Handle redirects with Content-Length: 0 correctly#7246
Merged
Conversation
f458e7d to
9f2d0c6
Compare
poxygit now supports a "specification" within the URI that can provide additional details about the mock/debugging connection. The `:none` suffix on the redirect request indicates that the proxy should send a 0 byte response body.
When we were done reading headers, we checked if we needed to read a body, or if we were done. The body check was done by looking at the transfer encoding type and the content type. If we were chunked, then we know we have a body (it may be a zero byte body, but we would need to read the chunk length to know this). But looking at the content _type_ was erroneous; we should have been looking at the content _length_. The effect of this is that when a server sends a zero byte response with a content _type_, we try to go read the body, which does not exist. We will hang waiting for the body that the server will never send. Correct this typo. Now we will try to read the body if there was a content _length_ specified, or if the transfer encoding is chunked.
9f2d0c6 to
242d66e
Compare
Member
Author
|
Fixes #7070 This is a pretty different solution to #7024. I want to give that a more thorough review but I've spent a lot of time on it and this is one of those PRs that it small (in LOC) but detailed, and I don't think I've fully grokked it yet. I want to because I'm not convinced that #7090 is related to this change. |
1 task
netbsd-srcmastr
pushed a commit
to NetBSD/pkgsrc
that referenced
this pull request
May 5, 2026
v1.9.3 This release includes a number of bugfixes and compatibility improvements, particularly around SHA256 support. * cmake: fix linker error when using ninja build generator by @kcsaul in libgit2/libgit2#7249 * Handle redirects with Content-Length: 0 correctly by @ethomson in libgit2/libgit2#7246 * ci: use poxygit v0.8.1 in the tests by @ethomson in libgit2/libgit2#7248 * Zero indexer stats in pack objects by @ethomson in libgit2/libgit2#7243 * submodule: git_index_add_bypath does not move conflict entries to REUC by @lrm29 in libgit2/libgit2#7003 * fix: prevent SSH timeout infinite loop and enable TCP keepalive by @ambv in libgit2/libgit2#7165 * merge_files: avoid UB in xdiff by @ethomson in libgit2/libgit2#7239 * git_merge_file_from_index: handle cases when a child (ours or theirs) is null by @eantoranz in libgit2/libgit2#7092 * cmake: write git.h.tmp to current binary directory by @kcsaul in libgit2/libgit2#7241 * fix(pack): ensure pack_backend__read returns null terminated buffer by @kanru in libgit2/libgit2#7238 * Check object lengths against headers in read_loose by @howtonotwin in libgit2/libgit2#7178 * cmake: don't recreate git2.h unnecessarily by @ethomson in libgit2/libgit2#7234 * Memory Backend Corruption Fix by @kcsaul in libgit2/libgit2#7232 * Fixed a heap-buffer-overflow in the smart_pkt.c:set_data function by @oliverchang in libgit2/libgit2#7118 * fix(transport): get oid_type on local transport by @weihanglo in libgit2/libgit2#7229 * `GIT_REMOTE_DOWNLOAD_TAGS_ALL`: remove stray "the" in docs by @DanielEScherzer in libgit2/libgit2#7228 * fix(clone): propagate object format in local clone by @weihanglo in libgit2/libgit2#7226 * repo: Fix possible null pointer dereference by @csware in libgit2/libgit2#7225 * revparse: Allow `HEAD` abbreviation `@` by @KoviRobi in libgit2/libgit2#7218 * camke: include libssh2 in `Requires.private` in the PC file by @carlosmn in libgit2/libgit2#7215 * futils: fix undefined behavior in O_FSYNC fallback definition by @cehoffman in libgit2/libgit2#7211 * pcre: actually fix dangling-pointer warning by @ethomson in libgit2/libgit2#7206 * pcre: update cmake warnings for non-gcc by @ethomson in libgit2/libgit2#7205 * Fix some warnings with gcc by @ethomson in libgit2/libgit2#7203 * fix: apply insteadOf from global config for detached remotes by @weihanglo in libgit2/libgit2#7195 * Fix `git_index_entry` documentation by @bakersdozen123 in libgit2/libgit2#7192 * config: Fix potential null value passed to %s by @ethomson in libgit2/libgit2#7190 * index: support USE_NSEC=OFF by @ethomson in libgit2/libgit2#7187 * feat(remote): expose `git_remote_oid_type` by @weihanglo in libgit2/libgit2#7185 * fix(smart): keep caps across RPC stream resets by @weihanglo in libgit2/libgit2#7183 * fix wrong comment by @Murmele in libgit2/libgit2#7181 * fix(sha256): pass correct oid type by @weihanglo in libgit2/libgit2#7179 * examples: correct `git_commit_time` comment by @qaqland in libgit2/libgit2#7175 * tests: update to latest clar by @ethomson in libgit2/libgit2#7173 * delta: fix undefined behavior in hdr_sz varint parsing by @Oblivionsage in libgit2/libgit2#7172 * ci: Update macos-13 to macos-14 images on GitHub Actions by @ambv in libgit2/libgit2#7167 * ci: Fix cases of -Werror=discarded-qualifiers raised by @gcc 15.2 by @ambv in libgit2/libgit2#7164 * Use CMAKE_INSTALL_INCLUDEDIR for libgit2package INSTALL_INTERFACE by @aware70 in libgit2/libgit2#7155 * Fix C4703 uninitialized pointer variable warnings by @ShiningMassXAcc in libgit2/libgit2#7154 * test: check the correct filesystem for case-sensitivity by @ambv in libgit2/libgit2#7153 * ci: update ci/docker/fedora to work with Rawhide 44 by @ambv in libgit2/libgit2#7152 * refs: honor REFSPEC_SHORTHAND for multi-segment refs by @roberth in libgit2/libgit2#7148 * config: Fix potential null value passed to %s by @orgads in libgit2/libgit2#7131 * Fix potential access to uninitialized variables by @orgads in libgit2/libgit2#7130 * refspec: Detect DEL character in is_valid_name by @xokdvium in libgit2/libgit2#7120 * Update documentation to clarify that cert cb is always called by @ehuss in libgit2/libgit2#7119 * Update `racy.c` reference by @emmanuel-ferdman in libgit2/libgit2#7091 * Avoid duplicate definition of git_http_auth_dummy. by @JohannesWilde in libgit2/libgit2#7077
netbsd-srcmastr
pushed a commit
to NetBSD/pkgsrc
that referenced
this pull request
May 13, 2026
v1.9.3 This release includes a number of bugfixes and compatibility improvements, particularly around SHA256 support. * cmake: fix linker error when using ninja build generator by @kcsaul in libgit2/libgit2#7249 * Handle redirects with Content-Length: 0 correctly by @ethomson in libgit2/libgit2#7246 * ci: use poxygit v0.8.1 in the tests by @ethomson in libgit2/libgit2#7248 * Zero indexer stats in pack objects by @ethomson in libgit2/libgit2#7243 * submodule: git_index_add_bypath does not move conflict entries to REUC by @lrm29 in libgit2/libgit2#7003 * fix: prevent SSH timeout infinite loop and enable TCP keepalive by @ambv in libgit2/libgit2#7165 * merge_files: avoid UB in xdiff by @ethomson in libgit2/libgit2#7239 * git_merge_file_from_index: handle cases when a child (ours or theirs) is null by @eantoranz in libgit2/libgit2#7092 * cmake: write git.h.tmp to current binary directory by @kcsaul in libgit2/libgit2#7241 * fix(pack): ensure pack_backend__read returns null terminated buffer by @kanru in libgit2/libgit2#7238 * Check object lengths against headers in read_loose by @howtonotwin in libgit2/libgit2#7178 * cmake: don't recreate git2.h unnecessarily by @ethomson in libgit2/libgit2#7234 * Memory Backend Corruption Fix by @kcsaul in libgit2/libgit2#7232 * Fixed a heap-buffer-overflow in the smart_pkt.c:set_data function by @oliverchang in libgit2/libgit2#7118 * fix(transport): get oid_type on local transport by @weihanglo in libgit2/libgit2#7229 * `GIT_REMOTE_DOWNLOAD_TAGS_ALL`: remove stray "the" in docs by @DanielEScherzer in libgit2/libgit2#7228 * fix(clone): propagate object format in local clone by @weihanglo in libgit2/libgit2#7226 * repo: Fix possible null pointer dereference by @csware in libgit2/libgit2#7225 * revparse: Allow `HEAD` abbreviation `@` by @KoviRobi in libgit2/libgit2#7218 * camke: include libssh2 in `Requires.private` in the PC file by @carlosmn in libgit2/libgit2#7215 * futils: fix undefined behavior in O_FSYNC fallback definition by @cehoffman in libgit2/libgit2#7211 * pcre: actually fix dangling-pointer warning by @ethomson in libgit2/libgit2#7206 * pcre: update cmake warnings for non-gcc by @ethomson in libgit2/libgit2#7205 * Fix some warnings with gcc by @ethomson in libgit2/libgit2#7203 * fix: apply insteadOf from global config for detached remotes by @weihanglo in libgit2/libgit2#7195 * Fix `git_index_entry` documentation by @bakersdozen123 in libgit2/libgit2#7192 * config: Fix potential null value passed to %s by @ethomson in libgit2/libgit2#7190 * index: support USE_NSEC=OFF by @ethomson in libgit2/libgit2#7187 * feat(remote): expose `git_remote_oid_type` by @weihanglo in libgit2/libgit2#7185 * fix(smart): keep caps across RPC stream resets by @weihanglo in libgit2/libgit2#7183 * fix wrong comment by @Murmele in libgit2/libgit2#7181 * fix(sha256): pass correct oid type by @weihanglo in libgit2/libgit2#7179 * examples: correct `git_commit_time` comment by @qaqland in libgit2/libgit2#7175 * tests: update to latest clar by @ethomson in libgit2/libgit2#7173 * delta: fix undefined behavior in hdr_sz varint parsing by @Oblivionsage in libgit2/libgit2#7172 * ci: Update macos-13 to macos-14 images on GitHub Actions by @ambv in libgit2/libgit2#7167 * ci: Fix cases of -Werror=discarded-qualifiers raised by @gcc 15.2 by @ambv in libgit2/libgit2#7164 * Use CMAKE_INSTALL_INCLUDEDIR for libgit2package INSTALL_INTERFACE by @aware70 in libgit2/libgit2#7155 * Fix C4703 uninitialized pointer variable warnings by @ShiningMassXAcc in libgit2/libgit2#7154 * test: check the correct filesystem for case-sensitivity by @ambv in libgit2/libgit2#7153 * ci: update ci/docker/fedora to work with Rawhide 44 by @ambv in libgit2/libgit2#7152 * refs: honor REFSPEC_SHORTHAND for multi-segment refs by @roberth in libgit2/libgit2#7148 * config: Fix potential null value passed to %s by @orgads in libgit2/libgit2#7131 * Fix potential access to uninitialized variables by @orgads in libgit2/libgit2#7130 * refspec: Detect DEL character in is_valid_name by @xokdvium in libgit2/libgit2#7120 * Update documentation to clarify that cert cb is always called by @ehuss in libgit2/libgit2#7119 * Update `racy.c` reference by @emmanuel-ferdman in libgit2/libgit2#7091 * Avoid duplicate definition of git_http_auth_dummy. by @JohannesWilde in libgit2/libgit2#7077
netbsd-srcmastr
pushed a commit
to NetBSD/pkgsrc
that referenced
this pull request
May 21, 2026
v1.9.3 This release includes a number of bugfixes and compatibility improvements, particularly around SHA256 support. * cmake: fix linker error when using ninja build generator by @kcsaul in libgit2/libgit2#7249 * Handle redirects with Content-Length: 0 correctly by @ethomson in libgit2/libgit2#7246 * ci: use poxygit v0.8.1 in the tests by @ethomson in libgit2/libgit2#7248 * Zero indexer stats in pack objects by @ethomson in libgit2/libgit2#7243 * submodule: git_index_add_bypath does not move conflict entries to REUC by @lrm29 in libgit2/libgit2#7003 * fix: prevent SSH timeout infinite loop and enable TCP keepalive by @ambv in libgit2/libgit2#7165 * merge_files: avoid UB in xdiff by @ethomson in libgit2/libgit2#7239 * git_merge_file_from_index: handle cases when a child (ours or theirs) is null by @eantoranz in libgit2/libgit2#7092 * cmake: write git.h.tmp to current binary directory by @kcsaul in libgit2/libgit2#7241 * fix(pack): ensure pack_backend__read returns null terminated buffer by @kanru in libgit2/libgit2#7238 * Check object lengths against headers in read_loose by @howtonotwin in libgit2/libgit2#7178 * cmake: don't recreate git2.h unnecessarily by @ethomson in libgit2/libgit2#7234 * Memory Backend Corruption Fix by @kcsaul in libgit2/libgit2#7232 * Fixed a heap-buffer-overflow in the smart_pkt.c:set_data function by @oliverchang in libgit2/libgit2#7118 * fix(transport): get oid_type on local transport by @weihanglo in libgit2/libgit2#7229 * `GIT_REMOTE_DOWNLOAD_TAGS_ALL`: remove stray "the" in docs by @DanielEScherzer in libgit2/libgit2#7228 * fix(clone): propagate object format in local clone by @weihanglo in libgit2/libgit2#7226 * repo: Fix possible null pointer dereference by @csware in libgit2/libgit2#7225 * revparse: Allow `HEAD` abbreviation `@` by @KoviRobi in libgit2/libgit2#7218 * camke: include libssh2 in `Requires.private` in the PC file by @carlosmn in libgit2/libgit2#7215 * futils: fix undefined behavior in O_FSYNC fallback definition by @cehoffman in libgit2/libgit2#7211 * pcre: actually fix dangling-pointer warning by @ethomson in libgit2/libgit2#7206 * pcre: update cmake warnings for non-gcc by @ethomson in libgit2/libgit2#7205 * Fix some warnings with gcc by @ethomson in libgit2/libgit2#7203 * fix: apply insteadOf from global config for detached remotes by @weihanglo in libgit2/libgit2#7195 * Fix `git_index_entry` documentation by @bakersdozen123 in libgit2/libgit2#7192 * config: Fix potential null value passed to %s by @ethomson in libgit2/libgit2#7190 * index: support USE_NSEC=OFF by @ethomson in libgit2/libgit2#7187 * feat(remote): expose `git_remote_oid_type` by @weihanglo in libgit2/libgit2#7185 * fix(smart): keep caps across RPC stream resets by @weihanglo in libgit2/libgit2#7183 * fix wrong comment by @Murmele in libgit2/libgit2#7181 * fix(sha256): pass correct oid type by @weihanglo in libgit2/libgit2#7179 * examples: correct `git_commit_time` comment by @qaqland in libgit2/libgit2#7175 * tests: update to latest clar by @ethomson in libgit2/libgit2#7173 * delta: fix undefined behavior in hdr_sz varint parsing by @Oblivionsage in libgit2/libgit2#7172 * ci: Update macos-13 to macos-14 images on GitHub Actions by @ambv in libgit2/libgit2#7167 * ci: Fix cases of -Werror=discarded-qualifiers raised by @gcc 15.2 by @ambv in libgit2/libgit2#7164 * Use CMAKE_INSTALL_INCLUDEDIR for libgit2package INSTALL_INTERFACE by @aware70 in libgit2/libgit2#7155 * Fix C4703 uninitialized pointer variable warnings by @ShiningMassXAcc in libgit2/libgit2#7154 * test: check the correct filesystem for case-sensitivity by @ambv in libgit2/libgit2#7153 * ci: update ci/docker/fedora to work with Rawhide 44 by @ambv in libgit2/libgit2#7152 * refs: honor REFSPEC_SHORTHAND for multi-segment refs by @roberth in libgit2/libgit2#7148 * config: Fix potential null value passed to %s by @orgads in libgit2/libgit2#7131 * Fix potential access to uninitialized variables by @orgads in libgit2/libgit2#7130 * refspec: Detect DEL character in is_valid_name by @xokdvium in libgit2/libgit2#7120 * Update documentation to clarify that cert cb is always called by @ehuss in libgit2/libgit2#7119 * Update `racy.c` reference by @emmanuel-ferdman in libgit2/libgit2#7091 * Avoid duplicate definition of git_http_auth_dummy. by @JohannesWilde in libgit2/libgit2#7077
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
In
httpclient, when we were done reading headers, we checked if we needed to read a body, or if we were done. The body check was done by looking at the transfer encoding type and the content type. If we were chunked, then we know we have a body (it may be a zero byte body, but we would need to read the chunk length to know this). But looking at the content type was erroneous; we should have been looking at the content length.The effect of this is that when a server sends a zero byte response with a content type, we try to go read the body, which does not exist. We will hang waiting for the body that the server will never send.
Correct this typo. Now we will try to read the body if there was a content length specified, or if the transfer encoding is chunked.
We didn't catch this because our test infrastructure sent a redirect response with a
Content-Length: 0, but crucially, also with aConnection: close. This meant that we avoided the whole problem of trying to consume the remainder of the response body; since the connection was being closed, we aren't reusing a keep-alive connection, and we don't need to burn down our input buffer. 🥴