Actix Path Normalization can lead to crashes with empty replies

[ju6ge]

Using actix path normalization together with a handler that expects the requested path as part of its parameters will lead to crashes and empty server replies.

thread 'actix-rt|system:0|arbiter:0' panicked at /home/judge/.cargo/registry/src/index.crates.io-6f17d22bba15001f/actix-router-0.5.3/src/de.rs:225:5:
byte index 12 is out of bounds of `/uaie/iuaei`
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

Minimal example to reproduce the bug.

use actix_web::{middleware, web, App, HttpResponse, HttpServer};


async fn handler(path: web::Path<String>) -> HttpResponse {
    HttpResponse::Ok().body(format!("Responding to {path}"))
}

#[actix_web::main]
async fn main() {
    let _ = HttpServer::new(move || {
        let app = App::new()
            .service(
                web::scope("{tail:.*}")
                    .wrap(middleware::NormalizePath::default())
                    .default_service(web::to(handler))
            );
        app
    }).bind(("localhost", 8080)).unwrap().run().await;
}

Example request:

curl http://localhost:8080/uaie//iuaei

Expected behavior

The handler always receives the normalized path as its input.

Your Environment

Rust Version:
cargo 1.84.0

Actix Web Version: 4.9.0

[francesco-gaglione]

@ju6ge NormalizePath::default() is depcrecated now you can use NormalizePath::new(TrailingSlash::Trim). The issue is still there even with this. I'll investigate it and update you if I'm able to solve it.

https://github.com/actix/actix-web/blob/41d0176c1d84fec6bfa939350bd9a588657710a6/actix-web/src/middleware/normalize.rs#L89C1-L98C2