "GET / HTTP/1.1\r\n\foo\x02\x78\x83\x02: bar\n\r\n"
+    assert_raises(Error) { @parser.parse_headers }
+  end
+
   def test_headers_multiple_values
     @o << "GET / HTTP/1.1\r\nFoo: Bar\r\nfoo: baz\r\n\r\n"
     headers = @parser.parse_headers
@@ -471,7 +481,7 @@ class H1PServerTest < MiniTest::Test
       @o.close
     end
     def w.__write_method__; :backend_write; end
-    
+
     headers = @parser.parse_headers
     @parser.splice_body_to(w)
     w.close
@@ -492,7 +502,7 @@ class H1PServerTest < MiniTest::Test
       @o.close
     end
     def w.__write_method__; :backend_write; end
-    
+
     headers = @parser.parse_headers
     @parser.splice_body_to(w)
     w.close

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: h1p
 version: !ruby/object:Gem::Version
-  version: '1.0'
+  version: '1.1'
 platform: ruby
 authors:
 - Sharon Rosner
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-06-07 00:00:00.000000000 Z
+date: 2023-07-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake-compiler
@@ -102,7 +102,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.7'
+      version: '3.0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="