Skip Menu |

This queue is for tickets about the Net-HTTPServer CPAN distribution.

Report information
The Basics
Id: 39220
Status: new
Priority: 0/
Queue: Net-HTTPServer

Owner: Nobody in particular
Requestors: jw [...]

Bug Information
Severity: (no value)
Broken in: 1.1.1
Fixed in: (no value)

Subject: wide character in syswrite()
Download (untitled) / with headers
text/plain 414b
Net::HTTPServer-1.1.1 is vulnerable to inhection of unencoded unicode strings. It handles them allright, until we hit syswrite in Net::HTTPServer::_send_data(), which fails with an error message like this: Wide character in syswrite at /usr/lib/perl5/5.10.0/x86_64-linux-thread-multi/IO/ line 460. The attached fix takes care that the response body is always utf8::encode()ed properly when needed.
Subject: handle_wide_char.diff
--- Net-HTTPServer-1.1.1/lib/Net/HTTPServer/ 2005-01-06 04:58:16.000000000 +0100 +++ Net-HTTPServer-1.1.1/lib/Net/HTTPServer/ 2008-09-12 15:39:09.169964000 +0200 @@ -72,6 +72,9 @@ Returns the current value of the response body. Sets the content of the response if a value is specified. +Body() always returns the value as a utf8::encode()ed string. +As a parameter it accepts both, perl unicode wide character strings +or utf8 encoded byte strings. =head2 Clear() @@ -194,7 +197,11 @@ my $self = shift; my $body = shift; - return $self->{BODY} unless defined($body); + unless (defined $body) + { + utf8::encode $self->{BODY} if utf8::is_utf8 $self->{BODY}; + return $self->{BODY}; + } $self->{BODY} = $body; } @@ -401,7 +408,7 @@ chomp($header); $header .= "\r\n\r\n"; - return ($header,$self->{BODY}); + return ($header,$self->Body()); }
From: jw [...]
Download (untitled) / with headers
text/plain 152b applies patches for both rt24361 and rt39220 ontop of version 1.1.1 we call it 1.1.1a there.

This service is sponsored and maintained by Best Practical Solutions and runs on infrastructure.

Please report any issues with to