Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mark bytes as consumed #13394

Merged
merged 1 commit into from
Aug 24, 2019
Merged

Mark bytes as consumed #13394

merged 1 commit into from
Aug 24, 2019

Conversation

Tratcher
Copy link
Member

#13372 @Pilchie
This looks like a preview9 regression from #12749 where we refactored the form parser. It's externally reported as impacting OpenIdConnect auth, but I was only able to reproduce it using WsFed auth. The request fails and the client is unable to log in. I don't see any immediate workarounds.

The issue happens if the form is long enough to take the slow path (multiple buffer segments), but the last key=value pair is short and takes the single segment fast path. In that case it fails to mark the last bytes as consumed and the parser mistakenly aborts.

Compare the fix to what happens in the slow path on lines 294 and 295 bellow.

@Tratcher Tratcher added this to the 3.0.0-preview9 milestone Aug 23, 2019
@Tratcher Tratcher requested a review from jkotalik August 23, 2019 23:41
@Tratcher Tratcher self-assigned this Aug 23, 2019
@Pilchie Pilchie added the ask-mode This issue / PR is a patch candidate which we will bar-check internally before patching it. label Aug 23, 2019
@dougbu
Copy link
Member

dougbu commented Aug 24, 2019

This looks ready but we need an approver (beyond QB-approval, which this has)

@mmitche
Copy link
Member

mmitche commented Aug 24, 2019

Can we get this reviewed and checked in so we can get a build for Sunday night validation?

@Tratcher Tratcher requested a review from halter73 August 24, 2019 18:01
BrennanConroy
BrennanConroy approved these changes Aug 24, 2019
View reviewed changes
src/Http/WebUtilities/test/FormPipeReaderTests.cs

Assert.Equal(2, accumulator.KeyCount);
var dict = accumulator.GetResults();
Assert.Equal("\"%-.<>\\^_`{|}~", dict["\"%-.<>\\^_`{|}~"]);
Assert.Equal("wow", dict["\"%-.<>\\^_`{|}"]);
}

[Fact]
public void TryParseFormValues_MultiSegmentFastPathWorks()
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm assuming this would have failed before the fix?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right, this covers the repro scenario.

@Tratcher
Copy link
Member Author

@JunTaoLuo @Pilchie admin merge please.

@mmitche mmitche merged commit 66de493 into release/3.0-preview9 Aug 24, 2019
@ghost ghost deleted the tratcher/formparse branch August 24, 2019 19:03
@amcasey amcasey added the area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions label Jun 2, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@BrennanConroy BrennanConroy BrennanConroy approved these changes

@jkotalik jkotalik jkotalik approved these changes

@analogrelay analogrelay Awaiting requested review from analogrelay

@halter73 halter73 Awaiting requested review from halter73

Assignees

@Tratcher Tratcher

Labels
area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions ask-mode This issue / PR is a patch candidate which we will bar-check internally before patching it. feature-http-abstractions
Projects
None yet
Milestone
3.0.0-preview9
Development

Successfully merging this pull request may close these issues.
7 participants
@Tratcher @dougbu @mmitche @BrennanConroy @jkotalik @Pilchie @amcasey