Browse Source

Handle HTTP minor versions greater than 9

(In practice they don't exist, but so long as we're making changes for
standards compliance...)

Also add several more unit tests for good and bad URL types.
Nick Mathewson 10 years ago
parent
commit
270b4f030a
2 changed files with 42 additions and 7 deletions
  1. 9 3
      src/or/directory.c
  2. 33 4
      src/test/test_dir.c

+ 9 - 3
src/or/directory.c

@@ -1417,10 +1417,16 @@ parse_http_url(const char *headers, char **url)
   }
 
   /* Check if the header is well formed (next sequence
-  * should be HTTP/1.X\r\n). Assumes we're supporting 1.0? */
+   * should be HTTP/1.X\r\n). Assumes we're supporting 1.0? */
   char *e = (char *)eat_whitespace_no_nl(s);
-  if (strcmpstart(e, "HTTP/1.") || !(*(e+8) == '\r')) {
-   return -1;
+  {
+    unsigned minor_ver;
+    char ch;
+    if (2 != tor_sscanf(e, "HTTP/1.%u%c", &minor_ver, &ch)) {
+      return -1;
+    }
+    if (ch != '\r')
+      return -1;
   }
 
   if (s-start < 5 || strcmpstart(start,"/tor/")) { /* need to rewrite it */

+ 33 - 4
src/test/test_dir.c

@@ -2380,7 +2380,15 @@ test_dir_http_handling(void *args)
   test_streq(url, "/tor/a/b/c.txt");
   tor_free(url);
 
-  /* Should prepends '/tor/' to url if required */
+  test_eq(parse_http_url("GET /tor/a/b/c.txt HTTP/1.0\r\n", &url), 0);
+  test_streq(url, "/tor/a/b/c.txt");
+  tor_free(url);
+
+  test_eq(parse_http_url("GET /tor/a/b/c.txt HTTP/1.600\r\n", &url), 0);
+  test_streq(url, "/tor/a/b/c.txt");
+  tor_free(url);
+
+  /* Should prepend '/tor/' to url if required */
   test_eq(parse_http_url("GET /a/b/c.txt HTTP/1.1\r\n"
                            "Host: example.com\r\n"
                            "User-Agent: Mozilla/5.0 (Windows;"
@@ -2389,6 +2397,14 @@ test_dir_http_handling(void *args)
   test_streq(url, "/tor/a/b/c.txt");
   tor_free(url);
 
+  /* Bad headers -- no HTTP/1.x*/
+  test_eq(parse_http_url("GET /a/b/c.txt\r\n"
+                           "Host: example.com\r\n"
+                           "User-Agent: Mozilla/5.0 (Windows;"
+                           " U; Windows NT 6.1; en-US; rv:1.9.1.5)\r\n",
+                           &url), -1);
+  tt_assert(!url);
+
   /* Bad headers */
   test_eq(parse_http_url("GET /a/b/c.txt\r\n"
                            "Host: example.com\r\n"
@@ -2397,10 +2413,23 @@ test_dir_http_handling(void *args)
                            &url), -1);
   tt_assert(!url);
 
-  /* TODO: more http handling tests */
+  test_eq(parse_http_url("GET /tor/a/b/c.txt", &url), -1);
+  tt_assert(!url);
+
+  test_eq(parse_http_url("GET /tor/a/b/c.txt HTTP/1.1", &url), -1);
+  tt_assert(!url);
+
+  test_eq(parse_http_url("GET /tor/a/b/c.txt HTTP/1.1x\r\n", &url), -1);
+  tt_assert(!url);
+
+  test_eq(parse_http_url("GET /tor/a/b/c.txt HTTP/1.", &url), -1);
+  tt_assert(!url);
+
+  test_eq(parse_http_url("GET /tor/a/b/c.txt HTTP/1.\r", &url), -1);
+  tt_assert(!url);
 
-  done:
-    ;
+ done:
+  tor_free(url);
 }
 
 #define DIR_LEGACY(name)                                                   \