diff options
author | Eric Wong <normalperson@yhbt.net> | 2010-11-19 10:19:45 +0000 |
---|---|---|
committer | Eric Wong <normalperson@yhbt.net> | 2010-11-19 16:59:01 -0800 |
commit | c6ffae22748bc22d5ef88fea2a3ca67f480ee74b (patch) | |
tree | d64947098657f2bbdbca04a6db2e43645060a223 /t/t0104-rack-input-limit-tiny.sh | |
parent | 3cee07d750f678af92318c14110c803be3f9b97f (diff) | |
download | rainbows-c6ffae22748bc22d5ef88fea2a3ca67f480ee74b.tar.gz |
To avoid denial-of-service attacks, the wrappers need to intercept requests *before* they hit the memory allocator, so we need to reimplement the read(all) and gets cases to use smaller buffers whenever the application does not specify one.
Diffstat (limited to 't/t0104-rack-input-limit-tiny.sh')
-rwxr-xr-x | t/t0104-rack-input-limit-tiny.sh | 134 |
1 files changed, 133 insertions, 1 deletions
diff --git a/t/t0104-rack-input-limit-tiny.sh b/t/t0104-rack-input-limit-tiny.sh index 0cf9f73..284d7c0 100755 --- a/t/t0104-rack-input-limit-tiny.sh +++ b/t/t0104-rack-input-limit-tiny.sh @@ -3,7 +3,7 @@ test -r random_blob || die "random_blob required, run with 'make $0'" req_curl_chunked_upload_err_check -t_plan 6 "rack.input client_max_body_size tiny" +t_plan 18 "rack.input client_max_body_size tiny" t_begin "setup and startup" && { rtmpfiles curl_out curl_err cmbs_config @@ -21,6 +21,7 @@ t_begin "stops a regular request" && { http://$listen/ > $curl_out 2> $curl_err || > $ok dbgcat curl_err dbgcat curl_out + grep 413 $curl_err test -e $ok } @@ -31,6 +32,7 @@ t_begin "stops a large chunked request" && { http://$listen/ > $curl_out 2> $curl_err || > $ok dbgcat curl_err dbgcat curl_out + grep 413 $curl_err test -e $ok } @@ -56,6 +58,136 @@ t_begin "small size sha1 content-length ok" && { test "$(cat $curl_out)" = $blob_sha1 } +t_begin "stops a regular request (gets_read_mix)" && { + rm -f $ok + dd if=/dev/zero bs=257 count=1 of=$tmp + curl -vsSf -T $tmp -H Expect: \ + http://$listen/gets_read_mix > $curl_out 2> $curl_err || > $ok + dbgcat curl_err + dbgcat curl_out + grep 413 $curl_err + test -e $ok +} + +t_begin "stops a large chunked request (gets_read_mix)" && { + rm -f $ok + dd if=/dev/zero bs=257 count=1 | \ + curl -vsSf -T- -H Expect: \ + http://$listen/gets_read_mix > $curl_out 2> $curl_err || > $ok + dbgcat curl_err + dbgcat curl_out + grep 413 $curl_err + test -e $ok +} + +t_begin "stops a large line-based chunked request (gets_read_mix)" && { + rm -f $ok + </dev/null awk 'BEGIN{for(i=22;--i>=0;) print "hello world"}' | \ + curl -vsSf -T- -H Expect: \ + http://$listen/gets_read_mix > $curl_out 2> $curl_err || > $ok + dbgcat curl_err + dbgcat curl_out + grep 413 $curl_err + test -e $ok +} + +t_begin "OK with line-based chunked request (gets_read_mix)" && { + rm -f $ok + </dev/null awk 'BEGIN{for(i=21;--i>=0;) print "hello world"}' | \ + curl -vsSf -T- -H Expect: \ + http://$listen/gets_read_mix > $curl_out 2> $curl_err + dbgcat curl_err + dbgcat curl_out + test x"$(cat $curl_out)" = x23eab3cebcbe22a0456c8462e3d3bb01ae761702 +} + +t_begin "small size sha1 chunked ok (gets_read_mix)" && { + blob_sha1=b376885ac8452b6cbf9ced81b1080bfd570d9b91 + rm -f $ok + dd if=/dev/zero bs=256 count=1 | \ + curl -vsSf -T- -H Expect: \ + http://$listen/gets_read_mix > $curl_out 2> $curl_err + dbgcat curl_err + dbgcat curl_out + test "$(cat $curl_out)" = $blob_sha1 +} + +t_begin "small size sha1 content-length ok (gets_read_mix)" && { + blob_sha1=b376885ac8452b6cbf9ced81b1080bfd570d9b91 + rm -f $ok + dd if=/dev/zero bs=256 count=1 of=$tmp + curl -vsSf -T $tmp -H Expect: \ + http://$listen/gets_read_mix > $curl_out 2> $curl_err + dbgcat curl_err + dbgcat curl_out + test "$(cat $curl_out)" = $blob_sha1 +} + +t_begin "stops a regular request (each)" && { + rm -f $ok + dd if=/dev/zero bs=257 count=1 of=$tmp + curl -vsSf -T $tmp -H Expect: \ + http://$listen/each > $curl_out 2> $curl_err || > $ok + dbgcat curl_err + dbgcat curl_out + grep 413 $curl_err + test -e $ok +} + +t_begin "stops a large chunked request (each)" && { + rm -f $ok + dd if=/dev/zero bs=257 count=1 | \ + curl -vsSf -T- -H Expect: \ + http://$listen/each > $curl_out 2> $curl_err || > $ok + dbgcat curl_err + dbgcat curl_out + grep 413 $curl_err + test -e $ok +} + +t_begin "small size sha1 chunked ok (each)" && { + blob_sha1=b376885ac8452b6cbf9ced81b1080bfd570d9b91 + rm -f $ok + dd if=/dev/zero bs=256 count=1 | \ + curl -vsSf -T- -H Expect: \ + http://$listen/each > $curl_out 2> $curl_err + dbgcat curl_err + dbgcat curl_out + test "$(cat $curl_out)" = $blob_sha1 +} + +t_begin "small size sha1 content-length ok (each)" && { + blob_sha1=b376885ac8452b6cbf9ced81b1080bfd570d9b91 + rm -f $ok + dd if=/dev/zero bs=256 count=1 of=$tmp + curl -vsSf -T $tmp -H Expect: \ + http://$listen/each > $curl_out 2> $curl_err + dbgcat curl_err + dbgcat curl_out + test "$(cat $curl_out)" = $blob_sha1 +} + +t_begin "stops a large line-based chunked request (each)" && { + rm -f $ok + </dev/null awk 'BEGIN{for(i=22;--i>=0;) print "hello world"}' | \ + curl -vsSf -T- -H Expect: \ + http://$listen/each > $curl_out 2> $curl_err || > $ok + dbgcat curl_err + dbgcat curl_out + grep 413 $curl_err + test -e $ok +} + +t_begin "OK with line-based chunked request (each)" && { + rm -f $ok + </dev/null awk 'BEGIN{for(i=21;--i>=0;) print "hello world"}' | \ + curl -vsSf -T- -H Expect: \ + http://$listen/each > $curl_out 2> $curl_err + dbgcat curl_err + dbgcat curl_out + test x"$(cat $curl_out)" = x23eab3cebcbe22a0456c8462e3d3bb01ae761702 +} + t_begin "shutdown" && { kill $rainbows_pid } |