diff options
| author | Marcin Siodelski <marcin@isc.org> | 2016-12-19 12:04:04 +0100 |
|---|---|---|
| committer | Marcin Siodelski <marcin@isc.org> | 2016-12-19 12:04:04 +0100 |
| commit | b5c14dc7fe849edca5aeacd81c7ab75059d35167 (patch) | |
| tree | 5d438130b3c695f34dda9f191622fc53617d4d29 | |
| parent | [5077] Reverted not trivial auto (diff) | |
| download | kea-b5c14dc7fe849edca5aeacd81c7ab75059d35167.tar.xz kea-b5c14dc7fe849edca5aeacd81c7ab75059d35167.zip | |
[5077] Provided unit test for extraneous data in the HTTP request.
| -rw-r--r-- | src/lib/http/request_parser.h | 9 | ||||
| -rw-r--r-- | src/lib/http/tests/request_parser_unittests.cc | 41 |
2 files changed, 49 insertions, 1 deletions
diff --git a/src/lib/http/request_parser.h b/src/lib/http/request_parser.h index c9368fd726..0032657129 100644 --- a/src/lib/http/request_parser.h +++ b/src/lib/http/request_parser.h @@ -76,7 +76,14 @@ public: /// internal buffer. This method returns control to the caller when the parser /// runs out of data in this buffer. The caller must feed the buffer by calling /// @ref HttpRequestParser::postBuffer and then run @ref HttpRequestParser::poll -//// again. +/// again. +/// +/// In case the caller provides more data than indicated by the "Content-Length" +/// header the parser will return from poll() after parsing the data which +/// constitute the HTTP request and not parse the extraneous data. The caller +/// should test the @ref HttpRequestParser::needData and +/// @ref HttpRequestParser::httpParseOk to determine whether parsing has +/// completed. /// /// The @ref util::StateModel::runModel must not be used to run the /// @ref HttpRequestParser state machine, thus it is made private method. diff --git a/src/lib/http/tests/request_parser_unittests.cc b/src/lib/http/tests/request_parser_unittests.cc index 9ae72bcdab..224d8a2d96 100644 --- a/src/lib/http/tests/request_parser_unittests.cc +++ b/src/lib/http/tests/request_parser_unittests.cc @@ -130,6 +130,47 @@ TEST_F(HttpRequestParserTest, postHttpRequestWithJson) { EXPECT_EQ("shutdown", json_element->stringValue()); } +// This test verifies that extranous data in the request will not cause +// an error if "Content-Length" value refers to the length of the valid +// part of the request. +TEST_F(HttpRequestParserTest, extraneousDataInRequest) { + std::string http_req = "POST /foo/bar HTTP/1.0\r\n" + "Content-Type: application/json\r\n"; + std::string json = "{ \"service\": \"dhcp4\", \"command\": \"shutdown\" }"; + + // Create valid request; + http_req = createRequestString(http_req, json); + + // Add some garbage at the end. + http_req += "some stuff which, if parsed, will cause errors"; + + // Create HTTP request which accepts POST method and JSON as a body. + PostHttpRequestJson request; + + // Create a parser and make it use the request we created. + HttpRequestParser parser(request); + ASSERT_NO_THROW(parser.initModel()); + + // Feed the parser with the request containing some garbage at the end. + parser.postBuffer(&http_req[0], http_req.size()); + ASSERT_NO_THROW(parser.poll()); + + // The parser should only parse the valid part of the request as indicated + // by the Content-Length. + ASSERT_FALSE(parser.needData()); + ASSERT_TRUE(parser.httpParseOk()); + // There should be no error message. + EXPECT_TRUE(parser.getErrorMessage().empty()); + + // Do another poll() to see if the parser will parse the garbage. We + // expect that it doesn't. + ASSERT_NO_THROW(parser.poll()); + EXPECT_FALSE(parser.needData()); + EXPECT_TRUE(parser.httpParseOk()); + EXPECT_TRUE(parser.getErrorMessage().empty()); +} + + // This test verifies that LWS is parsed correctly. The LWS marks line breaks // in the HTTP header values. TEST_F(HttpRequestParserTest, getLWS) { |