Return-Path: 
 <commits-return-6852-apmail-couchdb-commits-archive=couchdb.apache.org@couchdb.apache.org>
X-Original-To: apmail-couchdb-commits-archive@www.apache.org
Delivered-To: apmail-couchdb-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id AD81B8FA9
	for <apmail-couchdb-commits-archive@www.apache.org>;
 Sun, 11 Sep 2011 10:50:53 +0000 (UTC)
Received: (qmail 49689 invoked by uid 500); 11 Sep 2011 10:50:49 -0000
Delivered-To: apmail-couchdb-commits-archive@couchdb.apache.org
Received: (qmail 49557 invoked by uid 500); 11 Sep 2011 10:50:37 -0000
Mailing-List: contact commits-help@couchdb.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@couchdb.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@couchdb.apache.org>
List-Post: <mailto:commits@couchdb.apache.org>
List-Id: <commits.couchdb.apache.org>
Reply-To: dev@couchdb.apache.org
Delivered-To: mailing list commits@couchdb.apache.org
Received: (qmail 49544 invoked by uid 99); 11 Sep 2011 10:50:33 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 11 Sep 2011 10:50:33 +0000
X-ASF-Spam-Status: No, hits=-2000.0 required=5.0
	tests=ALL_TRUSTED
X-Spam-Check-By: apache.org
Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 11 Sep 2011 10:50:32 +0000
Received: from eris.apache.org (localhost [127.0.0.1])
	by eris.apache.org (Postfix) with ESMTP id E669523889EB
	for <commits@couchdb.apache.org>; Sun, 11 Sep 2011 10:50:11 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r1168196 - in /couchdb/trunk:
 share/www/script/test/attachment_ranges.js src/couchdb/couch_httpd_db.erl
Date: Sun, 11 Sep 2011 10:50:11 -0000
To: commits@couchdb.apache.org
From: rnewson@apache.org
X-Mailer: svnmailer-1.0.8
Message-Id: <20110911105011.E669523889EB@eris.apache.org>

Author: rnewson
Date: Sun Sep 11 10:50:11 2011
New Revision: 1168196

URL: http://svn.apache.org/viewvc?rev=1168196&view=rev
Log:
Reject large Range requests

Return a 200 response for any Range request that covers the entire entity
or that contains more than 10 byte ranges.

Modified:
    couchdb/trunk/share/www/script/test/attachment_ranges.js
    couchdb/trunk/src/couchdb/couch_httpd_db.erl

Modified: couchdb/trunk/share/www/script/test/attachment_ranges.js
URL: http://svn.apache.org/viewvc/couchdb/trunk/share/www/script/test/attachment_ranges.js?rev=1168196&r1=1168195&r2=1168196&view=diff
==============================================================================
--- couchdb/trunk/share/www/script/test/attachment_ranges.js (original)
+++ couchdb/trunk/share/www/script/test/attachment_ranges.js Sun Sep 11 10:50:11 2011
@@ -32,7 +32,7 @@ couchTests.attachment_ranges = function(
     T(save_response.ok);
 
     // Fetching the whole entity is a 206.
-    var xhr = CouchDB.request("GET", "/test_suite_db/bin_doc/foo.txt", {
+    var xhr = CouchDB.request("GET", "/test_suite_db/bin_doc/foo.txt?bar=0", {
         headers: {
             "Range": "bytes=0-28"
         }
@@ -43,7 +43,7 @@ couchTests.attachment_ranges = function(
     TEquals("29", xhr.getResponseHeader("Content-Length"));
 
     // Fetch the whole entity without an end offset is a 200.
-    var xhr = CouchDB.request("GET", "/test_suite_db/bin_doc/foo.txt", {
+    var xhr = CouchDB.request("GET", "/test_suite_db/bin_doc/foo.txt?bar=1", {
         headers: {
             "Range": "bytes=0-"
         }
@@ -53,6 +53,14 @@ couchTests.attachment_ranges = function(
     TEquals(null, xhr.getResponseHeader("Content-Range"));
     TEquals("29", xhr.getResponseHeader("Content-Length"));
 
+    // Even if you ask multiple times.
+    var xhr = CouchDB.request("GET", "/test_suite_db/bin_doc/foo.txt", {
+        headers: {
+            "Range": "bytes=0-,0-,0-"
+        }
+    });
+    TEquals(200, xhr.status, "multiple 0-'s");
+
     // Badly formed range header is a 200.
     var xhr = CouchDB.request("GET", "/test_suite_db/bin_doc/foo.txt", {
         headers: {
@@ -131,4 +139,12 @@ couchTests.attachment_ranges = function(
     });
     TEquals(416, xhr.status, "fetch 300-310");
 
+    // We ignore a Range header with too many ranges
+    var xhr = CouchDB.request("GET", "/test_suite_db/bin_doc/foo.txt", {
+        headers: {
+            "Range": "bytes=0-1,0-1,0-1,0-1,0-1,0-1,0-1,0-1,0-1,0-1"
+        }
+    });
+    TEquals(200, xhr.status, "too many ranges");
+
 };

Modified: couchdb/trunk/src/couchdb/couch_httpd_db.erl
URL: http://svn.apache.org/viewvc/couchdb/trunk/src/couchdb/couch_httpd_db.erl?rev=1168196&r1=1168195&r2=1168196&view=diff
==============================================================================
--- couchdb/trunk/src/couchdb/couch_httpd_db.erl (original)
+++ couchdb/trunk/src/couchdb/couch_httpd_db.erl Sun Sep 11 10:50:11 2011
@@ -1029,7 +1029,7 @@ db_attachment_req(#httpd{method='GET',mo
                             {ok, Resp} = start_response_length(Req, 206, Headers1, To - From + 1),
                             couch_doc:range_att_foldl(Att, From, To + 1,
                                 fun(Seg, _) -> send(Resp, Seg) end, {ok, Resp});
-                        {identity, Ranges} when is_list(Ranges) ->
+                        {identity, Ranges} when is_list(Ranges) andalso length(Ranges) < 10 ->
                             send_ranges_multipart(Req, Type, Len, Att, Ranges);
                         _ ->
                             Headers1 = Headers ++
@@ -1168,6 +1168,8 @@ parse_ranges(Ranges, Len) ->
 
 parse_ranges([], _Len, Acc) ->
     lists:reverse(Acc);
+parse_ranges([{0, none}|_], _Len, _Acc) ->
+    undefined;
 parse_ranges([{From, To}|_], _Len, _Acc) when is_integer(From) andalso is_integer(To) andalso To < From ->
     throw(requested_range_not_satisfiable);
 parse_ranges([{From, To}|Rest], Len, Acc) when is_integer(To) andalso To >= Len ->