http: cast input to unsigned char in ragel parsers

travisdowns · travisdowns · commit 4d9092301275 · 2026-05-20T11:17:36.000-04:00
The HTTP ragel state machines in src/http/{chunk_parsers,request_parser, response_parser}.rl declare obs_text = 0x80..0xFF per RFC 7230 §3.2.6, but the generated code compares (*p) directly where p is const char*. On platforms whose ABI defines `char` as signed (x86_64) the 0x80..0xFF range comparisons happen to land bytes on the obs_text state by way of how negative chars sort against the literal byte values; on platforms where `char` is unsigned (aarch64) the same bytes route through a "byte > 122" path and the parser rejects valid input. Add `getkey ((unsigned char)(*p));` to each machine so ragel emits an explicit unsigned-char cast in every comparison. The fix is local to the three .rl files; no compiler flag or input-buffer type change is required. This affects both seastar's HTTP server (http_request_parser via include/seastar/http/httpd.hh) and its HTTP client (http_response_parser via src/http/client.cc), so the bug surfaces on any seastar-based service running on arm64 that receives or sends obs_text in field values. Fixes scylladb#3413.
diff --git a/src/http/chunk_parsers.rl b/src/http/chunk_parsers.rl
@@ -32,6 +32,10 @@ namespace seastar {
 %%{
 
 access _fsm_;
+# Treat the input as unsigned so the obs_text (0x80..0xff) range is
+# accepted on platforms where `char` defaults to signed (x86_64) and
+# unsigned (aarch64) alike. See scylladb/seastar issue #3413.
+getkey ((unsigned char)(*p));
 
 action mark {
     g.mark_start(p);
@@ -152,6 +156,10 @@ public:
 %%{
 
 access _fsm_;
+# Treat the input as unsigned so the obs_text (0x80..0xff) range is
+# accepted on platforms where `char` defaults to signed (x86_64) and
+# unsigned (aarch64) alike. See scylladb/seastar issue #3413.
+getkey ((unsigned char)(*p));
 
 action mark {
     g.mark_start(p);
diff --git a/src/http/request_parser.rl b/src/http/request_parser.rl
@@ -33,6 +33,10 @@ namespace seastar {
 %%{
 
 access _fsm_;
+# Treat the input as unsigned so the obs_text (0x80..0xff) range is
+# accepted on platforms where `char` defaults to signed (x86_64) and
+# unsigned (aarch64) alike. See scylladb/seastar issue #3413.
+getkey ((unsigned char)(*p));
 
 action mark {
     g.mark_start(p);
diff --git a/src/http/response_parser.rl b/src/http/response_parser.rl
@@ -35,6 +35,10 @@ namespace seastar {
 %%{
 
 access _fsm_;
+# Treat the input as unsigned so the obs_text (0x80..0xff) range is
+# accepted on platforms where `char` defaults to signed (x86_64) and
+# unsigned (aarch64) alike. See scylladb/seastar issue #3413.
+getkey ((unsigned char)(*p));
 
 action mark {
     g.mark_start(p);
