Bugs in http

With Tcl/TK version 8.5.7, I think there is a bug in http::geturl. It surfaces when I call it with the -channel, -timeout and -blocksize options. Http version is 2.7.4.


1) First, the call waits/blocks until the timeout option.

2) Second, the data is not complete and is only partial. I use a -blocksize of 4096.

3) Third, during this period, it completely hogs the CPU and it becomes impossible to do anything else.


I just tested the same call against an older version (8.4.17 with http version 2.5.3) and everything is fine.


DrS

.

Relevant Pages

  • [Full-disclosure] sballmer@microsoft.com, root@apache.org
    ... Application: HTTP RFC ... Credit: Dan Kaminsky ... Bug ... Fredrick Diggle Security Services is probably the best application security ...
    (Full-Disclosure)
  • Re: do these tcl error indicate insecure code?
    ... The system receives input from Internet (HTTP) parses it ... and passes to customisable TCL scripts. ... This looks like a bug in XXXXX. ... injection is an immediate threat! ...
    (comp.lang.tcl)
  • Re: Bugs in http
    ... surfaces when I call it with the -channel, ... So either the bug was introduced in http 2.7.4 or it is platform dependent -- which OS are you using. ... $ tail myfile.html ...
    (comp.lang.tcl)
  • Re: Posting data to secure site fails
    ... >> I think I may have found another bug in IE. ... >> using the default self signed cert for the site. ... >> It does goto the page, ... >> I have tried it over http and it works every time. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: Posting data to secure site fails
    ... > I think I may have found another bug in IE. ... > I have developed a web page to send payments online to paypal. ... > I have tried it over http and it works every time. ... It always works with netscape 7.1 regardless of ssl. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)