tee_input: fix accounting error on corked requests

In case a request sends the header and buffer as one packet, TeeInput relying on accounting info from StreamInput is harmful as StreamInput will buffer in memory outside of TeeInput's control. This bug is triggered by calling env["rack.input"].size or env["rack.input"].rewind before to read.
author: Eric Wong <normalperson@yhbt.net> 2010-12-08 22:02:45 +0000
committer: Eric Wong <normalperson@yhbt.net> 2010-12-09 06:34:37 +0800
commit: 3b2fc62dadd3c90038c168849b33c4ca6df058da (patch)
tree: 2724ad66053bd63b433c69b3b7bf8821351f71eb /lib
parent: 52f55529293e466a77090691d1fe06a7933c74a1 (diff)
download: unicorn-3b2fc62dadd3c90038c168849b33c4ca6df058da.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/unicorn/tee_input.rb b/lib/unicorn/tee_input.rb
index ee3effd..53f6ebf 100644
--- a/lib/unicorn/tee_input.rb
+++ b/lib/unicorn/tee_input.rb
@@ -43,10 +43,10 @@ class Unicorn::TeeInput < Unicorn::StreamInput
    # specified +length+ in a loop until it returns +nil+.
    def size
      @len and return @len
-    pos = @bytes_read
+    pos = @tmp.pos
      consume!
      @tmp.pos = pos
-    @len = @bytes_read
+    @len = @tmp.size
    end
  
    # :call-seq:
@@ -92,7 +92,7 @@ class Unicorn::TeeInput < Unicorn::StreamInput
    # the offset (zero) of the +ios+ pointer.  Subsequent reads will
    # start from the beginning of the previously-buffered input.
    def rewind
-    return 0 if @bytes_read == 0
+    return 0 if 0 == @tmp.size
      consume! if @socket
      @tmp.rewind # Rack does not specify what the return value is here
    end
author	Eric Wong <normalperson@yhbt.net>	2010-12-08 22:02:45 +0000
committer	Eric Wong <normalperson@yhbt.net>	2010-12-09 06:34:37 +0800
commit	3b2fc62dadd3c90038c168849b33c4ca6df058da (patch)
tree	2724ad66053bd63b433c69b3b7bf8821351f71eb /lib
parent	52f55529293e466a77090691d1fe06a7933c74a1 (diff)
download	unicorn-3b2fc62dadd3c90038c168849b33c4ca6df058da.tar.gz