From 0be13136629b5f1a90ded406531c9b78c9c9345a Mon Sep 17 00:00:00 2001
From: Michael Hanselmann <hansmi@google.com>
Date: Fri, 26 Feb 2010 13:32:11 +0100
Subject: [PATCH] Fix two potentially endless loops in http library

The first can be problematic if poll(2) returns POLLHUP|POLLERR on a
socket. Before it would be only be respected for SOCKOP_RECV, but since
they can also occur on other socket operations, esp. in combination with
OpenSSL, letting the socket functions handle POLLHUP|POLLERR seems to be
the right thing.

The second is a typo leading to an endless loop if the first line of an
HTTP connection is empty (simply "\r\n"). Instead of removing the empty
line, it would remove anything after it.

Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
---
 lib/http/__init__.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/http/__init__.py b/lib/http/__init__.py
index ce2243a64..b39866a81 100644
--- a/lib/http/__init__.py
+++ b/lib/http/__init__.py
@@ -401,9 +401,9 @@ def SocketOperation(sock, op, arg1, timeout):
       if event is None:
         raise HttpSocketTimeout()
 
-      if (op == SOCKOP_RECV and
-          event & (select.POLLNVAL | select.POLLHUP | select.POLLERR)):
-        return ""
+      if event & (select.POLLNVAL | select.POLLHUP | select.POLLERR):
+        # Let the socket functions handle these
+        break
 
       if not event & wait_for_event:
         continue
@@ -845,7 +845,7 @@ class HttpMessageReader(object):
         # the CRLF."
         if idx == 0:
           # TODO: Limit number of CRLFs/empty lines for safety?
-          buf = buf[:2]
+          buf = buf[2:]
           continue
 
         if idx > 0:
-- 
GitLab