mirrorlist-server/mirrorlist_client.wsgi | 6 ++++++
1 file changed, 6 insertions(+)
New commits:
commit 621af2882e984459a23d1e7af3ef1854ea6f0ba1
Author: Matt Domsch <Matt_Domsch(a)dell.com>
Date: Tue May 11 22:57:19 2010 -0500
mirrorlist_client: sanitize input into UTF-8
Users may put all sorts of odd URL-escaped characters onto the URLs.
When this happens, mirrorlist_server.py child thread would crash
trying to write the byte string with escaped '\x80' characters inside
it into the error report header. When the child crashes,
mirrorlist_client.wsgi would spin forever eating 100% CPU waiting for
a response from the server that would never come.
This patch sanitizes the input query args into a byte string that only
contains UTF-8 characters. This fixes this particular source of crash
in the server and subsequent hang of the client. It would still be
good if the client could time out or otherwise recognize when the
server is never coming back.
diff --git a/mirrorlist-server/mirrorlist_client.wsgi
b/mirrorlist-server/mirrorlist_client.wsgi
index 9dbdf7a..dd6d1d9 100755
--- a/mirrorlist-server/mirrorlist_client.wsgi
+++ b/mirrorlist-server/mirrorlist_client.wsgi
@@ -83,6 +83,12 @@ def request_setup(request):
pathinfo = request.environ['PATH_INFO']
if scriptname == '/metalink' or pathinfo == '/metalink':
d['metalink'] = True
+
+ for k, v in d.iteritems():
+ try:
+ d[k] = unicode(v, 'utf8', 'ignore').encode('utf8')
+ except:
+ pass
return d
def accept_encoding_gzip(request):
Show replies by date