From: Thomas Lamprecht <t.lamprecht@proxmox.com>
To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>,
Matthias Heiserer <m.heiserer@proxmox.com>
Subject: Re: [pve-devel] [PATCH v1 http-server 1/2] AnyEvent: fix #3990 - rewrite file upload
Date: Fri, 22 Apr 2022 18:54:17 +0200 [thread overview]
Message-ID: <15d074c4-fa81-9d22-1e39-8bb04a250c42@proxmox.com> (raw)
In-Reply-To: <20220422144358.3217098-1-m.heiserer@proxmox.com>
On 22.04.22 16:43, Matthias Heiserer wrote:
> Uploading of files of arbitrary size is now possible.
>
> Some (regex) lines are long, but imo more readable than splitting them
> up into multiple lines, as that's how they look in the HTTP request.
>
This commit message lacks:
* why was it limited before (to big, to small). I'd like to avoid the need to
search through bug reports for the basic info.
* what is done how to improve on that
* does that have any drawbacks, if an short argument would be great, but in
any case stating explicitly what was chosen consciously and not just missed
by accident should be done
* what did you actually test? Is there a good upload test/fuzz suite to run this
through? can we create
While the regex comment is borderline on meta-info, i.e., relevant for review only.
Did only some lightweight review as I don't see why I should invest the time to research
basic info myself that you had to do for the implementation anyway, at least you should have.
So, please consider adding a bit more info to your commit message, it don't needs to
be hundreds of words, but tbh I never saw a too long commit message and I have to spend
quite some time in `git log` ;-)
> Signed-off-by: Matthias Heiserer <m.heiserer@proxmox.com>
> ---
> src/PVE/APIServer/AnyEvent.pm | 152 +++++++++++++++++-----------------
> 1 file changed, 78 insertions(+), 74 deletions(-)
>
> diff --git a/src/PVE/APIServer/AnyEvent.pm b/src/PVE/APIServer/AnyEvent.pm
> index 7dd7d2d..ade3c05 100644
> --- a/src/PVE/APIServer/AnyEvent.pm
> +++ b/src/PVE/APIServer/AnyEvent.pm
> @@ -1157,64 +1157,74 @@ sub handle_request {
>
> sub file_upload_multipart {
> my ($self, $reqstate, $auth, $method, $path, $rstate) = @_;
> -
unnecessary noise
> eval {
> my $boundary = $rstate->{boundary};
> my $hdl = $reqstate->{hdl};
> -
unnecessary noise
> my $startlen = length($hdl->{rbuf});
>
> - if ($rstate->{phase} == 0) { # skip everything until start
> - if ($hdl->{rbuf} =~ s/^.*?--\Q$boundary\E \015?\012
> - ((?:[^\015]+\015\012)* ) \015?\012//xs) {
> - my $header = $1;
> - my ($ct, $disp, $name, $filename);
> - foreach my $line (split(/\015?\012/, $header)) {
> - # assume we have single line headers
> - if ($line =~ m/^Content-Type\s*:\s*(.*)/i) {
> - $ct = parse_content_type($1);
> - } elsif ($line =~ m/^Content-Disposition\s*:\s*(.*)/i) {
> - ($disp, $name, $filename) = parse_content_disposition($1);
> - }
> - }
> + my $newline = qr/\015?\012/;
> + my $delimiter = qr/--\Q$boundary\E${newline}/;
> + my $closeDelimiter = qr/--\Q$boundary\E--${newline}/;
>
> - if (!($disp && $disp eq 'form-data' && $name)) {
> - syslog('err', "wrong content disposition in multipart - abort upload");
> - $rstate->{phase} = -1;
> - } else {
> + my $check_disposition = sub {
> + my ($disp) = @_;
> + die "wrong Content-Disposition in multipart, expected `form-data` - abort upload"
> + if $disp ne 'form-data';
> + };
>
> - $rstate->{fieldname} = $name;
> + # Phase 0 - preserve boundary, but remove everything before
> + if ($rstate->{phase} == 0 && $hdl->{rbuf} =~ s/^.*?($delimiter)/$1/xs) {
> + $rstate->{read} += $startlen - length($hdl->{rbuf});
> + $rstate->{phase} = 1;
> + }
>
> - if ($filename) {
> - if ($name eq 'filename') {
> - # found file upload data
> - $rstate->{phase} = 1;
> - $rstate->{filename} = $filename;
> - } else {
> - syslog('err', "wrong field name for file upload - abort upload");
> - $rstate->{phase} = -1;
> - }
> - } else {
> - # found form data for field $name
> - $rstate->{phase} = 2;
> - }
> - }
> - } else {
> - my $len = length($hdl->{rbuf});
> - substr($hdl->{rbuf}, 0, $len - $rstate->{maxheader}, '')
> - if $len > $rstate->{maxheader}; # skip garbage
> - }
> - } elsif ($rstate->{phase} == 1) { # inside file - dump until end marker
> - if ($hdl->{rbuf} =~ s/^(.*?)\015?\012(--\Q$boundary\E(--)? \015?\012(.*))$/$2/xs) {
> + # Phase 1 - parse payload without file data
> + if ($rstate->{phase} == 1 && $hdl->{rbuf} =~
> + s/^${delimiter}Content-Disposition: (.*?); name="content"(.*?)($delimiter)/$3/s
> + ) {
> + $check_disposition->($1);
> + $rstate->{params}->{content} = trim($2);
> + syslog('info', "timeout: " . $hdl->{timeout});
> + }
> +
> + if ($rstate->{phase} == 1 && $hdl->{rbuf} =~
> + s/^${delimiter}Content-Disposition: (.*?); name="checksum-algorithm"(.*?)($delimiter)/$3/s
> + ) {
> + $check_disposition->($1);
> + $rstate->{params}->{"checksum-algorithm"} = trim($2);
> + }
> +
> + if ($rstate->{phase} == 1 && $hdl->{rbuf} =~
> + s/^${delimiter}Content-Disposition: (.*?); name="checksum"(.*?)($delimiter)/$3/s
> + ) {
> + $check_disposition->($1);
> + $rstate->{params}->{checksum} = trim($2);
> + }
> +
> + if ($rstate->{phase} == 1 && $hdl->{rbuf} =~
> + s/^${delimiter}
> + Content-Disposition:\ (.*?);\ name="(.*?)";\ filename="([^"]+)"${newline}
> + Content-Type:\ [^\s]*\s+ #remove all whitespace until begin of data
> + //sxx
> + ) {
> + $check_disposition->($1);
> + die "wrong field `name` for file upload, expected `filename` - abort upload"
> + if $2 ne "filename";
> + $rstate->{phase} = 2;
> + $rstate->{params}->{filename} = trim($3);
> + }
why explicitly check for $phase == 1 5 times and not to
if ($rstate->{phase} == 1) {
if ($hdl->{rbuf} =~ s/^${delimiter}Content-Disposition: (.*?); name="content"(.*?)($delimiter)/$3/s) {
...
}
would result in less noise and clearer code flow...
> +
> + # Phase 2 - dump content into file
> + if ($rstate->{phase} == 2) {
> + if ($hdl->{rbuf} =~ s/^(.*?)${newline}?+${closeDelimiter}.*$//s) {
> my ($rest, $eof) = ($1, $3);
> my $len = length($rest);
> die "write to temporary file failed - $!"
> if syswrite($rstate->{outfh}, $rest) != $len;
> $rstate->{ctx}->add($rest);
> - $rstate->{params}->{filename} = $rstate->{filename};
> $rstate->{md5sum} = $rstate->{ctx}->hexdigest;
> $rstate->{bytes} += $len;
> - $rstate->{phase} = $eof ? 100 : 0;
> + $rstate->{phase} = 100;
> } else {
> my $len = length($hdl->{rbuf});
> my $wlen = $len - $rstate->{boundlen};
> @@ -1226,42 +1236,29 @@ sub file_upload_multipart {
> $rstate->{ctx}->add($data);
> }
> }
> - } elsif ($rstate->{phase} == 2) { # inside normal field
> + }
>
> - if ($hdl->{rbuf} =~ s/^(.*?)\015?\012(--\Q$boundary\E(--)? \015?\012(.*))$/$2/xs) {
> - my ($rest, $eof) = ($1, $3);
> - my $len = length($rest);
> - $rstate->{post_size} += $len;
> - if ($rstate->{post_size} < $limit_max_post) {
> - $rstate->{params}->{$rstate->{fieldname}} = $rest;
> - $rstate->{phase} = $eof ? 100 : 0;
> - } else {
> - syslog('err', "form data to large - abort upload");
> - $rstate->{phase} = -1; # skip
> - }
> - }
> - } else { # skip
> - my $len = length($hdl->{rbuf});
> - substr($hdl->{rbuf}, 0, $len, ''); # empty rbuf
> + # Phase 100 - transfer finished
> + if ($rstate->{phase} == 100) {
> + my $elapsed = tv_interval($rstate->{starttime});
> +
> + my $rate = int($rstate->{bytes} / ($elapsed * 1024 * 1024));
> + syslog('info',
> + "multipart upload complete (size: %d time: %ds rate: %.2fMiB/s md5sum: %s)",
> + $rstate->{bytes}, $elapsed, $rate, $rstate->{md5sum}
> + );
> + $self->handle_api2_request($reqstate, $auth, $method, $path, $rstate);
> }
>
> - $rstate->{read} += ($startlen - length($hdl->{rbuf}));
> + $rstate->{read} += $startlen - length($hdl->{rbuf});
unnecessary noise
>
> - if (!$rstate->{done} && ($rstate->{read} + length($hdl->{rbuf})) >= $rstate->{size}) {
> - $rstate->{done} = 1; # make sure we dont get called twice
> - if ($rstate->{phase} < 0 || !$rstate->{md5sum}) {
> - die "upload failed\n";
> - } else {
> - my $elapsed = tv_interval($rstate->{starttime});
> -
> - my $rate = int($rstate->{bytes} / ($elapsed * 1024 * 1024));
> - syslog('info',
> - "multipart upload complete (size: %d time: %ds rate: %.2fMiB/s md5sum: %s)",
> - $rstate->{bytes}, $elapsed, $rate, $rstate->{md5sum}
> - );
> - $self->handle_api2_request($reqstate, $auth, $method, $path, $rstate);
> - }
> + if (
> + $rstate->{read} + length($hdl->{rbuf}) >= $rstate->{size}
> + && $rstate->{phase} != 100
> + ) {
> + die "upload failed";
> }
> +
> };
> if (my $err = $@) {
> syslog('err', $err);
> @@ -1269,6 +1266,13 @@ sub file_upload_multipart {
> }
> }
>
> +sub trim {
should be a local sub (my sub {}) not public ABI of a http server module, maybe even just a local inline
closure.
nit: a bit overly generic method name, i.e., "trim <what>", better: trim_whitespace
but actually this is "trim leading whitespace and trailing everything after the first non-whitespace,
and that multiline"
> + my ($string) = @_;
> +
> + $string =~ s/\s*([^\s]+).*/$1/s;
this is to expensive, why replace the string reference if it's always assigned as rvalue anyway?
also: use \S not [^\s]
> + return $string;
> +}
could be (assuming that multiline is overkill):
my sub trim_whitespace {
$_[0] =~ s/\s(\S+)/;
return $1;
}
that wouldn't scan the string after we don't need to anyway and avoid replacing it inline
just to override it via return + rvalue assignment anyway.
> +
> sub parse_content_type {
> my ($ctype) = @_;
>
prev parent reply other threads:[~2022-04-22 16:54 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-22 14:43 Matthias Heiserer
2022-04-22 14:43 ` [pve-devel] [PATCH v1 http-server 2/2] AnyEvent: disable upload timeout Matthias Heiserer
2022-04-22 16:54 ` Thomas Lamprecht
2022-05-06 11:44 ` Matthias Heiserer
2022-04-22 16:54 ` Thomas Lamprecht [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=15d074c4-fa81-9d22-1e39-8bb04a250c42@proxmox.com \
--to=t.lamprecht@proxmox.com \
--cc=m.heiserer@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox