Skip to content

fix: make_safe_connect crashes on Windows due to missing uvloop#5631

Open
stayliv3 wants to merge 2 commits into
bentoml:mainfrom
stayliv3:fix/windows-ssrf-protection
Open

fix: make_safe_connect crashes on Windows due to missing uvloop#5631
stayliv3 wants to merge 2 commits into
bentoml:mainfrom
stayliv3:fix/windows-ssrf-protection

Conversation

@stayliv3

@stayliv3 stayliv3 commented Jun 4, 2026

Copy link
Copy Markdown

Problem

make_safe_connect() in src/bentoml/_internal/utils/uri.py unconditionally imports uvloop (line 69), which is unavailable on Windows. This causes a ModuleNotFoundError crash on any BentoML service that accepts file/image URL inputs, leaving Windows deployments with zero SSRF protection.

Impact

  • Affected platforms: Windows (all versions)
  • Affected feature: URL-based file input (multipart form with URL string instead of file upload)
  • Security impact: Windows users have no SSRF protection — the function meant to block internal network requests crashes before it can do its job
  • Symptom: HTTP 500 with ModuleNotFoundError: No module named uvloop in server logs

Fix

Added a try/except ImportError around the uvloop import with a fallback implementation:

  • When uvloop is unavailable, patches socket.getaddrinfo to check resolved IPs
  • Blocks private, loopback, and link-local addresses (same security policy as the uvloop path)
  • Properly restores original getaddrinfo in the finally block
  • Respects proxy configuration (same as existing code)

Testing

Before fix (Windows):

Status: 500
Log: ModuleNotFoundError: No module named uvloop

After fix (Windows):

Status: 400
Body: [{"error":"Connection blocked due to insecure input URL"}]

Linux (unchanged):

Status: 400
Body: [{"error":"Connection blocked due to insecure input URL"}]

Verified on:

  • Windows 10/11 + Python 3.12 + BentoML 1.4.39
  • Linux (Kali) + Python 3.13 + BentoML 1.4.39 + uvloop 0.22.1

@stayliv3
fix: make_safe_connect crashes on Windows due to missing uvloop
1ca6207 
On Windows where uvloop is unavailable, make_safe_connect() raises
ModuleNotFoundError, breaking URL-based file input for any service
with Path/Image parameters. This leaves Windows deployments without
SSRF protection entirely.

Add a fallback implementation using socket.getaddrinfo patching that
provides equivalent SSRF protection (blocking private/loopback/link-local
IPs) on platforms without uvloop.

Tested on:
- Windows 10/11 + Python 3.12: SSRF now correctly blocked (was 500 crash)
- Linux + uvloop 0.22.1: Existing behavior unchanged
@stayliv3 stayliv3 requested a review from a team as a code owner June 4, 2026 11:49
@stayliv3 stayliv3 requested review from jianshen92 and removed request for a team June 4, 2026 11:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jianshen92 jianshen92 Awaiting requested review from jianshen92 jianshen92 is a code owner automatically assigned from bentoml/bentoml-reviewers

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@stayliv3