From 15e901a5e57319b092ad7b0ea0b6f23d8e249fcf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Raphae=CC=88l=20Slinckx?= <r.slinckx@whatever-company.com>
Date: Fri, 25 Aug 2017 10:50:34 +0200
Subject: [PATCH] http/message: Split request line as bytes to avoid splitting
 on 0x0A. Fixes #1577

---
 gunicorn/http/message.py      | 10 +++++-----
 tests/requests/valid/027.http |  2 ++
 tests/requests/valid/027.py   |  8 ++++++++
 3 files changed, 15 insertions(+), 5 deletions(-)
 create mode 100644 tests/requests/valid/027.http
 create mode 100644 tests/requests/valid/027.py

diff --git a/gunicorn/http/message.py b/gunicorn/http/message.py
index 069a1c8f..70708b7e 100644
--- a/gunicorn/http/message.py
+++ b/gunicorn/http/message.py
@@ -173,7 +173,7 @@ class Request(Message):
             buf.write(rbuf)
             line, rbuf = self.read_line(unreader, buf, self.limit_request_line)
 
-        self.parse_request_line(bytes_to_str(line))
+        self.parse_request_line(line)
         buf = BytesIO()
         buf.write(rbuf)
 
@@ -301,10 +301,10 @@ class Request(Message):
             "proxy_port": d_port
         }
 
-    def parse_request_line(self, line):
-        bits = line.split(None, 2)
+    def parse_request_line(self, line_bytes):
+        bits = [bytes_to_str(bit) for bit in line_bytes.split(None, 2)]
         if len(bits) != 3:
-            raise InvalidRequestLine(line)
+            raise InvalidRequestLine(bytes_to_str(line_bytes))
 
         # Method
         if not METH_RE.match(bits[0]):
@@ -325,7 +325,7 @@ class Request(Message):
         try:
             parts = urlsplit(self.uri)
         except ValueError:
-            raise InvalidRequestLine(line)
+            raise InvalidRequestLine(bytes_to_str(line_bytes))
         self.path = parts.path or ""
         self.query = parts.query or ""
         self.fragment = parts.fragment or ""
diff --git a/tests/requests/valid/027.http b/tests/requests/valid/027.http
new file mode 100644
index 00000000..19291458
--- /dev/null
+++ b/tests/requests/valid/027.http
@@ -0,0 +1,2 @@
+GET /à%20k HTTP/1.0\r\n
+\r\n
diff --git a/tests/requests/valid/027.py b/tests/requests/valid/027.py
new file mode 100644
index 00000000..1673e5c1
--- /dev/null
+++ b/tests/requests/valid/027.py
@@ -0,0 +1,8 @@
+request = {
+    "method": "GET",
+    "uri": uri("/\xc3\xa0%20k"),
+    "version": (1, 0),
+    "headers": [
+    ],
+    "body": ''
+}