jingrow/gunicorn
1
0
Fork 0
mirror of https://github.com/frappe/gunicorn.git synced 2026-01-14 11:09:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

Added extra valid request (099) and test (send_special_chunks).

Browse Source 
``send_special_chunks`` sends the request data in two chunks, one having a length of 1 byte, which ensures there is no CRLF, and a second chunk containing the rest of the request data. Practically, this forces ``gunicorn.http.message.Request.read_line()`` to get the full request data with two buffer reads and reveal possible bugs related to the internal buffer mechanism. See #670 for more information.
This commit is contained in:
George Notaras 2013-12-30 00:14:46 +02:00
parent b9fe01ca2c
commit 2d7eb3dc04
3 changed files with 561 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

268
tests/requests/valid/099.http Normal file
View File

@ -0,0 +1,268 @@
POST /test-form HTTP/1.1\r\n
Host: 0.0.0.0:5000\r\n
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0\r\n
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n
Accept-Language: en-us,en;q=0.7,el;q=0.3\r\n
Accept-Encoding: gzip, deflate\r\n
Cookie: csrftoken=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX; sessionid=YYYYYYYYYYYYYYYYYYYYYYYYYYYY\r\n
Connection: keep-alive\r\n
Content-Type: multipart/form-data; boundary=---------------------------320761477111544\r\n
Content-Length: 17914\r\n
\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="csrfmiddlewaretoken"\r\n
\r\n
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="_save"\r\n
\r\n
Save\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="name"\r\n
\r\n
test.example.org\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="type"\r\n
\r\n
NATIVE\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="master"\r\n
\r\n
\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_dynamiczone_domain-TOTAL_FORMS"\r\n
\r\n
1\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_dynamiczone_domain-INITIAL_FORMS"\r\n
\r\n
1\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_dynamiczone_domain-MAX_NUM_FORMS"\r\n
\r\n
1\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_dynamiczone_domain-0-is_dynamic"\r\n
\r\n
on\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_dynamiczone_domain-0-id"\r\n
\r\n
1\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_dynamiczone_domain-0-domain"\r\n
\r\n
2\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_dynamiczone_domain-__prefix__-id"\r\n
\r\n
\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_dynamiczone_domain-__prefix__-domain"\r\n
\r\n
2\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-TOTAL_FORMS"\r\n
\r\n
1\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-INITIAL_FORMS"\r\n
\r\n
1\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-MAX_NUM_FORMS"\r\n
\r\n
1\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-0-ttl"\r\n
\r\n
3600\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-0-primary"\r\n
\r\n
ns.example.org\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-0-hostmaster"\r\n
\r\n
hostmaster.test.example.org\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-0-serial"\r\n
\r\n
2013121701\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-0-refresh"\r\n
\r\n
10800\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-0-retry"\r\n
\r\n
3600\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-0-expire"\r\n
\r\n
604800\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-0-default_ttl"\r\n
\r\n
3600\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-0-id"\r\n
\r\n
16\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-0-domain"\r\n
\r\n
2\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-ttl"\r\n
\r\n
\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-primary"\r\n
\r\n
\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-hostmaster"\r\n
\r\n
\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-serial"\r\n
\r\n
1\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-refresh"\r\n
\r\n
10800\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-retry"\r\n
\r\n
3600\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-expire"\r\n
\r\n
604800\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-default_ttl"\r\n
\r\n
3600\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-id"\r\n
\r\n
\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-domain"\r\n
\r\n
2\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-2-TOTAL_FORMS"\r\n
\r\n
0\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-2-INITIAL_FORMS"\r\n
\r\n
0\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-2-MAX_NUM_FORMS"\r\n
\r\n
1000\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-2-__prefix__-id"\r\n
\r\n
\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-2-__prefix__-domain"\r\n
\r\n
2\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-2-__prefix__-name"\r\n
\r\n
\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-2-__prefix__-ttl"\r\n
\r\n
\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-2-__prefix__-content"\r\n
\r\n
\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-3-TOTAL_FORMS"\r\n
\r\n
0\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-3-INITIAL_FORMS"\r\n
\r\n
0\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-3-MAX_NUM_FORMS"\r\n
\r\n
1000\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-3-__prefix__-id"\r\n
\r\n
\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-3-__prefix__-domain"\r\n
\r\n
2\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-3-__prefix__-name"\r\n
\r\n
\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-3-__prefix__-ttl"\r\n
\r\n
\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-3-__prefix__-prio"\r\n
\r\n
\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-3-__prefix__-content"\r\n
\r\n
\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-4-TOTAL_FORMS"\r\n
\r\n
0\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-4-INITIAL_FORMS"\r\n
\r\n
0\r\n
---------------------\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-5-TOTAL_FORMS"\r\n
\r\n
0\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-5-INITIAL_FORMS"\r\n
\r\n
0\r\n
---------------------\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-6-TOTAL_FORMS"\r\n
\r\n
0\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-6-INITIAL_FORMS"\r\n
\r\n
0\r\n
---------------------\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-7-TOTAL_FORMS"\r\n
\r\n
0\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-7-INITIAL_FORMS"\r\n
\r\n
0\r\n
---------------------\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-8-TOTAL_FORMS"\r\n
\r\n
0\r\n
-----------------------------320761477111544\r\n
Content-Disposition: form-data; name="foobar_manager_record_domain-8-INITIAL_FORMS"\r\n
\r\n
0\r\n
---------------------\r\n

274
tests/requests/valid/099.py Normal file
View File

@ -0,0 +1,274 @@
request = {
"method": "POST",
"uri": uri("/test-form"),
"version": (1, 1),
"headers": [
("HOST", "0.0.0.0:5000"),
("USER-AGENT", "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0"),
("ACCEPT", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"),
("ACCEPT-LANGUAGE", "en-us,en;q=0.7,el;q=0.3"),
("ACCEPT-ENCODING", "gzip, deflate"),
("COOKIE", "csrftoken=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX; sessionid=YYYYYYYYYYYYYYYYYYYYYYYYYYYY"),
("CONNECTION", "keep-alive"),
("CONTENT-TYPE", "multipart/form-data; boundary=---------------------------320761477111544"),
("CONTENT-LENGTH", "17914"),
],
"body": b"""-----------------------------320761477111544
Content-Disposition: form-data; name="csrfmiddlewaretoken"
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-----------------------------320761477111544
Content-Disposition: form-data; name="_save"
Save
-----------------------------320761477111544
Content-Disposition: form-data; name="name"
test.example.org
-----------------------------320761477111544
Content-Disposition: form-data; name="type"
NATIVE
-----------------------------320761477111544
Content-Disposition: form-data; name="master"
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_dynamiczone_domain-TOTAL_FORMS"
1
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_dynamiczone_domain-INITIAL_FORMS"
1
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_dynamiczone_domain-MAX_NUM_FORMS"
1
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_dynamiczone_domain-0-is_dynamic"
on
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_dynamiczone_domain-0-id"
1
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_dynamiczone_domain-0-domain"
2
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_dynamiczone_domain-__prefix__-id"
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_dynamiczone_domain-__prefix__-domain"
2
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-TOTAL_FORMS"
1
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-INITIAL_FORMS"
1
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-MAX_NUM_FORMS"
1
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-0-ttl"
3600
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-0-primary"
ns.example.org
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-0-hostmaster"
hostmaster.test.example.org
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-0-serial"
2013121701
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-0-refresh"
10800
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-0-retry"
3600
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-0-expire"
604800
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-0-default_ttl"
3600
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-0-id"
16
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-0-domain"
2
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-ttl"
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-primary"
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-hostmaster"
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-serial"
1
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-refresh"
10800
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-retry"
3600
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-expire"
604800
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-default_ttl"
3600
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-id"
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-__prefix__-domain"
2
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-2-TOTAL_FORMS"
0
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-2-INITIAL_FORMS"
0
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-2-MAX_NUM_FORMS"
1000
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-2-__prefix__-id"
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-2-__prefix__-domain"
2
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-2-__prefix__-name"
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-2-__prefix__-ttl"
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-2-__prefix__-content"
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-3-TOTAL_FORMS"
0
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-3-INITIAL_FORMS"
0
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-3-MAX_NUM_FORMS"
1000
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-3-__prefix__-id"
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-3-__prefix__-domain"
2
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-3-__prefix__-name"
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-3-__prefix__-ttl"
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-3-__prefix__-prio"
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-3-__prefix__-content"
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-4-TOTAL_FORMS"
0
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-4-INITIAL_FORMS"
0
---------------------
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-5-TOTAL_FORMS"
0
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-5-INITIAL_FORMS"
0
---------------------
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-6-TOTAL_FORMS"
0
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-6-INITIAL_FORMS"
0
---------------------
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-7-TOTAL_FORMS"
0
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-7-INITIAL_FORMS"
0
---------------------
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-8-TOTAL_FORMS"
0
-----------------------------320761477111544
Content-Disposition: form-data; name="foobar_manager_record_domain-8-INITIAL_FORMS"
0
---------------------
""".decode('utf-8').replace('\n', '\r\n').encode('utf-8'),
}

19
tests/treq.py
View File

@ -90,6 +90,25 @@ class request(object):
yield self.data[read:read+chunk]
read += chunk
def send_special_chunks(self):
"""Meant to test the request line length check.
Sends the request data in two chunks, one having a
length of 1 byte, which ensures that no CRLF is included,
and a second chunk containing the rest of the request data.
If the request line length check is not done properly,
testing the ``tests/requests/valid/099.http`` request
fails with a ``LimitRequestLine`` exception.
"""
chunk = self.data[:1]
read = 0
while read < len(self.data):
yield self.data[read:read+len(chunk)]
read += len(chunk)
chunk = self.data[read:]
# These functions define the sizes that the
# read functions will read with.