Fix CI failures: initialize submodules and fix ssl_merger Content-Length parsing #25
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -79,11 +79,12 @@ impl SSLMerger { | |
| // For non-chunked, check Content-Length | ||
| if let Some(cl_start) = headers.to_lowercase().find("content-length:") { | ||
| let cl_line = &headers[cl_start..]; | ||
| // Find the end of the Content-Length header line | ||
| // It could be followed by \r\n (if there are more headers) or end of headers | ||
| let cl_end = cl_line.find("\r\n").unwrap_or(cl_line.len()); | ||
| let cl_value = cl_line[15..cl_end].trim(); | ||
| if let Ok(content_length) = cl_value.parse::<usize>() { | ||
|
There was a problem hiding this comment. The slice offset
Contributor
Author
There was a problem hiding this comment. Fixed in commit 573cc1c. Replaced magic number |
||
| return body.len() >= content_length; | ||
| } | ||
| } | ||
|
|
||
|
|
||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Content-Length detection uses
headers.to_lowercase().find("content-length:"), which can match inside other header names (e.g.,X-Content-Length) or within a header value, and then slices from that byte offset. This can cause incorrect Content-Length parsing and premature message completion. Consider parsing headers line-by-line (split on\r\n) and matchingContent-Lengthonly at the start of a header line (case-insensitive), or at least ensuring the match is at start-of-string or preceded by\r\n.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@copilot apply changes based on this feedback
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed in commit 573cc1c. Changed implementation to parse headers line-by-line using
split("\r\n")and matchContent-Lengthonly at the start of header lines withstarts_with(), preventing false matches in other header names or values.