TestUtil.java

markt Mon, 23 Jun 2014 05:56:23 -0700

Author: markt
Date: Mon Jun 23 12:55:25 2014
New Revision: 1604788

URL: http://svn.apache.org/r1604788
Log:
Strengthen WebSocket extension parameter validation


Modified:
    tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties
    tomcat/trunk/java/org/apache/tomcat/websocket/Util.java
    tomcat/trunk/test/org/apache/tomcat/websocket/TestUtil.java

Modified: tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties?rev=1604788&r1=1604787&r2=1604788&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/websocket/LocalStrings.properties Mon 
Jun 23 12:55:25 2014
@@ -28,6 +28,7 @@ asyncChannelWrapperSecure.wrongStateWrit
 
 backgroundProcessManager.processFailed=A background process failed
 
+util.notToken=An illegal extension parameter was specified with name [{0}] and 
value [{1}]
 util.invalidMessageHandler=The message handler provided does not have an 
onMessage(Object) method
 util.invalidType=Unable to coerce value [{0}] to type [{1}]. That type is not 
supported.
 util.unknownDecoderType=The Decoder type [{0}] is not recognized

Modified: tomcat/trunk/java/org/apache/tomcat/websocket/Util.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/Util.java?rev=1604788&r1=1604787&r2=1604788&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/websocket/Util.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/websocket/Util.java Mon Jun 23 12:55:25 
2014
@@ -478,10 +478,24 @@ public class Util {
                 } else {
                     name = unparsedParameters[i].substring(0, 
equalsPos).trim();
                     value = unparsedParameters[i].substring(equalsPos + 
1).trim();
-                    if (value.length() > 2 && value.charAt(0) == '\"') {
-                        value = value.substring(1, value.length() - 1);
+                    int len = value.length();
+                    if (len > 1) {
+                        if (value.charAt(0) == '\"' && value.charAt(len - 1) 
== '\"') {
+                            value = value.substring(1, value.length() - 1);
+                        }
                     }
                 }
+                // Make sure value doesn't contain any of the delimiters since
+                // that would indicate something went wrong
+                if (containsDelims(name) || containsDelims(value)) {
+                    throw new IllegalArgumentException(sm.getString(
+                            "util.notToken", name, value));
+                }
+                if (value != null &&
+                        (value.indexOf(',') > -1 || value.indexOf(';') > -1 ||
+                        value.indexOf('\"') > -1 || value.indexOf('=') > -1)) {
+                    throw new IllegalArgumentException(sm.getString("", 
value));
+                }
                 extension.addParameter(new WsExtensionParameter(name, value));
             }
             extensions.add(extension);
@@ -489,6 +503,25 @@ public class Util {
     }
 
 
+    private static boolean containsDelims(String input) {
+        if (input == null || input.length() == 0) {
+            return false;
+        }
+        for (char c : input.toCharArray()) {
+            switch (c) {
+                case ',':
+                case ';':
+                case '\"':
+                case '=':
+                    return true;
+                default:
+                    // NO_OP
+            }
+
+        }
+        return false;
+    }
+
     private static Method getOnMessageMethod(MessageHandler listener) {
         try {
             return listener.getClass().getMethod("onMessage", Object.class);

Modified: tomcat/trunk/test/org/apache/tomcat/websocket/TestUtil.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/websocket/TestUtil.java?rev=1604788&r1=1604787&r2=1604788&view=diff
==============================================================================
--- tomcat/trunk/test/org/apache/tomcat/websocket/TestUtil.java (original)
+++ tomcat/trunk/test/org/apache/tomcat/websocket/TestUtil.java Mon Jun 23 
12:55:25 2014
@@ -461,4 +461,13 @@ public class TestUtil {
         Assert.assertEquals(0, params3.size());
     }
 
+    @Test(expected=IllegalArgumentException.class)
+    public void testParseExtensionHeaderInvalid01() {
+        Util.parseExtensionHeader(new ArrayList<Extension>(), "ext;a=\"1;b=2");
+    }
+
+    @Test(expected=IllegalArgumentException.class)
+    public void testParseExtensionHeaderInvalid02() {
+        Util.parseExtensionHeader(new ArrayList<Extension>(), "ext;a=1\";b=2");
+    }
 }



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

svn commit: r1604788 - in /tomcat/trunk: java/org/apache/tomcat/websocket/LocalStrings.properties java/org/apache/tomcat/websocket/Util.java test/org/apache/tomcat/websocket/TestUtil.java

Reply via email to