##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

dirs: resolve fuzzer OOM situation by disallowing deep directory hierarchies...
dirs: resolve fuzzer OOM situation by disallowing deep directory hierarchies It seems like 2048 directories ought to be enough for any reasonable use of Mercurial? A previous version of this patch scanned for slashes before any allocations occurred. That approach is slower than this in the happy path, but much faster than this in the case that too many slashes are encountered. We may want to revisit it in the future using memchr() so it'll be well-optimized by the libc we're using. .. bc: Mercurial will now defend against OOMs by refusing to operate on paths with 2048 or more components. This means that _extremely_ deep path hierarchies will be rejected, but we anticipate nobody is using hierarchies this deep. Differential Revision: https://phab.mercurial-scm.org/D7411
Augie Fackler - - Load All Authors

File last commit:

r43812:2fe6121c default
r44057:0796e266 default
Show More
wsgicgi.py
94 lines | 3.0 KiB | text/x-python | PythonLexer
/ mercurial / hgweb / wsgicgi.py
History | Annotation | Raw |Copy content |Copy permalink
# hgweb/wsgicgi.py - CGI->WSGI translator
#
# Copyright 2006 Eric Hopper <hopper@omnifarious.org>
#
# This software may be used and distributed according to the terms of the
# GNU General Public License version 2 or any later version.
#
# This was originally copied from the public domain code at
# http://www.python.org/dev/peps/pep-0333/#the-server-gateway-side
from __future__ import absolute_import
import os
from ..pycompat import getattr
from .. import pycompat
from ..utils import procutil
from . import common
def launch(application):
procutil.setbinary(procutil.stdin)
procutil.setbinary(procutil.stdout)
environ = dict(pycompat.iteritems(os.environ)) # re-exports
environ.setdefault('PATH_INFO', b'')
if environ.get('SERVER_SOFTWARE', '').startswith('Microsoft-IIS'):
# IIS includes script_name in PATH_INFO
scriptname = environ['SCRIPT_NAME']
if environ['PATH_INFO'].startswith(scriptname):
environ['PATH_INFO'] = environ['PATH_INFO'][len(scriptname) :]
stdin = procutil.stdin
if environ.get('HTTP_EXPECT', '').lower() == '100-continue':
stdin = common.continuereader(stdin, procutil.stdout.write)
environ['wsgi.input'] = stdin
environ['wsgi.errors'] = procutil.stderr
environ['wsgi.version'] = (1, 0)
environ['wsgi.multithread'] = False
environ['wsgi.multiprocess'] = True
environ['wsgi.run_once'] = True
if environ.get('HTTPS', 'off').lower() in ('on', '1', 'yes'):
environ['wsgi.url_scheme'] = 'https'
else:
environ['wsgi.url_scheme'] = 'http'
headers_set = []
headers_sent = []
out = procutil.stdout
def write(data):
if not headers_set:
raise AssertionError(b"write() before start_response()")
elif not headers_sent:
# Before the first output, send the stored headers
status, response_headers = headers_sent[:] = headers_set
out.write(b'Status: %s\r\n' % pycompat.bytesurl(status))
for hk, hv in response_headers:
out.write(
b'%s: %s\r\n'
% (pycompat.bytesurl(hk), pycompat.bytesurl(hv))
)
out.write(b'\r\n')
out.write(data)
out.flush()
def start_response(status, response_headers, exc_info=None):
if exc_info:
try:
if headers_sent:
# Re-raise original exception if headers sent
raise exc_info[0](exc_info[1], exc_info[2])
finally:
exc_info = None # avoid dangling circular ref
elif headers_set:
raise AssertionError(b"Headers already set!")
headers_set[:] = [status, response_headers]
return write
content = application(environ, start_response)
try:
for chunk in content:
write(chunk)
if not headers_sent:
write(b'') # send headers now if body was empty
finally:
getattr(content, 'close', lambda: None)()