We found a bug in the hyper HTTP library

(blog.cloudflare.com)

25 points | by Pop_- 4 days ago

4 comments

edelbitter 38 minutes ago
Cloudflare does not notice (until a customer complains) that they are sending broken responses at scale? I would have thought they would notice this from sampling and linting a few replies.. just in case they did something like Cloudbleed again.
nopurpose 2 minutes ago
[dead]
giammbo 11 minutes ago
[flagged]
logicchains 36 minutes ago
How does terrible code like this survive so long in such a key piece of infrastructure:
```
        let _ = self.poll_read(cx)?;
        let _ = self.poll_write(cx)?;
        let _ = self.poll_flush(cx)?;
```
Surely at the very least a linter should have flagged that the return values aren't handled.
[-]
- lifthrasiir 10 minutes ago
  It is an explicit way to discard return values; `self.poll_read(cx)?` etc. alone would warn. Or in this case, `Poll<Result<(), Error>>` is unwrapped once and `Result<(), Error>` is being discarded. The decision to discard `Result<(), Error>` should have been intentional, albeit turned out to be not always the case.
- QuantumNomad_ 8 minutes ago
  Assigning to _ in Rust specifically means that you intentionally want to discard the value, and the clippy linter and the Rust compiler both know that.
- 3form 26 minutes ago
  Well, simple. You write a project without a linter, so as to be fast. Or on minimal settings. Then one day you turn it on and end up with 10k warnings at max checks. You ignore them and tune it down to a bearable level. Problem solved.
  That, or the linter sucks (or the idiom is too popular to be linted against, so then it's more of a language issue).