Several robustness improvements to protect mongrel against bad HTTP requests.

git-svn-id: svn+ssh://rubyforge.org/var/svn/mongrel/trunk@138 19e92222-5c0b-0410-8929-a290d50e31e9

2 files changed, 18 insertions, 9 deletions

diff --git a/lib/mongrel.rb b/lib/mongrel.rb
index 25b9062..2c84018 100644
--- a/lib/mongrel.rb
+++ b/lib/mongrel.rb
@@ -110,7 +110,11 @@ module Mongrel
     ERROR_503_RESPONSE="HTTP/1.1 503 Service Unavailable\r\n\r\nBUSY".freeze
 
     # The basic max request size we'll try to read.
-    CHUNK_SIZE=(16 * 1024)
+    CHUNK_SIZE=(4 * 1024)
+
+    # This is the maximum header that is allowed before a client is booted.  The parser detects
+    # this, but we'd also like to do this as well.
+    MAX_HEADER=1024 * (80 + 32)
 
     # Format to generate a correct RFC 1123 date.  rdoc for Time is wrong, there is no httpdate function.
     RFC_1123_DATE_FORMAT="%a, %d %B %Y %H:%M:%S GMT".freeze
@@ -259,13 +263,12 @@ module Mongrel
     attr_reader :header_sent
     attr_reader :status_sent
     
-    def initialize(socket, filter = nil)
+    def initialize(socket)
       @socket = socket
       @body = StringIO.new
       @status = 404
       @header = HeaderOut.new(StringIO.new)
       @header[Const::DATE] = HttpServer.httpdate(Time.now)
-      @filter = filter
       @body_sent = false
       @header_sent = false
       @status_sent = false
@@ -343,6 +346,8 @@ module Mongrel
   end
   
 
+
+
   # This is the main driver of Mongrel, while the Mognrel::HttpParser and Mongrel::URIClassifier
   # make up the majority of how the server functions.  It's a very simple class that just
   # has a thread accepting connections and a simple HttpServer.process_client function
@@ -432,14 +437,20 @@ module Mongrel
           else
             # gotta stream and read again until we can get the parser to be character safe
             # TODO: make this more efficient since this means we're parsing a lot repeatedly
+            if data.length >= Const::MAX_HEADER
+              raise HttpParserError.new("HEADER is longer than allowed, aborting client early.")
+            end
+
             parser.reset
             data << client.readpartial(Const::CHUNK_SIZE)
           end
         end
       rescue EOFError,Errno::ECONNRESET,Errno::EPIPE,Errno::EINVAL
         # ignored
+      rescue HttpParserError
+        STDERR.puts "BAD CLIENT: #$!"        
       rescue => details
-        STDERR.puts "ERROR(#{details.class}): #{details}"
+        STDERR.puts "ERROR: #$!"
         STDERR.puts details.backtrace.join("\n")
       ensure
         client.close
diff --git a/lib/mongrel/debug.rb b/lib/mongrel/debug.rb
index 94b906d..5beacff 100644
--- a/lib/mongrel/debug.rb
+++ b/lib/mongrel/debug.rb
@@ -70,11 +70,9 @@ module ObjectTracker
       # Strings can't be tracked easily and are so numerous that they drown out all else
       # so we just ignore them in the counts.
       ObjectSpace.each_object do |obj|
-        if not obj.kind_of? String
-          ospace << obj.object_id
-          counts[obj.class] ||= 0
-          counts[obj.class] += 1
-        end
+        ospace << obj.object_id
+        counts[obj.class] ||= 0
+        counts[obj.class] += 1
       end
       
       dead_objects = @active_objects - ospace