about summary refs log tree commit homepage
path: root/t
diff options
context:
space:
mode:
authorEric Wong <normalperson@yhbt.net>2010-11-19 10:19:45 +0000
committerEric Wong <normalperson@yhbt.net>2010-11-19 16:59:01 -0800
commitc6ffae22748bc22d5ef88fea2a3ca67f480ee74b (patch)
treed64947098657f2bbdbca04a6db2e43645060a223 /t
parent3cee07d750f678af92318c14110c803be3f9b97f (diff)
downloadrainbows-c6ffae22748bc22d5ef88fea2a3ca67f480ee74b.tar.gz
max_body: rewrite wrappers to be safer
To avoid denial-of-service attacks, the wrappers need to
intercept requests *before* they hit the memory allocator, so we
need to reimplement the read(all) and gets cases to use
smaller buffers whenever the application does not specify one.
Diffstat (limited to 't')
-rw-r--r--t/sha1-random-size.ru24
-rwxr-xr-xt/t0104-rack-input-limit-tiny.sh134
-rwxr-xr-xt/t0105-rack-input-limit-bigger.sh2
3 files changed, 154 insertions, 6 deletions
diff --git a/t/sha1-random-size.ru b/t/sha1-random-size.ru
index f86d017..4ef5d7b 100644
--- a/t/sha1-random-size.ru
+++ b/t/sha1-random-size.ru
@@ -7,11 +7,25 @@ app = lambda do |env|
     return [ 100, {}, [] ]
   digest = Digest::SHA1.new
   input = env['rack.input']
-  if buf = input.read(rand(cap))
-    begin
-      raise "#{buf.size} > #{cap}" if buf.size > cap
-      digest.update(buf)
-    end while input.read(rand(cap), buf)
+  case env["PATH_INFO"]
+  when "/gets_read_mix"
+    warn "GETS_READ_MIX #{env['HTTP_TRANSFER_ENCODING'].inspect}"
+    if buf = input.gets
+      warn "input.rbuf: #{input.instance_variable_get(:@rbuf).inspect}"
+      begin
+        digest.update(buf)
+        warn "buf.size : #{buf.size}"
+      end while input.read(rand(cap), buf)
+    end
+  when "/each"
+    input.each { |buf| digest.update(buf) }
+  else
+    if buf = input.read(rand(cap))
+      begin
+        raise "#{buf.size} > #{cap}" if buf.size > cap
+        digest.update(buf)
+      end while input.read(rand(cap), buf)
+    end
   end
 
   [ 200, {'Content-Type' => 'text/plain'}, [ digest.hexdigest << "\n" ] ]
diff --git a/t/t0104-rack-input-limit-tiny.sh b/t/t0104-rack-input-limit-tiny.sh
index 0cf9f73..284d7c0 100755
--- a/t/t0104-rack-input-limit-tiny.sh
+++ b/t/t0104-rack-input-limit-tiny.sh
@@ -3,7 +3,7 @@
 test -r random_blob || die "random_blob required, run with 'make $0'"
 req_curl_chunked_upload_err_check
 
-t_plan 6 "rack.input client_max_body_size tiny"
+t_plan 18 "rack.input client_max_body_size tiny"
 
 t_begin "setup and startup" && {
         rtmpfiles curl_out curl_err cmbs_config
@@ -21,6 +21,7 @@ t_begin "stops a regular request" && {
           http://$listen/ > $curl_out 2> $curl_err || > $ok
         dbgcat curl_err
         dbgcat curl_out
+        grep 413 $curl_err
         test -e $ok
 }
 
@@ -31,6 +32,7 @@ t_begin "stops a large chunked request" && {
           http://$listen/ > $curl_out 2> $curl_err || > $ok
         dbgcat curl_err
         dbgcat curl_out
+        grep 413 $curl_err
         test -e $ok
 }
 
@@ -56,6 +58,136 @@ t_begin "small size sha1 content-length ok" && {
         test "$(cat $curl_out)" = $blob_sha1
 }
 
+t_begin "stops a regular request (gets_read_mix)" && {
+        rm -f $ok
+        dd if=/dev/zero bs=257 count=1 of=$tmp
+        curl -vsSf -T $tmp -H Expect: \
+          http://$listen/gets_read_mix > $curl_out 2> $curl_err || > $ok
+        dbgcat curl_err
+        dbgcat curl_out
+        grep 413 $curl_err
+        test -e $ok
+}
+
+t_begin "stops a large chunked request (gets_read_mix)" && {
+        rm -f $ok
+        dd if=/dev/zero bs=257 count=1 | \
+          curl -vsSf -T- -H Expect: \
+          http://$listen/gets_read_mix > $curl_out 2> $curl_err || > $ok
+        dbgcat curl_err
+        dbgcat curl_out
+        grep 413 $curl_err
+        test -e $ok
+}
+
+t_begin "stops a large line-based chunked request (gets_read_mix)" && {
+        rm -f $ok
+        </dev/null awk 'BEGIN{for(i=22;--i>=0;) print "hello world"}' | \
+          curl -vsSf -T- -H Expect: \
+          http://$listen/gets_read_mix > $curl_out 2> $curl_err || > $ok
+        dbgcat curl_err
+        dbgcat curl_out
+        grep 413 $curl_err
+        test -e $ok
+}
+
+t_begin "OK with line-based chunked request (gets_read_mix)" && {
+        rm -f $ok
+        </dev/null awk 'BEGIN{for(i=21;--i>=0;) print "hello world"}' | \
+          curl -vsSf -T- -H Expect: \
+          http://$listen/gets_read_mix > $curl_out 2> $curl_err
+        dbgcat curl_err
+        dbgcat curl_out
+        test x"$(cat $curl_out)" = x23eab3cebcbe22a0456c8462e3d3bb01ae761702
+}
+
+t_begin "small size sha1 chunked ok (gets_read_mix)" && {
+        blob_sha1=b376885ac8452b6cbf9ced81b1080bfd570d9b91
+        rm -f $ok
+        dd if=/dev/zero bs=256 count=1 | \
+          curl -vsSf -T- -H Expect: \
+          http://$listen/gets_read_mix > $curl_out 2> $curl_err
+        dbgcat curl_err
+        dbgcat curl_out
+        test "$(cat $curl_out)" = $blob_sha1
+}
+
+t_begin "small size sha1 content-length ok (gets_read_mix)" && {
+        blob_sha1=b376885ac8452b6cbf9ced81b1080bfd570d9b91
+        rm -f $ok
+        dd if=/dev/zero bs=256 count=1 of=$tmp
+        curl -vsSf -T $tmp -H Expect: \
+          http://$listen/gets_read_mix > $curl_out 2> $curl_err
+        dbgcat curl_err
+        dbgcat curl_out
+        test "$(cat $curl_out)" = $blob_sha1
+}
+
+t_begin "stops a regular request (each)" && {
+        rm -f $ok
+        dd if=/dev/zero bs=257 count=1 of=$tmp
+        curl -vsSf -T $tmp -H Expect: \
+          http://$listen/each > $curl_out 2> $curl_err || > $ok
+        dbgcat curl_err
+        dbgcat curl_out
+        grep 413 $curl_err
+        test -e $ok
+}
+
+t_begin "stops a large chunked request (each)" && {
+        rm -f $ok
+        dd if=/dev/zero bs=257 count=1 | \
+          curl -vsSf -T- -H Expect: \
+          http://$listen/each > $curl_out 2> $curl_err || > $ok
+        dbgcat curl_err
+        dbgcat curl_out
+        grep 413 $curl_err
+        test -e $ok
+}
+
+t_begin "small size sha1 chunked ok (each)" && {
+        blob_sha1=b376885ac8452b6cbf9ced81b1080bfd570d9b91
+        rm -f $ok
+        dd if=/dev/zero bs=256 count=1 | \
+          curl -vsSf -T- -H Expect: \
+          http://$listen/each > $curl_out 2> $curl_err
+        dbgcat curl_err
+        dbgcat curl_out
+        test "$(cat $curl_out)" = $blob_sha1
+}
+
+t_begin "small size sha1 content-length ok (each)" && {
+        blob_sha1=b376885ac8452b6cbf9ced81b1080bfd570d9b91
+        rm -f $ok
+        dd if=/dev/zero bs=256 count=1 of=$tmp
+        curl -vsSf -T $tmp -H Expect: \
+          http://$listen/each > $curl_out 2> $curl_err
+        dbgcat curl_err
+        dbgcat curl_out
+        test "$(cat $curl_out)" = $blob_sha1
+}
+
+t_begin "stops a large line-based chunked request (each)" && {
+        rm -f $ok
+        </dev/null awk 'BEGIN{for(i=22;--i>=0;) print "hello world"}' | \
+          curl -vsSf -T- -H Expect: \
+          http://$listen/each > $curl_out 2> $curl_err || > $ok
+        dbgcat curl_err
+        dbgcat curl_out
+        grep 413 $curl_err
+        test -e $ok
+}
+
+t_begin "OK with line-based chunked request (each)" && {
+        rm -f $ok
+        </dev/null awk 'BEGIN{for(i=21;--i>=0;) print "hello world"}' | \
+          curl -vsSf -T- -H Expect: \
+          http://$listen/each > $curl_out 2> $curl_err
+        dbgcat curl_err
+        dbgcat curl_out
+        test x"$(cat $curl_out)" = x23eab3cebcbe22a0456c8462e3d3bb01ae761702
+}
+
 t_begin "shutdown" && {
         kill $rainbows_pid
 }
diff --git a/t/t0105-rack-input-limit-bigger.sh b/t/t0105-rack-input-limit-bigger.sh
index e8cf95a..642dd2b 100755
--- a/t/t0105-rack-input-limit-bigger.sh
+++ b/t/t0105-rack-input-limit-bigger.sh
@@ -22,6 +22,7 @@ t_begin "stops a regular request" && {
         rm -f $tmp
         dbgcat curl_err
         dbgcat curl_out
+        grep 413 $curl_err
         test -e $ok
 }
 
@@ -32,6 +33,7 @@ t_begin "stops a large chunked request" && {
           http://$listen/ > $curl_out 2> $curl_err || > $ok
         dbgcat curl_err
         dbgcat curl_out
+        grep 413 $curl_err
         test -e $ok
 }