W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2006

RE: Use of 1*DIGIT

From: Paul Leach <paulle@windows.microsoft.com>
Date: Thu, 21 Dec 2006 15:21:34 -0800
Message-ID: <76323E9F0A911944A4E9225FACFC55BA031F61C2@WIN-MSG-20.wingroup.windeploy.ntdev.microsoft.com>
To: "Travis Snoozy (Volt)" <a-travis@microsoft.com>, <ietf-http-wg@w3.org>

There will be lots of cases where the syntax says something is legal,
but the semantics or an implementation say it isn't. This seems like one
of those, and unless there isn't an appropriate 5xx series error code
for any particular case, I don't think said case would be a problem.

In this case, a 64 bit implementation could handle lengths that a 32
versions couldn't. 

I don't see that we need to note every place in the syntax where this
problem could arise, just like we don't need to be explicit that
implementers shouldn't code buffer overflows.

-----Original Message-----
From: ietf-http-wg-request@w3.org [mailto:ietf-http-wg-request@w3.org]
On Behalf Of Travis Snoozy (Volt)
Sent: Thursday, December 21, 2006 12:22 PM
To: ietf-http-wg@w3.org
Subject: Use of 1*DIGIT

There are many instances in the spec that have 1*DIGIT (and one instance
of 1*HEX), where the number needs to be parsed for, e.g., a length. This
practically forces an implementation to choose between using bignums
everywhere (in case, e.g., they start talking to an implementation with
a bigger native word size), or to assume that everybody can and will be
able to use a word size of some fixed amount.

If I were the betting type, I'd say that implementations probably
operate on the latter more than they do the former. In either case, how
an implementation is supposed to deal with too-large numbers is not
specified. Content-Length, Content-Range, Byte-Ranges, Age,
Cache-Control, Retry-After, and the chunked transfer encoding are
probably all susceptible to mischief if you place values past the 4Gi
mark into them (assuming a 32-bit world and a general lack of oversize
checks, of course).

Anyone know how Apache handles this, off the top of their heads? Squid?
Other servers? Clients?


-- Travis
Received on Thursday, 21 December 2006 23:22:31 UTC

This archive was generated by hypermail 2.3.1 : Monday, 9 September 2019 17:47:10 UTC