From daba7e0abe4a5642543676e966298b08dee83eb9 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Thu, 12 Apr 2018 14:24:08 +0200 Subject: inets: Gracefully handle bad headers max_headers operated on the individual header length instead of the total length of all headers. Also headers with empty keys are now discarded. --- lib/inets/src/http_lib/http_request.erl | 6 ++++-- lib/inets/src/http_server/httpd_request.erl | 6 +++--- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/lib/inets/src/http_lib/http_request.erl b/lib/inets/src/http_lib/http_request.erl index f68b233e10..8ca1542164 100644 --- a/lib/inets/src/http_lib/http_request.erl +++ b/lib/inets/src/http_lib/http_request.erl @@ -27,10 +27,12 @@ key_value(KeyValueStr) -> case lists:splitwith(fun($:) -> false; (_) -> true end, KeyValueStr) of - {Key, [$: | Value]} -> + {Key, [$: | Value]} when Key =/= [] -> {http_util:to_lower(string:strip(Key)), string:strip(Value)}; {_, []} -> - undefined + undefined; + _ -> + undefined end. %%------------------------------------------------------------------------- %% headers(HeaderList, #http_request_h{}) -> #http_request_h{} diff --git a/lib/inets/src/http_server/httpd_request.erl b/lib/inets/src/http_server/httpd_request.erl index 007d272323..e513eb8a3a 100644 --- a/lib/inets/src/http_server/httpd_request.erl +++ b/lib/inets/src/http_server/httpd_request.erl @@ -259,17 +259,17 @@ parse_headers(<>, Header, Headers, Current, Max, %% If ?CR is is missing RFC2616 section-19.3 parse_headers(<>, Header, Headers, Current, Max, Options, Result); -parse_headers(<>, Header, Headers, _, Max, +parse_headers(<>, Header, Headers, Current, Max, Options, Result) -> case http_request:key_value(lists:reverse(Header)) of undefined -> %% Skip headers with missing : parse_headers(Rest, [Octet], Headers, - 0, Max, Options, Result); + Current, Max, Options, Result); NewHeader -> case check_header(NewHeader, Options) of ok -> parse_headers(Rest, [Octet], [NewHeader | Headers], - 0, Max, Options, Result); + Current, Max, Options, Result); {error, Reason} -> HttpVersion = lists:nth(3, lists:reverse(Result)), {error, Reason, HttpVersion} -- cgit v1.2.3 From abd5642652c564fbcd65c77e62ccc170d737ea8a Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Tue, 5 Jun 2018 11:57:43 +0200 Subject: Prepare release --- erts/doc/src/notes.xml | 25 +++++++++++++++++++++++++ erts/vsn.mk | 2 +- lib/erl_docgen/doc/src/notes.xml | 17 ++++++++++++++++- lib/inets/doc/src/notes.xml | 21 ++++++++++++++++++++- lib/inets/vsn.mk | 2 +- 5 files changed, 63 insertions(+), 4 deletions(-) diff --git a/erts/doc/src/notes.xml b/erts/doc/src/notes.xml index 8bd8e6c7b8..31411cc1a2 100644 --- a/erts/doc/src/notes.xml +++ b/erts/doc/src/notes.xml @@ -31,6 +31,31 @@

This document describes the changes made to the ERTS application.

+
Erts 9.3.2 + +
Fixed Bugs and Malfunctions + + +

+ Fixed bug in enif_binary_to_term which could cause + memory corruption for immediate terms (atoms, small + integers, pids, ports, empty lists).

+

+ Own Id: OTP-15080

+ + +

+ Fixed bug in erlang:system_profile/2 that could + cause superfluous {profile,_,active,_,_} messages + for terminating processes.

+

+ Own Id: OTP-15085

+ + +
+ +
+
Erts 9.3.1
Fixed Bugs and Malfunctions diff --git a/erts/vsn.mk b/erts/vsn.mk index 25acd9cc34..687c62343e 100644 --- a/erts/vsn.mk +++ b/erts/vsn.mk @@ -18,7 +18,7 @@ # %CopyrightEnd% # -VSN = 9.3.1 +VSN = 9.3.2 # Port number 4365 in 4.2 # Port number 4366 in 4.3 diff --git a/lib/erl_docgen/doc/src/notes.xml b/lib/erl_docgen/doc/src/notes.xml index 2652b4b0c8..f75d2af5c4 100644 --- a/lib/erl_docgen/doc/src/notes.xml +++ b/lib/erl_docgen/doc/src/notes.xml @@ -31,7 +31,22 @@

This document describes the changes made to the erl_docgen application.

-
Erl_Docgen 0.7.2 +
Erl_Docgen 0.7.3 + +
Fixed Bugs and Malfunctions + + +

Update makefile so db_funcs.xsl is a part of the + installed application.

+

+ Own Id: OTP-15091

+ + +
+ +
+ +
Erl_Docgen 0.7.2
Fixed Bugs and Malfunctions diff --git a/lib/inets/doc/src/notes.xml b/lib/inets/doc/src/notes.xml index 672ef49c0c..a6af1e834e 100644 --- a/lib/inets/doc/src/notes.xml +++ b/lib/inets/doc/src/notes.xml @@ -33,7 +33,26 @@ notes.xml -
Inets 6.5.1 +
Inets 6.5.2 + +
Fixed Bugs and Malfunctions + + +

+ inets: httpd - Gracefully handle bad headers

+

+ The option max_headers operated on the individual header + length instead of the total length of all headers. Also + headers with empty keys are now discarded.

+

+ Own Id: OTP-15092

+ + +
+ +
+ +
Inets 6.5.1
Fixed Bugs and Malfunctions diff --git a/lib/inets/vsn.mk b/lib/inets/vsn.mk index 3a489357ff..9bbcd06914 100644 --- a/lib/inets/vsn.mk +++ b/lib/inets/vsn.mk @@ -19,6 +19,6 @@ # %CopyrightEnd% APPLICATION = inets -INETS_VSN = 6.5.1 +INETS_VSN = 6.5.2 PRE_VSN = APP_VSN = "$(APPLICATION)-$(INETS_VSN)$(PRE_VSN)" -- cgit v1.2.3 From cfaede58328ace4bb4fb7c5e1b055e420c0ded9a Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Tue, 5 Jun 2018 11:57:45 +0200 Subject: Updated OTP version --- OTP_VERSION | 2 +- otp_versions.table | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/OTP_VERSION b/OTP_VERSION index aae1179bab..264e3d1a33 100644 --- a/OTP_VERSION +++ b/OTP_VERSION @@ -1 +1 @@ -20.3.6 +20.3.7 diff --git a/otp_versions.table b/otp_versions.table index 90f3ea754d..000fe83ca3 100644 --- a/otp_versions.table +++ b/otp_versions.table @@ -1,3 +1,4 @@ +OTP-20.3.7 : erl_docgen-0.7.3 erts-9.3.2 inets-6.5.2 # asn1-5.0.5 common_test-1.15.4 compiler-7.1.5 cosEvent-2.2.2 cosEventDomain-1.2.2 cosFileTransfer-1.2.2 cosNotification-1.2.3 cosProperty-1.2.3 cosTime-1.2.3 cosTransactions-1.3.3 crypto-4.2.2 debugger-4.2.4 dialyzer-3.2.4 diameter-2.1.4 edoc-0.9.2 eldap-1.2.3 erl_interface-3.10.2 et-1.6.1 eunit-2.3.5 hipe-3.17.1 ic-4.4.4 jinterface-1.8.1 kernel-5.4.3 megaco-3.18.3 mnesia-4.15.3 observer-2.7 odbc-2.12.1 orber-3.8.4 os_mon-2.4.4 otp_mibs-1.1.2 parsetools-2.1.6 public_key-1.5.2 reltool-0.7.5 runtime_tools-1.12.5 sasl-3.1.2 snmp-5.2.10 ssh-4.6.9 ssl-8.2.6 stdlib-3.4.5 syntax_tools-2.1.4 tools-2.11.2 wx-1.8.3 xmerl-1.3.16 : OTP-20.3.6 : crypto-4.2.2 ssh-4.6.9 # asn1-5.0.5 common_test-1.15.4 compiler-7.1.5 cosEvent-2.2.2 cosEventDomain-1.2.2 cosFileTransfer-1.2.2 cosNotification-1.2.3 cosProperty-1.2.3 cosTime-1.2.3 cosTransactions-1.3.3 debugger-4.2.4 dialyzer-3.2.4 diameter-2.1.4 edoc-0.9.2 eldap-1.2.3 erl_docgen-0.7.2 erl_interface-3.10.2 erts-9.3.1 et-1.6.1 eunit-2.3.5 hipe-3.17.1 ic-4.4.4 inets-6.5.1 jinterface-1.8.1 kernel-5.4.3 megaco-3.18.3 mnesia-4.15.3 observer-2.7 odbc-2.12.1 orber-3.8.4 os_mon-2.4.4 otp_mibs-1.1.2 parsetools-2.1.6 public_key-1.5.2 reltool-0.7.5 runtime_tools-1.12.5 sasl-3.1.2 snmp-5.2.10 ssl-8.2.6 stdlib-3.4.5 syntax_tools-2.1.4 tools-2.11.2 wx-1.8.3 xmerl-1.3.16 : OTP-20.3.5 : erts-9.3.1 ssl-8.2.6 # asn1-5.0.5 common_test-1.15.4 compiler-7.1.5 cosEvent-2.2.2 cosEventDomain-1.2.2 cosFileTransfer-1.2.2 cosNotification-1.2.3 cosProperty-1.2.3 cosTime-1.2.3 cosTransactions-1.3.3 crypto-4.2.1 debugger-4.2.4 dialyzer-3.2.4 diameter-2.1.4 edoc-0.9.2 eldap-1.2.3 erl_docgen-0.7.2 erl_interface-3.10.2 et-1.6.1 eunit-2.3.5 hipe-3.17.1 ic-4.4.4 inets-6.5.1 jinterface-1.8.1 kernel-5.4.3 megaco-3.18.3 mnesia-4.15.3 observer-2.7 odbc-2.12.1 orber-3.8.4 os_mon-2.4.4 otp_mibs-1.1.2 parsetools-2.1.6 public_key-1.5.2 reltool-0.7.5 runtime_tools-1.12.5 sasl-3.1.2 snmp-5.2.10 ssh-4.6.8 stdlib-3.4.5 syntax_tools-2.1.4 tools-2.11.2 wx-1.8.3 xmerl-1.3.16 : OTP-20.3.4 : erl_interface-3.10.2 ic-4.4.4 inets-6.5.1 ssh-4.6.8 # asn1-5.0.5 common_test-1.15.4 compiler-7.1.5 cosEvent-2.2.2 cosEventDomain-1.2.2 cosFileTransfer-1.2.2 cosNotification-1.2.3 cosProperty-1.2.3 cosTime-1.2.3 cosTransactions-1.3.3 crypto-4.2.1 debugger-4.2.4 dialyzer-3.2.4 diameter-2.1.4 edoc-0.9.2 eldap-1.2.3 erl_docgen-0.7.2 erts-9.3 et-1.6.1 eunit-2.3.5 hipe-3.17.1 jinterface-1.8.1 kernel-5.4.3 megaco-3.18.3 mnesia-4.15.3 observer-2.7 odbc-2.12.1 orber-3.8.4 os_mon-2.4.4 otp_mibs-1.1.2 parsetools-2.1.6 public_key-1.5.2 reltool-0.7.5 runtime_tools-1.12.5 sasl-3.1.2 snmp-5.2.10 ssl-8.2.5 stdlib-3.4.5 syntax_tools-2.1.4 tools-2.11.2 wx-1.8.3 xmerl-1.3.16 : -- cgit v1.2.3