W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2006

Use of 1*DIGIT

From: Travis Snoozy (Volt) <a-travis@microsoft.com>
Date: Thu, 21 Dec 2006 12:22:00 -0800
To: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Message-ID: <86EDC3963F04D546BED8996F77D290F6049D11793B@NA-EXMSG-C138.redmond.corp.microsoft.com>

There are many instances in the spec that have 1*DIGIT (and one instance of 1*HEX), where the number needs to be parsed for, e.g., a length. This practically forces an implementation to choose between using bignums everywhere (in case, e.g., they start talking to an implementation with a bigger native word size), or to assume that everybody can and will be able to use a word size of some fixed amount.

If I were the betting type, I'd say that implementations probably operate on the latter more than they do the former. In either case, how an implementation is supposed to deal with too-large numbers is not specified. Content-Length, Content-Range, Byte-Ranges, Age, Cache-Control, Retry-After, and the chunked transfer encoding are probably all susceptible to mischief if you place values past the 4Gi mark into them (assuming a 32-bit world and a general lack of oversize checks, of course).

Anyone know how Apache handles this, off the top of their heads? Squid? Other servers? Clients?


Thanks,

-- Travis
Received on Thursday, 21 December 2006 20:22:16 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:49:53 GMT