[mina] branch 2.2.X updated: Adds malformed HTTP request check

Mon, 20 Sep 2021 19:50:54 -0700 

This is an automated email from the ASF dual-hosted git repository.

johnnyv pushed a commit to branch 2.2.X
in repository https://gitbox.apache.org/repos/asf/mina.git


The following commit(s) were added to refs/heads/2.2.X by this push:
     new 27256db  Adds malformed HTTP request check
27256db is described below

commit 27256dbd145bfa6dad5ee43ded20cc1f278b6278
Author: Wim van Ravesteijn <w...@ravesteijn.nl>
AuthorDate: Mon Sep 20 22:50:31 2021 -0400

    Adds malformed HTTP request check
---
 .../apache/mina/http/HttpServerDecoderTest.java    | 23 +++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git 
a/mina-http/src/test/java/org/apache/mina/http/HttpServerDecoderTest.java 
b/mina-http/src/test/java/org/apache/mina/http/HttpServerDecoderTest.java
index c752c61..f840909 100644
--- a/mina-http/src/test/java/org/apache/mina/http/HttpServerDecoderTest.java
+++ b/mina-http/src/test/java/org/apache/mina/http/HttpServerDecoderTest.java
@@ -20,6 +20,7 @@
 package org.apache.mina.http;
 
 import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
 import static org.junit.Assert.assertTrue;
 
 import java.nio.charset.CharacterCodingException;
@@ -28,7 +29,6 @@ import java.nio.charset.CharsetEncoder;
 import java.util.Queue;
 
 import org.apache.mina.core.buffer.IoBuffer;
-import org.apache.mina.core.filterchain.IoFilter.NextFilter;
 import org.apache.mina.core.session.DummySession;
 import org.apache.mina.core.session.IoSession;
 import org.apache.mina.filter.codec.AbstractProtocolDecoderOutput;
@@ -38,6 +38,8 @@ import org.apache.mina.http.api.HttpRequest;
 import org.junit.Test;
 
 public class HttpServerDecoderTest {
+       private static final String DECODER_STATE_ATT = "http.ds";
+
        private static final CharsetEncoder encoder = 
Charset.forName("US-ASCII").newEncoder(); //$NON-NLS-1$
 
        private static final ProtocolDecoder decoder = new HttpServerDecoder();
@@ -306,4 +308,23 @@ public class HttpServerDecoderTest {
                assertEquals("localhost", request.getHeader("host"));
                assertTrue(out.getQueue().poll() instanceof HttpEndOfContent);
        }
+
+       @Test
+       public void dosOnRequestWithAdditionalData() throws Exception {
+               ProtocolDecoderQueue out = new ProtocolDecoderQueue();
+               IoBuffer buffer = IoBuffer.allocate(0).setAutoExpand(true);
+               buffer.putString("GET / HTTP/1.0\r\nHost:localhost  
\r\n\r\ndummy", encoder);
+               buffer.rewind();
+               int prevBufferPosition = buffer.position();
+               while (buffer.hasRemaining()) {
+                       decoder.decode(session, buffer, out);
+                       assertNotEquals("Buffer at new position", 
prevBufferPosition, buffer.position());
+                       prevBufferPosition = buffer.position();
+               }
+               assertEquals(2, out.getQueue().size());
+               HttpRequest request = (HttpRequest) out.getQueue().poll();
+               assertEquals("localhost", request.getHeader("host"));
+               assertTrue(out.getQueue().poll() instanceof HttpEndOfContent);
+               session.removeAttribute(DECODER_STATE_ATT); // This test leaves 
session in HEAD state, crashing following test
+       }
 }

Reply via email to