simple_bridge hangs when processing incorrectly passed muiltipart/form-data POST body.
How to reproduce:
- start using standard
make run_inets
- execute command
curl -X POST -H 'Content-Type: multipart/form-data; boundary=12345' --data-binary "@test-data-bad" "http://localhost:8000/"
Expected result: Error 4xx or 5xx.
Actual result: request never ends (or stop after some timeout).
On large amount of such requests code consumes all CPU resources very quickly.
I've attached test data and sample code in test.sh simple_bridge_post_form.tar.gz
In "bad" payload I use \n instead of \r\n.
As a dirty workaround I use this code in simple_bridge_multipart:
--- a/simple_bridge/src/simple_bridge_multipart.erl
+++ b/simple_bridge/src/simple_bridge_multipart.erl
@@ -230,6 +230,13 @@ get_next_line(Data, Acc, Part, State) when Data == undefined orelse Data == <<>>
read_chunk(State = #state { req=Req, length=Length, bytes_read=BytesRead }) ->
BytesToRead = lists:min([Length - BytesRead, ?CHUNKSIZE]),
+ if
+ BytesToRead==0 ->
+ error_logger:error_msg("LineEnding failed, state: ~p~n", [State]),
+ erlang:throw({unexpected, line_end, 0});
+ true ->
+ ok
+ end,
Data = sbw:recv_from_socket(BytesToRead, ?IDLE_TIMEOUT, Req),
NewBytesRead = BytesRead + size(Data),
ok=crash_if_too_big(NewBytesRead, State),
simple_bridge hangs when processing incorrectly passed muiltipart/form-data POST body.
How to reproduce:
make run_inetscurl -X POST -H 'Content-Type: multipart/form-data; boundary=12345' --data-binary "@test-data-bad" "http://localhost:8000/"Expected result: Error 4xx or 5xx.
Actual result: request never ends (or stop after some timeout).
On large amount of such requests code consumes all CPU resources very quickly.
I've attached test data and sample code in test.sh simple_bridge_post_form.tar.gz
In "bad" payload I use
\ninstead of\r\n.As a dirty workaround I use this code in simple_bridge_multipart: