diff options
Diffstat (limited to 'test/test_http11.rb')
-rw-r--r-- | test/test_http11.rb | 70 |
1 files changed, 68 insertions, 2 deletions
diff --git a/test/test_http11.rb b/test/test_http11.rb index 9c8975c..e100d2b 100644 --- a/test/test_http11.rb +++ b/test/test_http11.rb @@ -2,6 +2,7 @@ require 'test/unit' require 'http11' require 'mongrel' require 'benchmark' +require 'digest/sha1' include Mongrel @@ -38,6 +39,72 @@ class HttpParserTest < Test::Unit::TestCase assert parser.error?, "Parser SHOULD have error" end + # lame random garbage maker + def rand_data(min, max, readable=true) + count = min + ((rand(max)+1) *10).to_i + res = count.to_s + "/" + + if readable + res << Digest::SHA1.hexdigest(rand(count * 1000).to_s) * (count / 40) + else + res << Digest::SHA1.digest(rand(count * 1000).to_s) * (count / 20) + end + + return res + end + + + def test_horrible_queries + parser = HttpParser.new + + # first verify that large random get requests fail + 100.times do |c| + get = "GET /#{rand_data(1024, 1024+(c*1024))} HTTP/1.1\r\n" + assert_raises Mongrel::HttpParserError do + parser.execute({}, get) + parser.reset + end + end + + # then that large header names are caught + 100.times do |c| + get = "GET /#{rand_data(10,120)} HTTP/1.1\r\nX-#{rand_data(1024, 1024+(c*1024))}: Test\r\n\r\n" + assert_raises Mongrel::HttpParserError do + parser.execute({}, get) + parser.reset + end + end + + # then that large mangled field values are caught + 100.times do |c| + get = "GET /#{rand_data(10,120)} HTTP/1.1\r\nX-Test: #{rand_data(1024, 1024+(c*1024), false)}\r\n\r\n" + assert_raises Mongrel::HttpParserError do + parser.execute({}, get) + parser.reset + end + end + + # then large headers are rejected too + get = "GET /#{rand_data(10,120)} HTTP/1.1\r\n" + get << "X-Test: test\r\n" * (80 * 1024) + assert_raises Mongrel::HttpParserError do + parser.execute({}, get) + parser.reset + end + + # finally just that random garbage gets blocked all the time + 10.times do |c| + get = "GET #{rand_data(1024, 1024+(c*1024), false)} #{rand_data(1024, 1024+(c*1024), false)}\r\n\r\n" + assert_raises Mongrel::HttpParserError do + parser.execute({}, get) + parser.reset + end + end + + end + + + def test_query_parse res = HttpRequest.query_parse("zed=1&frank=2") assert res["zed"], "didn't get the request right" @@ -51,7 +118,6 @@ class HttpParserTest < Test::Unit::TestCase assert_equal 4,res["zed"].length, "wrong number for zed" assert_equal "11",res["frank"], "wrong number for frank" end - - + end |