[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [Libevent-users] bug + question

To: libevent-users@xxxxxxxxxxxxx
Subject: Re: [Libevent-users] bug + question
From: Mihai Draghicioiu <mihai.draghicioiu@xxxxxxxxx>
Date: Thu, 6 Jan 2011 10:51:49 +0200
Delivered-to: archiver@xxxxxxxx
Delivered-to: libevent-users-outgoing@xxxxxxxx
Delivered-to: libevent-users@xxxxxxxx
Delivery-date: Thu, 06 Jan 2011 03:51:56 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=t+Cw20nye0wAhbZ13yn/jPWk8rz9L1fAALr2DEOTSGY=; b=k+OWtB4V0BEkLJxY0HQ1EeflrOgKsP7K5RH6mNlmx5h9W+dWMuqOE8YykRTK0VFDKD oaUukbcNcBGKQ31+mM5JkJwOfrhC1LlPvkO1g2eLU0hMmvB/d4ZfKZ+csvLLkOTtjHlx j9DGl8pjt2rpVFT8WxqOW9vYZtLFoh7lz5Cx0=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=f528WHQIg4MWIX33Z17KXMncGHEcI382dHLoxAIppxY0tYWw2DgwL1ZyTSv1em/fLF NbpenvWTvvwo+2egtSAo3C9W9ETB9TD/0adpNOS1T7lCCF2MNqy1E9Mi8pMmJHq0AdAh R/DvWTweJa3zUxXYgHNeTTjqlllTmhrbICOWM=
In-reply-to: <AANLkTikoRqH+tLJdU5N3bRY0Ni8aRQybXniFJi_47bmi@xxxxxxxxxxxxxx>
References: <AANLkTinL7q4t6NOvfusEHbNvcmqQKm8FD-JU=VcwGQcf@xxxxxxxxxxxxxx> <AANLkTikoRqH+tLJdU5N3bRY0Ni8aRQybXniFJi_47bmi@xxxxxxxxxxxxxx>
Reply-to: libevent-users@xxxxxxxxxxxxx
Sender: owner-libevent-users@xxxxxxxxxxxxx

Thanks Nick!

Well, with PHP, you can have parameters of these forms:

foo=bar&baz=quux
foo=bar&baz= (empty baz)
foo=bar&baz (empty baz)

they all work, but in the last two cases, the value of baz is an empty string.
And I was just thinking the parser can be a bit loose, without this
generating any trouble. I wasn't thinking of any standard.

On Wed, Jan 5, 2011 at 9:16 PM, Nick Mathewson <nickm@xxxxxxxxxxxxx> wrote:
> On Thu, Dec 30, 2010 at 8:21 PM, Mihai Draghicioiu
> <mihai.draghicioiu@xxxxxxxxx> wrote:
>> Hi all. I've found that evhttp_parse_query_str only works if the query
>> string is of the form foo=bar&baz=quux. If we have a query string of
>> the form foo=bar&baz (no value for the last key), it fails. I consider
>> this a bug, because you have all the other valid parameters in there,
>> and it can just set NULL for the value of the baz parameter. I believe
>> the behavior of evhttp_parse_query() is different (correct). I had
>> used evhttp_parse_query() until now, and switched to
>> evhttp_parse_query_str() and discovered this bug.
>
> I'll repost my question from
> https://sourceforge.net/tracker/?func=detail&aid=3037662&group_id=50884&atid=461322
> :
>
> ===
> So, RFC3986 says that the query part of a URL can be any sequence of
> characters in a given set, without providing any instructions on how to
> encode or decode them.
>
> The only place that i can find the key=val&key2=val2 format expressed, on
> the other hand, is in the HTML standard, which doesn't define anything
> about parameters without values.
>
> So I'm inclined to say that this is not-a-bug: If the query parameters are
> not encoded in the HTML-standard way, then absent some other standard, then
> decoding the Request-URI from the Request-Line is up to the library user,
> right?
>
> Is there a standard I'm missing here?
> ===
>
> In other words, according to what standard is foo=bar&baz to be
> interpreted? ÂIf we're considering generic URIs, there is no
> particular interpretation to the query part. ÂIf we're considering GET
> requests generated by HTML forms, I think it's invalid, if I'm reading
> the HTML spec right. ÂSo according to what standard does foo=bar&baz
> have an interpretation?
>
>> Second, I have a question - does one need to evhttp_uri_free() the
>> returned pointer from evhttp_request_get_evhttp_uri()? It crashes if I
>> do free it, so i'd like to make sure it's correct to not free it (no
>> memory leaks).
>
> Right. Â(In fact, you shouldn't be able to write correct code that
> tries to free it! ÂThe evhttp_request_get_evhttp_uri() function
> returns a const pointer, and evhttp_uri_free() requires a non-const
> pointer.)
>
>> Also, is the evkeyvalq usage in this example correct? Note that it
>> includes the issues described above:
>>
>> static void httpcb(struct evhttp_request *req, void *arg) {
>> Â Âevkeyvalq query; // is it meant to be used in this way?
>> Â Âevhttp_parse_query_str(evhttp_uri_get_query(evhttp_request_get_evhttp_uri(req)),
>> &query);
>
> Hm. ÂThis is a little iffy, since evhttp_uri_get_query can return
> NULL, and evhttp_parse_query_str is not documented to accept NULL.
> (It can and does, but I'd still call usage of an undocumented feature
> questionable.)
>
> Also, you aren't checking the return value of evhttp_parse_query_str.
>
>> Â Âconst char *val;
>> Â Âif((val = evhttp_find_header(&query, "command"))) {
>
> Looks fine to me.
>
>> Â Â Â Â...
>> Â Â}
>> }
>
>
> yrs,
> --
> Nick
> ***********************************************************************
> To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxx with
> unsubscribe libevent-users Â Âin the body.
>
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxx with
unsubscribe libevent-users    in the body.

References:
- Re: [Libevent-users] bug + question
  - From: Nick Mathewson

Prev by Author: [Libevent-users] HTTP and thread safety
Next by Author: Re: [Libevent-users] can libevent-devel for x86_64 and i686 coexist on a x86_64 machine?
Previous by thread: Re: [Libevent-users] bug + question
Next by thread: [Libevent-users] Does bufferevent_openssl_socket_new() API support multi-thread?
Index(es):
- Author
- Thread