httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ic...@apache.org
Subject svn commit: r1791112 - in /httpd/test/mod_h2/trunk/test/go: h2fuzz.go in-headers-inv.fuzz test_fuzz.sh
Date Wed, 12 Apr 2017 11:57:21 GMT
Author: icing
Date: Wed Apr 12 11:57:21 2017
New Revision: 1791112

URL: http://svn.apache.org/viewvc?rev=1791112&view=rev
Log:
testing all control chars in request header field names and value for compliance to RFC7540
and RFC7230

Modified:
    httpd/test/mod_h2/trunk/test/go/h2fuzz.go
    httpd/test/mod_h2/trunk/test/go/in-headers-inv.fuzz
    httpd/test/mod_h2/trunk/test/go/test_fuzz.sh

Modified: httpd/test/mod_h2/trunk/test/go/h2fuzz.go
URL: http://svn.apache.org/viewvc/httpd/test/mod_h2/trunk/test/go/h2fuzz.go?rev=1791112&r1=1791111&r2=1791112&view=diff
==============================================================================
--- httpd/test/mod_h2/trunk/test/go/h2fuzz.go (original)
+++ httpd/test/mod_h2/trunk/test/go/h2fuzz.go Wed Apr 12 11:57:21 2017
@@ -4,6 +4,7 @@ import (
         "bufio"
         "bytes"
         "crypto/tls"
+        "encoding/hex"
         "errors"
         "flag"
         "fmt"
@@ -12,6 +13,7 @@ import (
         "net"
         "os"
         "time"
+        "regexp"
         "strconv"
         "strings"
         
@@ -297,6 +299,36 @@ func (app *h2fuzz) cmdPing(args []string
     return app.framer.WritePing(false, data)
 }
 
+func decHexChar (s string) string {
+    bytes, err := hex.DecodeString(s[2:])
+    if err != nil {
+        return s
+    }
+    return string(bytes)
+}
+
+var rdec = regexp.MustCompile("\\\\x[0-9a-f][0-9a-f]")
+var renc = regexp.MustCompile("[\\x00-\\x1f\\x7f]")
+
+func decString(s string) string {
+    s = rdec.ReplaceAllStringFunc(s, decHexChar)
+    s = strings.Replace(s, "\\n", "\n", -1)
+    s = strings.Replace(s, "\\r", "\r", -1)
+    return s
+}
+
+func encHexChar (s string) string {
+    out := ""
+    for i := 0; i < len(s); i++ {
+        out = fmt.Sprintf("%s\\x%02x", out, s[i])
+    }
+    return out
+}
+
+func encString(s string) string {
+    return renc.ReplaceAllStringFunc(s, encHexChar)
+}
+
 func (app *h2fuzz) readHeaders() error {
     for {
         bytes, _, err := app.input.ReadLine()
@@ -306,9 +338,7 @@ func (app *h2fuzz) readHeaders() error {
         if len(bytes) == 0 {
             break
         }
-        line := string(bytes)
-        line = strings.Replace(line, "\\n", "\n", -1)
-        line = strings.Replace(line, "\\r", "\r", -1)
+        line := decString(string(bytes))
         f := strings.SplitN(line, ": ", 2)
         if len(f) != 2 {
             break
@@ -585,15 +615,15 @@ func (app *h2fuzz) readFrames() error {
 // called from readLoop
 func (app *h2fuzz) onNewHeaderField(f hpack.HeaderField) {
     if f.Sensitive {
-        app.logf("    %s = %q (SENSITIVE)", f.Name, f.Value)
+        app.logf("    %s = %q (SENSITIVE)", encString(f.Name), encString(f.Value))
     }
-    app.logf("    %s = %q", f.Name, f.Value)
+    app.logf("    %s = %q", encString(f.Name), encString(f.Value))
 }
 
 func (app *h2fuzz) writeHeader(name, value string) {
     app.henc.WriteField(hpack.HeaderField{Name: name, Value: value})
     if app.logHeaders {
-        app.logf("    %s = %s", name, value)
+        app.logf("    %s = %s", encString(name), encString(value))
     }
 }
 

Modified: httpd/test/mod_h2/trunk/test/go/in-headers-inv.fuzz
URL: http://svn.apache.org/viewvc/httpd/test/mod_h2/trunk/test/go/in-headers-inv.fuzz?rev=1791112&r1=1791111&r2=1791112&view=diff
==============================================================================
--- httpd/test/mod_h2/trunk/test/go/in-headers-inv.fuzz (original)
+++ httpd/test/mod_h2/trunk/test/go/in-headers-inv.fuzz Wed Apr 12 11:57:21 2017
@@ -1,11 +1,114 @@
 wait 1ms
 stream-get / end eos
-x1: y
-x2: y\nx
+x y: z
 
 stream-get / end eos
-x1: y
-x2: y\rx
+x\x00y: z
+
+stream-get / end eos
+x\x01y: z
+
+stream-get / end eos
+x\x02y: z
+
+stream-get / end eos
+x\x03y: z
+
+stream-get / end eos
+x\x04y: z
+
+stream-get / end eos
+x\x05y: z
+
+stream-get / end eos
+x\x06y: z
+
+stream-get / end eos
+x\x07y: z
+
+stream-get / end eos
+x\x08y: z
+
+stream-get / end eos
+x\x09y: z
+
+stream-get / end eos
+x\x0ay: z
+
+stream-get / end eos
+x\x0by: z
+
+stream-get / end eos
+x\x0cy: z
+
+stream-get / end eos
+x\x0dy: z
+
+stream-get / end eos
+x\x0ey: z
+
+stream-get / end eos
+x\x0fy: z
+
+stream-get / end eos
+x\x10y: z
+
+stream-get / end eos
+x\x11y: z
+
+stream-get / end eos
+x\x12y: z
+
+stream-get / end eos
+x\x13y: z
+
+stream-get / end eos
+x\x14y: z
+
+stream-get / end eos
+x\x15y: z
+
+stream-get / end eos
+x\x16y: z
+
+stream-get / end eos
+x\x17y: z
+
+stream-get / end eos
+x\x18y: z
+
+stream-get / end eos
+x\x19y: z
+
+stream-get / end eos
+x\x1ay: z
+
+stream-get / end eos
+x\x1by: z
+
+stream-get / end eos
+x\x1cy: z
+
+stream-get / end eos
+x\x1dy: z
+
+stream-get / end eos
+x\x1ey: z
+
+stream-get / end eos
+x\x1fy: z
+
+stream-get / end eos
+x\x7fy: z
+
+stream-get / end eos
+x: y\x00z
+
+stream-get / end eos
+x: y\nz
+
+stream-get / end eos
+x: y\rz
 
 wait 1ms
 goaway

Modified: httpd/test/mod_h2/trunk/test/go/test_fuzz.sh
URL: http://svn.apache.org/viewvc/httpd/test/mod_h2/trunk/test/go/test_fuzz.sh?rev=1791112&r1=1791111&r2=1791112&view=diff
==============================================================================
--- httpd/test/mod_h2/trunk/test/go/test_fuzz.sh (original)
+++ httpd/test/mod_h2/trunk/test/go/test_fuzz.sh Wed Apr 12 11:57:21 2017
@@ -37,6 +37,20 @@ check_traffic() {
     echo "ok."
 }
 
+check_resp_headers() {
+    local command="$1"; shift
+    echo -n "$*..."
+    rm -rf "$TMP"
+    mkdir -p "$TMP"
+    cat >> "$TMP/expected"
+    $H2FUZZ $HOST < "$command" >"$TMP/log"
+    egrep -e '(<--|:status)' <"$TMP/log" |
+    fgrep -v -e '[FrameHeader SETTINGS' -e '[FrameHeader WINDOW_UPDATE' -e '[FrameHeader
RST_STREAM'  |
+    sed -Ee 's/HEADERS (flags=.+) len=[0-9]+/HEADERS \1 len=XXX/' >"$TMP/traffic"
+    diff -uw "$TMP/expected" "$TMP/traffic" || exit 1 
+    echo "ok."
+}
+
 HOST="$1"
 case "$HOST" in
     "http://"*)
@@ -143,16 +157,52 @@ check_traffic "$TOP"/in-headers-empty.fu
 <--[FrameHeader GOAWAY len=8]
 EOF
 
-check_traffic "$TOP"/in-headers-inv.fuzz "checking invalid HEADERS" <<EOF
-<--[FrameHeader SETTINGS len=6]
-<--[FrameHeader WINDOW_UPDATE len=4]
--->[HEADER stream=1, method=GET, path=/, eoh=true, eos=true]
--->[HEADER stream=3, method=GET, path=/, eoh=true, eos=true]
-<--[FrameHeader RST_STREAM stream=1 len=4]
-<--[FrameHeader RST_STREAM stream=3 len=4]
--->[GOAWAY
+
+# check invalid chars in request headers
+# send streams with control chars in header field name and
+# header value. stream id is:
+# (#char * 4) + 1 for name
+# (#char * 4) + 3 for value test
+( 
+    cat <<EOF
+wait 1ms
+EOF
+    for x in 0 1; do
+        for y in 0 1 2 3 4 5 6 7 8 9 a b c d e f; do
+            cat << EOF
+stream-get / end eos
+x\\x${x}${y}: z
+
+stream-get / end eos
+x: \\x${x}${y}z
+
+EOF
+        done
+    done
+    cat <<EOF
+stream-get / end eos
+x\\x7f: z
+
+stream-get / end eos
+x: y\\x7fz
+
+stream-get / end eos
+x y: z
+
+wait 1ms
+goaway
+wait
+EOF
+) > "$GEN/in.fuzz"
+
+# check that all have no valid answer but stream 39, which 0x09 (HT) in
+# header value fields
+check_resp_headers "$GEN"/in.fuzz "checking invalid HEADERS" <<EOF
+<--[FrameHeader HEADERS flags=END_HEADERS stream=39 len=XXX]
+    :status = "200"
+<--[FrameHeader DATA stream=39 len=1291]
+<--[FrameHeader DATA flags=END_STREAM stream=39 len=714]
 <--[FrameHeader GOAWAY len=8]
 EOF
 
-
 fi



Mime
View raw message