Project

General

Profile

Backport #4098

URI.decode_www_form hangs for some input strings

Added by iconara (Theo Hultberg) over 8 years ago. Updated about 8 years ago.

Status:
Closed
Priority:
Normal
[ruby-core:33464]

Description

=begin
Running

require 'uri'
URI.decode_www_form('a=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&b')

will hang seemingly forever. If you decrease the number of A's you will eventually see that it just takes a very, very long time to realize that the string is a malformed query string (there's no = in the last parameter). The culprit is line 828 of uri/common.rb, which looks like this:

unless /\A#{WFKV_}=#{WFKV_}(?:[;&]#{WFKV_}=#{WFKV_})*\z/o =~ str

I haven't even tried to decode that regexp, but it's clear that with a string like the one above it will take a very long time to realize that it can't match.
=end

History

#1

Updated by nobu (Nobuyoshi Nakada) over 8 years ago

  • Status changed from Open to Closed
  • % Done changed from 0 to 100

=begin
This issue was solved with changeset r29976.
Theo, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.

=end

#2

Updated by nobu (Nobuyoshi Nakada) over 8 years ago

  • Category set to lib
  • Status changed from Closed to Assigned
  • Assignee set to yugui (Yuki Sonoda)

=begin

=end

#3

Updated by yugui (Yuki Sonoda) over 8 years ago

  • Status changed from Assigned to Closed

=begin
This issue was solved with changeset r30306.
Theo, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.

=end

Also available in: Atom PDF