[#4522] Undefined Errno::EPROTO and the like raises NameError — "Florian Frank" <flori@...>
Hi,
5 messages
2005/03/07
[#4533] giving acces readline to rl_line_buffer — "Cs. Henk" <csaba-ml@...>
Hi!
1 message
2005/03/09
[#4548] Ruby 1.8.2 array of hash entries functions incorrectly — noreply@...
Bugs item #1613, was opened at 2005-03-09 19:49
4 messages
2005/03/10
[#4561] rb_reg_quote weirdness — Nikolai Weibull <mailing-lists.ruby-core@...>
(Two weirdnesses in one day.)
5 messages
2005/03/13
[#4564] Re: rb_reg_quote weirdness
— Yukihiro Matsumoto <matz@...>
2005/03/14
Hi,
[#4567] Immutable Ropes — Nikolai Weibull <mailing-lists.ruby-core@...>
Note how I didn't write "Immutable Strings" in the subject.
8 messages
2005/03/15
[#4573] Re: Immutable Ropes
— Mathieu Bouchard <matju@...>
2005/03/15
[#4575] Allowing "?" in struct members — "Berger, Daniel" <Daniel.Berger@...>
Hi all,
8 messages
2005/03/16
[#4587] 0**0==1? — Bertram Scharpf <lists@...>
Hi,
6 messages
2005/03/19
[#4595] New block syntax — Daniel Amelang <daniel.amelang@...>
I'm really sorry if this isn't the place to talk about this. I've
25 messages
2005/03/21
[#4597] Re: New block syntax
— Florian Gro<florgro@...>
2005/03/21
Daniel Amelang wrote:
[#4606] Re: New block syntax
— "David A. Black" <dblack@...>
2005/03/21
Hi --
[#4629] Re: New block syntax
— "Sean E. Russell" <ser@...>
2005/03/30
On Monday 21 March 2005 16:17, David A. Black wrote:
[#4631] Re: New block syntax
— "David A. Black" <dblack@...>
2005/03/30
Hi --
[#4633] Re: New block syntax
— Daniel Amelang <daniel.amelang@...>
2005/03/31
Hey David, I think that we've had some misunderstandings due to
[#4634] Re: New block syntax
— "David A. Black" <dblack@...>
2005/03/31
Hi --
[#4639] Re: New block syntax
— "Sean E. Russell" <ser@...>
2005/03/31
On Wednesday 30 March 2005 20:55, David A. Black wrote:
[#4628] Re: New block syntax
— "Sean E. Russell" <ser@...>
2005/03/30
On Sunday 20 March 2005 21:31, Daniel Amelang wrote:
[#4601] Re: New block syntax — "Berger, Daniel" <Daniel.Berger@...>
> -----Original Message-----
5 messages
2005/03/21
[#4611] want_object? - possible? — "Berger, Daniel" <Daniel.Berger@...>
Hi all,
4 messages
2005/03/22
[#4619] Re: want_object? - possible? — Daniel Berger <djberg96@...>
--- nobu.nokada@softhome.net wrote:
9 messages
2005/03/25
[#4620] Re: want_object? - possible?
— "David A. Black" <dblack@...>
2005/03/25
Hi --
[#4711] Re: want_object? - possible?
— Mark Hubbart <discordantus@...>
2005/04/14
On 3/24/05, David A. Black <dblack@wobblini.net> wrote:
[#4717] Re: want_object? - possible?
— "David A. Black" <dblack@...>
2005/04/14
Hi --
[#4718] Re: want_object? - possible?
— Mark Hubbart <discordantus@...>
2005/04/15
On 4/14/05, David A. Black <dblack@wobblini.net> wrote:
[#4719] return_value? [Was: Re: want_object? - possible?]
— Eric Hodel <drbrain@...7.net>
2005/04/15
On 14 Apr 2005, at 22:20, Mark Hubbart wrote:
[#4724] Re: return_value? [Was: Re: want_object? - possible?]
— Mark Hubbart <discordantus@...>
2005/04/15
On 4/15/05, Eric Hodel <drbrain@segment7.net> wrote:
[#4622] tempfile.rb — Tilman Sauerbeck <tilman@...>
Hi,
4 messages
2005/03/26
[#4648] about REXML::Encoding — speakillof <speakillof@...>
Hi.
15 messages
2005/03/31
[#4659] Re: about REXML::Encoding
— "Sean E. Russell" <ser@...>
2005/04/04
On Thursday 31 March 2005 09:44, speakillof wrote:
[#4661] Re: about REXML::Encoding
— speakillof <speakillof@...>
2005/04/04
Hi.
[#4684] Re: about REXML::Encoding
— "Sean E. Russell" <ser@...>
2005/04/09
I've tested, applied, and committed your Encoding patch, Nobu.
[#4688] Re: about REXML::Encoding
— nobu.nokada@...
2005/04/10
Hi,
Re: Patch for denial of service vulnerability in WEBrick
From:
GOTOU Yuuzou <gotoyuzo@...>
Date:
2005-03-05 20:19:02 UTC
List:
ruby-core #4519
Hi,
In message <422935C1.5040905@blackhat.com>,
`Dominique Brezinski <dom@blackhat.com>' wrote:
> If
> connections are terminated during the SSL handsake, an exception is
> raised that is not properly handled in webrick/server.rb. The result
> is that there is a leak in the token queue used to limit the number of
> threads created to handle connections.
Thanks.
> Here is a patch for 1.8.2 that fixes this and a related leak:
I want to simplify operations about @tokens as soon as
possible. How do you think about the following patch?
--
gotoyuzo
--- lib/webrick/server.rb 18 Jan 2005 06:03:43 -0000 1.5.2.4
+++ lib/webrick/server.rb 5 Mar 2005 20:01:17 -0000
@@ -88,17 +88,15 @@ def start(&block)
if svrs = IO.select(@listeners, nil, nil, 2.0)
svrs[0].each{|svr|
@tokens.pop # blocks while no token is there.
- sock = svr.accept
- sock.sync = true
- Utils::set_close_on_exec(sock)
- th = start_thread(sock, &block)
- th[:WEBrickThread] = true
- thgroup.add(th)
+ if sock = accept_client(svr)
+ th = start_thread(sock, &block)
+ th[:WEBrickThread] = true
+ thgroup.add(th)
+ else
+ @tokens.push(nil)
+ end
}
end
- rescue Errno::ECONNRESET, Errno::ECONNABORTED, Errno::EPROTO => ex
- # TCP connection was established but RST segment was sent
- # from peer before calling TCPServer#accept.
rescue Errno::EBADF, IOError => ex
# if the listening socket was closed in GenericServer#shutdown,
# IO::select raise it.
@@ -140,6 +138,22 @@ def run(sock)
private
+ def accept_client(svr)
+ sock = nil
+ begin
+ sock = svr.accept
+ sock.sync = true
+ Utils::set_close_on_exec(sock)
+ rescue Errno::ECONNRESET, Errno::ECONNABORTED, Errno::EPROTO => ex
+ # TCP connection was established but RST segment was sent
+ # from peer before calling TCPServer#accept.
+ rescue Exception => ex
+ msg = "#{ex.class}: #{ex.message}\n\t#{ex.backtrace[0]}"
+ @logger.error msg
+ end
+ return sock
+ end
+
def start_thread(sock, &block)
Thread.start{
begin
@@ -161,6 +175,7 @@ def start_thread(sock, &block)
rescue Exception => ex
@logger.error ex
ensure
+ @tokens.push(nil)
Thread.current[:WEBrickSocket] = nil
if addr
@logger.debug "close: #{addr[3]}:#{addr[1]}"
@@ -169,7 +184,6 @@ def start_thread(sock, &block)
end
sock.close
end
- @tokens.push(nil)
}
end