Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

InvalidHTTPVersion / TypeError: not all arguments converted during string formatting #3195

Open
tgz-cz opened this issue Apr 26, 2024 · 1 comment · May be fixed by #3196 or #3197
Open

InvalidHTTPVersion / TypeError: not all arguments converted during string formatting #3195

tgz-cz opened this issue Apr 26, 2024 · 1 comment · May be fixed by #3196 or #3197

Comments

@tgz-cz
Copy link

tgz-cz commented Apr 26, 2024

Hello,

Our production log contains follwing error:

Traceback (most recent call last):
  File "/opt/python/lib/python3.11/site-packages/gunicorn/workers/sync.py", line 134, in handle
    req = next(parser)
          ^^^^^^^^^^^^
  File "/opt/python/lib/python3.11/site-packages/gunicorn/http/parser.py", line 42, in __next__
    self.mesg = self.mesg_class(self.cfg, self.unreader, self.source_addr, self.req_count)
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/python/lib/python3.11/site-packages/gunicorn/http/message.py", line 257, in __init__
    super().__init__(cfg, unreader, peer_addr)
  File "/opt/python/lib/python3.11/site-packages/gunicorn/http/message.py", line 60, in __init__
    unused = self.parse(self.unreader)
             ^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/python/lib/python3.11/site-packages/gunicorn/http/message.py", line 281, in parse
    self.parse_request_line(line)
  File "/opt/python/lib/python3.11/site-packages/gunicorn/http/message.py", line 445, in parse_request_line
    raise InvalidHTTPVersion(self.version)
gunicorn.http.errors.InvalidHTTPVersion: <exception str() failed>
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
  File "/opt/python/lib/python3.11/site-packages/gunicorn/arbiter.py", line 609, in spawn_worker
    worker.init_process()
  File "/opt/python/lib/python3.11/site-packages/gunicorn/workers/base.py", line 142, in init_process
    self.run()
  File "/opt/python/lib/python3.11/site-packages/gunicorn/workers/sync.py", line 126, in run
    self.run_for_one(timeout)
  File "/opt/python/lib/python3.11/site-packages/gunicorn/workers/sync.py", line 70, in run_for_one
    self.accept(listener)
  File "/opt/python/lib/python3.11/site-packages/gunicorn/workers/sync.py", line 32, in accept
    self.handle(listener, client, addr)
  File "/opt/python/lib/python3.11/site-packages/gunicorn/workers/sync.py", line 158, in handle
    self.handle_error(req, client, addr, e)
  File "/opt/python/lib/python3.11/site-packages/gunicorn/workers/base.py", line 225, in handle_error
    mesg = "Invalid HTTP Version '%s'" % str(exc)
                                         ^^^^^^^^
  File "/opt/python/lib/python3.11/site-packages/gunicorn/http/errors.py", line 56, in __str__
    return "Invalid HTTP Version: %r" % self.version
           ~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~
TypeError: not all arguments converted during string

Is is probably caused by some malicious http request.

There should be probably:

return "Invalid HTTP Version: %r" % (self.version,)

instead of:

return "Invalid HTTP Version: %r" % self.version

in https://github.com/benoitc/gunicorn/blob/master/gunicorn/http/errors.py#L56 (gunicorn.http.errors line 56)
washeck added a commit to washeck/gunicorn that referenced this issue Apr 26, 2024
@washeck
Fix InvalidHTTPVersion exception str method
75f10b4 
Fixes: benoitc#3195
washeck added a commit to washeck/gunicorn that referenced this issue Apr 26, 2024
@washeck
Fix InvalidHTTPVersion exception str method
97f87ec 
Fixes: benoitc#3195
@washeck washeck linked a pull request Apr 26, 2024 that will close this issue
Open
@pajod pajod linked a pull request Apr 26, 2024 that will close this issue
Open
@pajod
Copy link
Contributor

pajod commented Apr 26, 2024

Sorry. I failed to spot my mistake, believing the added test case would tell me. It will

  1. confirm the exception is raised but will not also
  2. confirm its str(exception) is available for insertion in the HTTP error response.
    I have suggested a change to the tests now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@pajod @tgz-cz