Merge commit '723b0ab24e01cb1360008cc1300d9940bdd7815a'

Mirroring · Mirroring · commit 6353f3e46a49 · 2024-10-02T21:38:55.000Z
diff --git a/src/Servers/HttpSys/src/LoggerEventIds.cs b/src/Servers/HttpSys/src/LoggerEventIds.cs
@@ -55,5 +55,6 @@ internal static class LoggerEventIds
         public static readonly EventId ListenerDisposing = new EventId(46, "ListenerDisposing");
         public static readonly EventId RequestValidationFailed = new EventId(47, "RequestValidationFailed");
         public static readonly EventId CreateDisconnectTokenError = new EventId(48, "CreateDisconnectTokenError");
+        public static readonly EventId RequestParsingError = new EventId(54, "RequestParsingError");
     }
 }
diff --git a/src/Servers/HttpSys/src/RequestProcessing/Request.cs b/src/Servers/HttpSys/src/RequestProcessing/Request.cs
@@ -42,143 +42,150 @@ internal Request(RequestContext requestContext)
         {
             // TODO: Verbose log
             RequestContext = requestContext;
-            _contentBoundaryType = BoundaryType.None;
 
-            RequestId = requestContext.RequestId;
-            // For HTTP/2 Http.Sys assigns each request a unique connection id for use with API calls, but the RawConnectionId represents the real connection.
-            UConnectionId = requestContext.ConnectionId;
-            RawConnectionId = requestContext.RawConnectionId;
-            SslStatus = requestContext.SslStatus;
+            try
+            {
+                _contentBoundaryType = BoundaryType.None;
 
-            KnownMethod = requestContext.VerbId;
-            Method = requestContext.GetVerb()!;
+                RequestId = requestContext.RequestId;
+                // For HTTP/2 Http.Sys assigns each request a unique connection id for use with API calls, but the RawConnectionId represents the real connection.
+                UConnectionId = requestContext.ConnectionId;
+                RawConnectionId = requestContext.RawConnectionId;
+                SslStatus = requestContext.SslStatus;
 
-            RawUrl = requestContext.GetRawUrl()!;
+                KnownMethod = requestContext.VerbId;
+                Method = requestContext.GetVerb()!;
 
-            var cookedUrl = requestContext.GetCookedUrl();
-            QueryString = cookedUrl.GetQueryString() ?? string.Empty;
+                RawUrl = requestContext.GetRawUrl()!;
 
-            var rawUrlInBytes = requestContext.GetRawUrlInBytes();
-            var originalPath = RequestUriBuilder.DecodeAndUnescapePath(rawUrlInBytes);
+                var cookedUrl = requestContext.GetCookedUrl();
+                QueryString = cookedUrl.GetQueryString() ?? string.Empty;
 
-            PathBase = string.Empty;
-            Path = originalPath;
-            var prefix = requestContext.Server.Options.UrlPrefixes.GetPrefix((int)requestContext.UrlContext);
+                var rawUrlInBytes = requestContext.GetRawUrlInBytes();
+                var originalPath = RequestUriBuilder.DecodeAndUnescapePath(rawUrlInBytes);
 
-            // 'OPTIONS * HTTP/1.1'
-            if (KnownMethod == HttpApiTypes.HTTP_VERB.HttpVerbOPTIONS && string.Equals(RawUrl, "*", StringComparison.Ordinal))
-            {
                 PathBase = string.Empty;
-                Path = string.Empty;
-            }
-            // Prefix may be null if the request has been transfered to our queue
-            else if (prefix is not null)
-            {
-                var pathBase = prefix.PathWithoutTrailingSlash;
-                // url: /base/path, prefix: /base/, base: /base, path: /path
-                // url: /, prefix: /, base: , path: /
-                if (originalPath.Equals(pathBase, StringComparison.Ordinal))
-                {
-                    // Exact match, no need to preserve the casing
-                    PathBase = pathBase;
-                    Path = string.Empty;
-                }
-                else if (originalPath.Equals(pathBase, StringComparison.OrdinalIgnoreCase))
+                Path = originalPath;
+                var prefix = requestContext.Server.Options.UrlPrefixes.GetPrefix((int)requestContext.UrlContext);
+
+                // 'OPTIONS * HTTP/1.1'
+                if (KnownMethod == HttpApiTypes.HTTP_VERB.HttpVerbOPTIONS && string.Equals(RawUrl, "*", StringComparison.Ordinal))
                 {
-                    // Preserve the user input casing
-                    PathBase = originalPath;
+                    PathBase = string.Empty;
                     Path = string.Empty;
                 }
-                else if (originalPath.StartsWith(prefix.Path, StringComparison.Ordinal))
-                {
-                    // Exact match, no need to preserve the casing
-                    PathBase = pathBase;
-                    Path = originalPath[pathBase.Length..];
-                }
-                else if (originalPath.StartsWith(prefix.Path, StringComparison.OrdinalIgnoreCase))
-                {
-                    // Preserve the user input casing
-                    PathBase = originalPath[..pathBase.Length];
-                    Path = originalPath[pathBase.Length..];
-                }
-                else
+                // Prefix may be null if the request has been transfered to our queue
+                else if (prefix is not null)
                 {
-                    // Http.Sys path base matching is based on the cooked url which applies some non-standard normalizations that we don't use
-                    // like collapsing duplicate slashes "//", converting '\' to '/', and un-escaping "%2F" to '/'. Find the right split and
-                    // ignore the normalizations.
-                    var originalOffset = 0;
-                    var baseOffset = 0;
-                    while (originalOffset < originalPath.Length && baseOffset < pathBase.Length)
+                    var pathBase = prefix.PathWithoutTrailingSlash;
+                    // url: /base/path, prefix: /base/, base: /base, path: /path
+                    // url: /, prefix: /, base: , path: /
+                    if (originalPath.Equals(pathBase, StringComparison.Ordinal))
                     {
-                        var baseValue = pathBase[baseOffset];
-                        var offsetValue = originalPath[originalOffset];
-                        if (baseValue == offsetValue
-                            || char.ToUpperInvariant(baseValue) == char.ToUpperInvariant(offsetValue))
-                        {
-                            // case-insensitive match, continue
-                            originalOffset++;
-                            baseOffset++;
-                        }
-                        else if (baseValue == '/' && offsetValue == '\\')
-                        {
-                            // Http.Sys considers these equivalent
-                            originalOffset++;
-                            baseOffset++;
-                        }
-                        else if (baseValue == '/' && originalPath.AsSpan(originalOffset).StartsWith("%2F", StringComparison.OrdinalIgnoreCase))
-                        {
-                            // Http.Sys un-escapes this
-                            originalOffset += 3;
-                            baseOffset++;
-                        }
-                        else if (baseOffset > 0 && pathBase[baseOffset - 1] == '/'
-                            && (offsetValue == '/' || offsetValue == '\\'))
-                        {
-                            // Duplicate slash, skip
-                            originalOffset++;
-                        }
-                        else if (baseOffset > 0 && pathBase[baseOffset - 1] == '/'
-                            && originalPath.AsSpan(originalOffset).StartsWith("%2F", StringComparison.OrdinalIgnoreCase))
-                        {
-                            // Duplicate slash equivalent, skip
-                            originalOffset += 3;
-                        }
-                        else
+                        // Exact match, no need to preserve the casing
+                        PathBase = pathBase;
+                        Path = string.Empty;
+                    }
+                    else if (originalPath.Equals(pathBase, StringComparison.OrdinalIgnoreCase))
+                    {
+                        // Preserve the user input casing
+                        PathBase = originalPath;
+                        Path = string.Empty;
+                    }
+                    else if (originalPath.StartsWith(prefix.Path, StringComparison.Ordinal))
+                    {
+                        // Exact match, no need to preserve the casing
+                        PathBase = pathBase;
+                        Path = originalPath[pathBase.Length..];
+                    }
+                    else if (originalPath.StartsWith(prefix.Path, StringComparison.OrdinalIgnoreCase))
+                    {
+                        // Preserve the user input casing
+                        PathBase = originalPath[..pathBase.Length];
+                        Path = originalPath[pathBase.Length..];
+                    }
+                    else
+                    {
+                        // Http.Sys path base matching is based on the cooked url which applies some non-standard normalizations that we don't use
+                        // like collapsing duplicate slashes "//", converting '\' to '/', and un-escaping "%2F" to '/'. Find the right split and
+                        // ignore the normalizations.
+                        var originalOffset = 0;
+                        var baseOffset = 0;
+                        while (originalOffset < originalPath.Length && baseOffset < pathBase.Length)
                         {
-                            // Mismatch, fall back
-                            // The failing test case here is "/base/call//../ball//path1//path2", reduced to "/base/call/ball//path1//path2",
-                            // where http.sys collapses "//" before "../", but we do "../" first. We've lost the context that there were dot segments,
-                            // or duplicate slashes, how do we figure out that "call/" can be eliminated?
-                            originalOffset = 0;
-                            break;
+                            var baseValue = pathBase[baseOffset];
+                            var offsetValue = originalPath[originalOffset];
+                            if (baseValue == offsetValue
+                                || char.ToUpperInvariant(baseValue) == char.ToUpperInvariant(offsetValue))
+                            {
+                                // case-insensitive match, continue
+                                originalOffset++;
+                                baseOffset++;
+                            }
+                            else if (baseValue == '/' && offsetValue == '\\')
+                            {
+                                // Http.Sys considers these equivalent
+                                originalOffset++;
+                                baseOffset++;
+                            }
+                            else if (baseValue == '/' && originalPath.AsSpan(originalOffset).StartsWith("%2F", StringComparison.OrdinalIgnoreCase))
+                            {
+                                // Http.Sys un-escapes this
+                                originalOffset += 3;
+                                baseOffset++;
+                            }
+                            else if (baseOffset > 0 && pathBase[baseOffset - 1] == '/'
+                                && (offsetValue == '/' || offsetValue == '\\'))
+                            {
+                                // Duplicate slash, skip
+                                originalOffset++;
+                            }
+                            else if (baseOffset > 0 && pathBase[baseOffset - 1] == '/'
+                                && originalPath.AsSpan(originalOffset).StartsWith("%2F", StringComparison.OrdinalIgnoreCase))
+                            {
+                                // Duplicate slash equivalent, skip
+                                originalOffset += 3;
+                            }
+                            else
+                            {
+                                // Mismatch, fall back
+                                // The failing test case here is "/base/call//../ball//path1//path2", reduced to "/base/call/ball//path1//path2",
+                                // where http.sys collapses "//" before "../", but we do "../" first. We've lost the context that there were dot segments,
+                                // or duplicate slashes, how do we figure out that "call/" can be eliminated?
+                                originalOffset = 0;
+                                break;
+                            }
                         }
+                        PathBase = originalPath[..originalOffset];
+                        Path = originalPath[originalOffset..];
                     }
-                    PathBase = originalPath[..originalOffset];
-                    Path = originalPath[originalOffset..];
                 }
-            }
-            else if (requestContext.Server.Options.UrlPrefixes.TryMatchLongestPrefix(IsHttps, cookedUrl.GetHost()!, originalPath, out var pathBase, out var path))
-            {
-                PathBase = pathBase;
-                Path = path;
-            }
+                else if (requestContext.Server.Options.UrlPrefixes.TryMatchLongestPrefix(IsHttps, cookedUrl.GetHost()!, originalPath, out var pathBase, out var path))
+                {
+                    PathBase = pathBase;
+                    Path = path;
+                }
 
-            ProtocolVersion = RequestContext.GetVersion();
+                ProtocolVersion = RequestContext.GetVersion();
 
-            Headers = new RequestHeaders(RequestContext);
+                Headers = new RequestHeaders(RequestContext);
 
-            User = RequestContext.GetUser();
+                User = RequestContext.GetUser();
 
-            if (IsHttps)
-            {
-                GetTlsHandshakeResults();
-            }
+                if (IsHttps)
+                {
+                    GetTlsHandshakeResults();
+                }
 
-            // GetTlsTokenBindingInfo(); TODO: https://github.com/aspnet/HttpSysServer/issues/231
+                // GetTlsTokenBindingInfo(); TODO: https://github.com/aspnet/HttpSysServer/issues/231
 
-            // Finished directly accessing the HTTP_REQUEST structure.
-            RequestContext.ReleasePins();
-            // TODO: Verbose log parameters
+            }
+            finally
+            {
+                // Finished directly accessing the HTTP_REQUEST structure.
+                RequestContext.ReleasePins();
+                // TODO: Verbose log parameters
+            }
         }
 
         internal ulong UConnectionId { get; }
diff --git a/src/Servers/HttpSys/src/RequestProcessing/RequestContext.FeatureCollection.cs b/src/Servers/HttpSys/src/RequestProcessing/RequestContext.FeatureCollection.cs
@@ -69,6 +69,7 @@ internal partial class RequestContext :
         private bool _bodyCompleted;
         private IHeaderDictionary _responseHeaders = default!;
         private IHeaderDictionary? _responseTrailers;
+        private ulong? _requestId;
 
         private Fields _initializedFields;
 
@@ -103,11 +104,26 @@ private enum Fields
             TraceIdentifier = 0x200,
         }
 
-        protected internal void InitializeFeatures()
+        protected internal bool InitializeFeatures()
         {
             _initialized = true;
 
-            Request = new Request(this);
+            // Get the ID before creating the Request object as it releases the native memory
+            // We want the ID in case request processing fails and we need the ID to cancel the native request
+            _requestId = RequestId;
+            try
+            {
+                Request = new Request(this);
+            }
+            catch (Exception ex)
+            {
+                Log.RequestParsingError(Logger, ex);
+                // Synchronously calls Http.Sys and tells it to send an http response
+                // No one has written to the response yet (haven't even created the response object below)
+                Server.SendError(_requestId.Value, StatusCodes.Status400BadRequest, authChallenges: null);
+                return false;
+            }
+
             Response = new Response(this);
 
             _features = new FeatureCollection(new StandardFeatureCollection(this));
@@ -129,6 +145,7 @@ protected internal void InitializeFeatures()
 
             _responseStream = new ResponseStream(Response.Body, OnResponseStart);
             _responseHeaders = Response.Headers;
+            return true;
         }
 
 
diff --git a/src/Servers/HttpSys/src/RequestProcessing/RequestContext.Log.cs b/src/Servers/HttpSys/src/RequestProcessing/RequestContext.Log.cs
@@ -19,6 +19,9 @@ private static class Log
             private static readonly Action<ILogger, Exception?> _channelBindingRetrieved =
                 LoggerMessage.Define(LogLevel.Debug, LoggerEventIds.ChannelBindingRetrieved, "Channel binding retrieved.");
 
+            private static readonly Action<ILogger, Exception?> _requestParsingError =
+                LoggerMessage.Define(LogLevel.Debug, LoggerEventIds.RequestParsingError, "Failed to parse request.");
+
             public static void AbortError(ILogger logger, Exception exception)
             {
                 _abortError(logger, exception);
@@ -33,6 +36,11 @@ public static void ChannelBindingRetrieved(ILogger logger)
             {
                 _channelBindingRetrieved(logger, null);
             }
+
+            public static void RequestParsingError(ILogger logger, Exception exception)
+            {
+                _requestParsingError(logger, exception);
+            }
         }
     }
 }
diff --git a/src/Servers/HttpSys/src/RequestProcessing/RequestContext.cs b/src/Servers/HttpSys/src/RequestProcessing/RequestContext.cs
@@ -186,9 +186,11 @@ public void Abort()
                 _disconnectToken = new CancellationToken(canceled: true);
             }
             ForceCancelRequest();
-            Request.Dispose();
+            // Request and/or Response can be null (even though the property doesn't say it can)
+            // if the constructor throws (can happen for invalid path format)
+            Request?.Dispose();
             // Only Abort, Response.Dispose() tries a graceful flush
-            Response.Abort();
+            Response?.Abort();
         }
 
         private static void Abort(object? state)
@@ -207,15 +209,22 @@ internal void ForceCancelRequest()
         {
             try
             {
+                // Shouldn't be able to get here when this is null, but just in case we'll noop
+                if (_requestId is null)
+                {
+                    return;
+                }
+
                 var statusCode = HttpApi.HttpCancelHttpRequest(Server.RequestQueue.Handle,
-                    Request.RequestId, IntPtr.Zero);
+                    _requestId.Value, IntPtr.Zero);
 
                 // Either the connection has already dropped, or the last write is in progress.
                 // The requestId becomes invalid as soon as the last Content-Length write starts.
                 // The only way to cancel now is with CancelIoEx.
                 if (statusCode == UnsafeNclNativeMethods.ErrorCodes.ERROR_CONNECTION_INVALID)
                 {
-                    Response.CancelLastWrite();
+                    // Can be null if processing the request threw and the response object was never created.
+                    Response?.CancelLastWrite();
                 }
             }
             catch (ObjectDisposedException)
diff --git a/src/Servers/HttpSys/src/RequestProcessing/RequestContextOfT.cs b/src/Servers/HttpSys/src/RequestProcessing/RequestContextOfT.cs
@@ -29,7 +29,11 @@ public override async Task ExecuteAsync()
 
             try
             {
-                InitializeFeatures();
+                if (!InitializeFeatures())
+                {
+                    Abort();
+                    return;
+                }
 
                 if (messagePump.Stopping)
                 {
diff --git a/src/Servers/HttpSys/test/FunctionalTests/Listener/RequestTests.cs b/src/Servers/HttpSys/test/FunctionalTests/Listener/RequestTests.cs
diff --git a/src/Servers/HttpSys/test/FunctionalTests/RequestTests.cs b/src/Servers/HttpSys/test/FunctionalTests/RequestTests.cs
diff --git a/src/Servers/HttpSys/test/FunctionalTests/ResponseSendFileTests.cs b/src/Servers/HttpSys/test/FunctionalTests/ResponseSendFileTests.cs

Original file line number	Diff line number	Diff line change
`@@ -55,5 +55,6 @@ internal static class LoggerEventIds`
`55`	`55`	`public static readonly EventId ListenerDisposing = new EventId(46, "ListenerDisposing");`
`56`	`56`	`public static readonly EventId RequestValidationFailed = new EventId(47, "RequestValidationFailed");`
`57`	`57`	`public static readonly EventId CreateDisconnectTokenError = new EventId(48, "CreateDisconnectTokenError");`
	`58`	`+ public static readonly EventId RequestParsingError = new EventId(54, "RequestParsingError");`
`58`	`59`	`}`
`59`	`60`	`}`
Original file line number	Diff line number	Diff line change
`@@ -19,6 +19,9 @@ private static class Log`
`19`	`19`	`private static readonly Action<ILogger, Exception?> _channelBindingRetrieved =`
`20`	`20`	`LoggerMessage.Define(LogLevel.Debug, LoggerEventIds.ChannelBindingRetrieved, "Channel binding retrieved.");`
`21`	`21`
	`22`	`+ private static readonly Action<ILogger, Exception?> _requestParsingError =`
	`23`	`+ LoggerMessage.Define(LogLevel.Debug, LoggerEventIds.RequestParsingError, "Failed to parse request.");`
	`24`	`+`
`22`	`25`	`public static void AbortError(ILogger logger, Exception exception)`
`23`	`26`	`{`
`24`	`27`	`_abortError(logger, exception);`
`@@ -33,6 +36,11 @@ public static void ChannelBindingRetrieved(ILogger logger)`
`33`	`36`	`{`
`34`	`37`	`_channelBindingRetrieved(logger, null);`
`35`	`38`	`}`
	`39`	`+`
	`40`	`+ public static void RequestParsingError(ILogger logger, Exception exception)`
	`41`	`+ {`
	`42`	`+ _requestParsingError(logger, exception);`
	`43`	`+ }`
`36`	`44`	`}`
`37`	`45`	`}`
`38`	`46`	`}`
Original file line number	Diff line number	Diff line change
`@@ -186,9 +186,11 @@ public void Abort()`
`186`	`186`	`_disconnectToken = new CancellationToken(canceled: true);`
`187`	`187`	`}`
`188`	`188`	`ForceCancelRequest();`
`189`		`- Request.Dispose();`
	`189`	`+ // Request and/or Response can be null (even though the property doesn't say it can)`
	`190`	`+ // if the constructor throws (can happen for invalid path format)`
	`191`	`+ Request?.Dispose();`
`190`	`192`	`// Only Abort, Response.Dispose() tries a graceful flush`
`191`		`- Response.Abort();`
	`193`	`+ Response?.Abort();`
`192`	`194`	`}`
`193`	`195`
`194`	`196`	`private static void Abort(object? state)`
`@@ -207,15 +209,22 @@ internal void ForceCancelRequest()`
`207`	`209`	`{`
`208`	`210`	`try`
`209`	`211`	`{`
	`212`	`+ // Shouldn't be able to get here when this is null, but just in case we'll noop`
	`213`	`+ if (_requestId is null)`
	`214`	`+ {`
	`215`	`+ return;`
	`216`	`+ }`
	`217`	`+`
`210`	`218`	`var statusCode = HttpApi.HttpCancelHttpRequest(Server.RequestQueue.Handle,`
`211`		`- Request.RequestId, IntPtr.Zero);`
	`219`	`+ _requestId.Value, IntPtr.Zero);`
`212`	`220`
`213`	`221`	`// Either the connection has already dropped, or the last write is in progress.`
`214`	`222`	`// The requestId becomes invalid as soon as the last Content-Length write starts.`
`215`	`223`	`// The only way to cancel now is with CancelIoEx.`
`216`	`224`	`if (statusCode == UnsafeNclNativeMethods.ErrorCodes.ERROR_CONNECTION_INVALID)`
`217`	`225`	`{`
`218`		`- Response.CancelLastWrite();`
	`226`	`+ // Can be null if processing the request threw and the response object was never created.`
	`227`	`+ Response?.CancelLastWrite();`
`219`	`228`	`}`
`220`	`229`	`}`
`221`	`230`	`catch (ObjectDisposedException)`
Original file line number	Diff line number	Diff line change
`@@ -29,7 +29,11 @@ public override async Task ExecuteAsync()`
`29`	`29`
`30`	`30`	`try`
`31`	`31`	`{`
`32`		`- InitializeFeatures();`
	`32`	`+ if (!InitializeFeatures())`
	`33`	`+ {`
	`34`	`+ Abort();`
	`35`	`+ return;`
	`36`	`+ }`
`33`	`37`
`34`	`38`	`if (messagePump.Stopping)`
`35`	`39`	`{`