Too strict HTTP Status Line parsing

Alexander Zhuravlev a.zhuravlev@REDACTED
Tue Jun 1 23:48:35 CEST 2010


On Wed, Jun 02, 2010 at 01:22:29AM +0400, Alexander Zhuravlev wrote:
> Hello,
> 
> I've tried to use lhttpc library (http://bitbucket.org/etc/lhttpc) to fetch
> a resource (http://www.qype.com/review/1376848) and got the following
> error:
> 
> {{http_error,"HTTP/1.1 200\r\n"},
> 	[{lhttpc_client,read_response,5},
> 	{lhttpc_client,execute,8},
> 	{lhttpc_client,request,9}]} 

Almost forgot, the error was reproduced with erlang R13B04:
Erlang R13B04 (erts-5.7.5) [source] [64-bit] [smp:2:2] [rq:2] [async-threads:0] [hipe] [kernel-poll:false]

lhttpc version 1.2.4

> I've checked lhttpc source code and found out that to receive and parse an HTTP
> response it uses _standard_ erlang module gen_tcp on a socket in
> {packet, http} mode. So it looks like the {http_error,"HTTP/1.1 200\r\n"} error was
> in fact generated by erlang's http packet parsing code.
> 
> I found the following code in packet_parse_http function from
> erts/emulator/beam/packet_parser.c file:
> 
> ...
> p0 = ptr;
> while (n && SP(ptr)) {
> 	ptr++; n--;
> }
> if (ptr==p0) return -1;
> ...
> 
> As far as I understand "HTTP/1.1 200\r\n" line does not have any spaces
> after the status code "200", and the function strips \r\n as a first step of
> its operation. So the "while" cycle does not run and we get into the
> "if (ptr==p0) branch" this basically leads to returning of 
> {http_error, "HTTP/1.1 200\r\n"} atom up to the call stack.
> 
> Strictly speaking this is not a bug in erlang, but I suppose it
> should take a more relaxed approach to HTTP Status Line parsing
> and not return http_error if an HTTP response Status Line does not have
> a Reason-phrase part.
-- 
Alexander Zhuravlev


More information about the erlang-bugs mailing list