httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jor...@apache.org
Subject svn commit: r790589 - /httpd/test/framework/trunk/t/security/CVE-2009-1890.t
Date Thu, 02 Jul 2009 13:42:13 GMT
Author: jorton
Date: Thu Jul  2 13:42:12 2009
New Revision: 790589

URL: http://svn.apache.org/viewvc?rev=790589&view=rev
Log:
- add test case for CVE-2009-1890

Added:
    httpd/test/framework/trunk/t/security/CVE-2009-1890.t   (with props)

Added: httpd/test/framework/trunk/t/security/CVE-2009-1890.t
URL: http://svn.apache.org/viewvc/httpd/test/framework/trunk/t/security/CVE-2009-1890.t?rev=790589&view=auto
==============================================================================
--- httpd/test/framework/trunk/t/security/CVE-2009-1890.t (added)
+++ httpd/test/framework/trunk/t/security/CVE-2009-1890.t Thu Jul  2 13:42:12 2009
@@ -0,0 +1,63 @@
+use strict;
+use warnings FATAL => 'all';
+
+use Apache::Test;
+use Apache::TestRequest;
+use Apache::TestUtil;
+
+plan tests => 7, need [qw(mod_proxy proxy_http.c)];
+
+my $len = 100000;
+
+my $sock = Apache::TestRequest::vhost_socket('proxy_http_reverse');
+ok $sock && $sock->connected;
+
+my $req = 
+    "POST /reverse/modules/cgi/perl_echo.pl HTTP/1.0\r\n".
+    "Content-Length: 0" . $len . "\r\n".
+    "\r\n";
+
+ok $sock->print($req);
+
+my $half_body = 'x' x ($len/2);
+ok $sock->print($half_body);
+sleep(1);
+ok $sock->print($half_body);
+
+my $readable = IO::Select->new($sock)->can_read(10);
+ok $readable, 1, "timeout, server hung";
+if (!$readable) {
+    skip "server hung, not testing further", foreach(1..2);
+    exit(0);
+}
+
+my $line = Apache::TestRequest::getline($sock) || '';
+ok t_cmp($line, qr{^HTTP/1\.. 200}, "request was parsed");
+
+do {
+    $line = Apache::TestRequest::getline($sock) || '';
+    $line = super_chomp($line);
+    print "# header: $line\n";
+} until ($line eq "");
+
+my $buffer;
+while ($len > 0 && $sock->read($buffer, $len)) {
+    print "# got: $buffer\n";
+    $len -= length($buffer);
+    print "# remaining: $len\n";
+}
+
+ok t_cmp($len, 0, "read entire body");
+
+sub super_chomp {
+    my ($body) = shift;
+
+    ## super chomp - all leading and trailing \n (and \r for win32)
+    $body =~ s/^[\n\r]*//;
+    $body =~ s/[\n\r]*$//;
+    ## and all the rest change to spaces
+    $body =~ s/\n/ /g;
+    $body =~ s/\r//g; #rip out all remaining \r's
+
+    $body;
+}

Propchange: httpd/test/framework/trunk/t/security/CVE-2009-1890.t
------------------------------------------------------------------------------
    svn:eol-style = native



Mime
View raw message