The default bug view has changed. See this FAQ.

Snappy Symbolication Server - Invalid Content Length throws exception

VERIFIED FIXED

Status

()

Core
Gecko Profiler
VERIFIED FIXED
5 years ago
5 years ago

People

(Reporter: dchan, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

5 years ago
Passing a Content-Length that can not be converted to an int results int he server throwing. [1]

STR
1. curl -H "Content-Length: a" -d ""  http://127.0.0.1:8000/

Expected
No Error

----------------------------------------
Exception happened during processing of request from ('127.0.0.1', 63966)
Traceback (most recent call last):
  File "/usr/lib/python2.6/SocketServer.py", line 560, in process_request_thread
    self.finish_request(request, client_address)
  File "/usr/lib/python2.6/SocketServer.py", line 322, in finish_request
    self.RequestHandlerClass(request, client_address, self)
  File "/usr/lib/python2.6/SocketServer.py", line 617, in __init__
    self.handle()
  File "/usr/lib/python2.6/BaseHTTPServer.py", line 329, in handle
    self.handle_one_request()
  File "/usr/lib/python2.6/BaseHTTPServer.py", line 323, in handle_one_request
    method()
  File "symbolicationWebService.py", line 64, in do_POST
    length = int(self.headers["Content-Length"])
ValueError: invalid literal for int() with base 10: 'a'
----------------------------------------


[1] - https://github.com/vdjeric/Snappy-Symbolication-Server/blob/master/symbolicationWebService.py#L64
Moved the Content-Length lookup inside the adjacent try block.

Patch with all the sec review fixes:  https://github.com/vdjeric/Snappy-Symbolication-Server/commit/67705706c605984e220f69469a68b455813923f5
Status: NEW → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → FIXED
(Reporter)

Updated

5 years ago
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.