diff options
author | Glenn Strauss <gstrauss@gluelogic.com> | 2018-07-23 22:25:23 -0400 |
---|---|---|
committer | Glenn Strauss <gstrauss@gluelogic.com> | 2018-08-12 14:43:22 -0400 |
commit | d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8 (patch) | |
tree | 276985eda6a368b480d0d383dcd2232ffe539458 /tests/request.t | |
parent | 1de1746925813ed2571f862ad81cfc0df2069b37 (diff) | |
download | lighttpd-git-d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8.tar.gz |
[core] security: use-after-free invalid Range req
(thx Marcus Wengelin)
Diffstat (limited to 'tests/request.t')
-rwxr-xr-x | tests/request.t | 22 |
1 files changed, 21 insertions, 1 deletions
diff --git a/tests/request.t b/tests/request.t index a9fe3f6a..c1e8f472 100755 --- a/tests/request.t +++ b/tests/request.t @@ -8,7 +8,7 @@ BEGIN { use strict; use IO::Socket; -use Test::More tests => 50; +use Test::More tests => 52; use LightyTest; my $tf = LightyTest->new(); @@ -392,6 +392,26 @@ $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ]; ok($tf->handle_http($t) == 0, 'GET, Range with range-requests-disabled'); $t->{REQUEST} = ( <<EOF +GET /12345.txt HTTP/1.0 +Host: 123.example.org +Range: 0 +Range: bytes=0-3 +EOF + ); +$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'HTTP-Content' => "12345\n" } ]; +ok($tf->handle_http($t) == 0, 'GET, Range invalid range-unit (first)'); + +$t->{REQUEST} = ( <<EOF +GET /12345.txt HTTP/1.0 +Host: 123.example.org +Range: bytes=0-3 +Range: 0 +EOF + ); +$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 206 } ]; +ok($tf->handle_http($t) == 0, 'GET, Range ignore invalid range (second)'); + +$t->{REQUEST} = ( <<EOF OPTIONS / HTTP/1.0 Content-Length: 4 |