Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Handle invalid/malformed data from clients in HttpParser #740

Merged
merged 21 commits into from
Nov 18, 2021
Merged

Handle invalid/malformed data from clients in HttpParser #740

Show file tree
Hide file tree
Changes from 16 commits
Commits
Show all changes
21 commits
Select commit Hold shift + click to select a range
8fadf49
add validation in _process_line in parser.py
JerryKwan Nov 15, 2021
604b0c4
quick fail when parsing request
JerryKwan Nov 15, 2021
e362fe8
[pre-commit.ci] auto fixes from pre-commit.com hooks
pre-commit-ci[bot] Nov 15, 2021
6df238c
Merge branch 'develop' into issue127
abhinavsingh Nov 15, 2021
594a3bf
remove unnecessary checks and empty line
JerryKwan Nov 15, 2021
011a1e7
Merge branch 'issue127' of https://github.com/JerryKwan/proxy.py into…
JerryKwan Nov 15, 2021
6598fad
minor fix
JerryKwan Nov 15, 2021
7bd340f
[pre-commit.ci] auto fixes from pre-commit.com hooks
pre-commit-ci[bot] Nov 15, 2021
5ef7e22
solve exception expression conflict
JerryKwan Nov 15, 2021
22ffb9f
Merge branch 'issue127' of https://github.com/JerryKwan/proxy.py into…
JerryKwan Nov 15, 2021
dfcd179
Merge branch 'develop' into issue127
JerryKwan Nov 15, 2021
b00a208
Merge branch 'develop' into issue127
abhinavsingh Nov 15, 2021
c64b41f
use NotImplementedError temporary measure
JerryKwan Nov 16, 2021
eff7f6c
Merge branch 'issue127' of https://github.com/JerryKwan/proxy.py into…
JerryKwan Nov 16, 2021
ad50b5d
Merge branch 'develop' into issue127
JerryKwan Nov 16, 2021
00c8e27
Merge branch 'develop' into issue127
abhinavsingh Nov 18, 2021
96482ed
change exception type in test
JerryKwan Nov 18, 2021
e5da7a4
Merge branch 'issue127' of https://github.com/JerryKwan/proxy.py into…
JerryKwan Nov 18, 2021
127e962
Merge branch 'develop' into issue127
abhinavsingh Nov 18, 2021
27bdcef
remove unnecessary import
JerryKwan Nov 18, 2021
10dcb47
Merge branch 'issue127' of https://github.com/JerryKwan/proxy.py into…
JerryKwan Nov 18, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 15 additions & 5 deletions proxy/http/parser/parser.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,6 @@
from .chunk import ChunkParser, chunkParserStates
from .types import httpParserTypes, httpParserStates


flags.add_argument(
'--enable-proxy-protocol',
action='store_true',
Expand Down Expand Up @@ -301,16 +300,27 @@ def _process_line_and_headers(self, raw: bytes) -> Tuple[bool, bytes]:

def _process_line(self, raw: bytes) -> None:
if self.type == httpParserTypes.REQUEST_PARSER:
# Ref:
# https://datatracker.ietf.org/doc/html/rfc2616#section-5.1
# https://greenbytes.de/tech/webdav/rfc7230.html#request.line
# https://greenbytes.de/tech/webdav/rfc7231.html#methods
# http://www.iana.org/assignments/http-methods/http-methods.xhtml
if self.protocol is not None and self.protocol.version is None:
# We expect to receive entire proxy protocol v1 line
# in one network read and don't expect partial packets
self.protocol.parse(raw)
else:
line = raw.split(WHITESPACE)
self.method = line[0].upper()
self.set_url(line[1])
self.version = line[2]
self.state = httpParserStates.LINE_RCVD
if len(line) == 3:
JerryKwan marked this conversation as resolved.
Show resolved Hide resolved
self.method = line[0].upper()
self.set_url(line[1])
self.version = line[2]
self.state = httpParserStates.LINE_RCVD
else:
# raise exception
# TODO, it would be better to use raise HttpProtocolException,
# but we should solve circular import problem first
raise NotImplementedError('Invalid request line')
else:
line = raw.split(WHITESPACE)
self.version = line[0]
Expand Down
10 changes: 10 additions & 0 deletions tests/http/test_http_parser.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,13 +16,23 @@

from proxy.http import httpStatusCodes, httpMethods
from proxy.http.parser import HttpParser, httpParserTypes, httpParserStates
from proxy.http.exception import HttpProtocolException


class TestHttpParser(unittest.TestCase):

def setUp(self) -> None:
self.parser = HttpParser(httpParserTypes.REQUEST_PARSER)

def test_issue_127(self) -> None:
with self.assertRaises(HttpProtocolException):
self.parser.parse(CRLF)

with self.assertRaises(HttpProtocolException):
JerryKwan marked this conversation as resolved.
Show resolved Hide resolved
raw = b'qwqrqw!@!#@!#ad adfad\r\n'
while True:
abhinavsingh marked this conversation as resolved.
Show resolved Hide resolved
self.parser.parse(raw)

def test_issue_398(self) -> None:
p = HttpParser(httpParserTypes.RESPONSE_PARSER)
p.parse(HTTP_1_0 + b' 200 OK' + CRLF)
Expand Down