From a3982364616e25bb9af5c5518f353f1a97a49929 Mon Sep 17 00:00:00 2001 From: markt Date: Sat, 10 Jul 2010 16:14:42 +0000 Subject: [PATCH] Add CVE-2010-2227 test case git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@962871 13f79535-47bb-0310-9956-ffa450edef68 --- .../coyote/http11/TestAbstractHttp11Processor.java | 163 +++++++++++++++++++++ 1 file changed, 163 insertions(+) create mode 100644 test/org/apache/coyote/http11/TestAbstractHttp11Processor.java diff --git a/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java b/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java new file mode 100644 index 000000000..6231fefa4 --- /dev/null +++ b/test/org/apache/coyote/http11/TestAbstractHttp11Processor.java @@ -0,0 +1,163 @@ +package org.apache.coyote.http11; + +import java.io.File; + +import org.apache.catalina.startup.SimpleHttpClient; +import org.apache.catalina.startup.Tomcat; +import org.apache.catalina.startup.TomcatBaseTest; + +public class TestAbstractHttp11Processor extends TomcatBaseTest { + + public void testWithTEVoid() throws Exception { + Tomcat tomcat = getTomcatInstance(); + + // Use the normal Tomcat ROOT context + File root = new File("test/webapp-3.0"); + tomcat.addWebapp("", root.getAbsolutePath()); + + tomcat.start(); + + String request = + "POST /echo-params.jsp HTTP/1.1" + SimpleHttpClient.CRLF + + "Host: any" + SimpleHttpClient.CRLF + + "Transfer-encoding: void" + SimpleHttpClient.CRLF + + "Content-Length: 9" + SimpleHttpClient.CRLF + + "Content-Type: application/x-www-form-urlencoded" + + SimpleHttpClient.CRLF + + SimpleHttpClient.CRLF + + "test=data"; + + Client client = new Client(); + client.setPort(getPort()); + client.setRequest(new String[] {request}); + + client.connect(); + client.processRequest(); + assertTrue(client.isResponse501()); + } + + public void testWithTEBuffered() throws Exception { + Tomcat tomcat = getTomcatInstance(); + + // Use the normal Tomcat ROOT context + File root = new File("test/webapp-3.0"); + tomcat.addWebapp("", root.getAbsolutePath()); + + tomcat.start(); + + String request = + "POST /echo-params.jsp HTTP/1.1" + SimpleHttpClient.CRLF + + "Host: any" + SimpleHttpClient.CRLF + + "Transfer-encoding: buffered" + SimpleHttpClient.CRLF + + "Content-Length: 9" + SimpleHttpClient.CRLF + + "Content-Type: application/x-www-form-urlencoded" + + SimpleHttpClient.CRLF + + SimpleHttpClient.CRLF + + "test=data"; + + Client client = new Client(); + client.setPort(getPort()); + client.setRequest(new String[] {request}); + + client.connect(); + client.processRequest(); + assertTrue(client.isResponse501()); + } + + + public void testWithTEIdentity() throws Exception { + Tomcat tomcat = getTomcatInstance(); + + // Use the normal Tomcat ROOT context + File root = new File("test/webapp-3.0"); + tomcat.addWebapp("", root.getAbsolutePath()); + + tomcat.start(); + + String request = + "POST /echo-params.jsp HTTP/1.1" + SimpleHttpClient.CRLF + + "Host: any" + SimpleHttpClient.CRLF + + "Transfer-encoding: identity" + SimpleHttpClient.CRLF + + "Content-Length: 9" + SimpleHttpClient.CRLF + + "Content-Type: application/x-www-form-urlencoded" + + SimpleHttpClient.CRLF + + "Connection: close" + SimpleHttpClient.CRLF + + SimpleHttpClient.CRLF + + "test=data"; + + Client client = new Client(); + client.setPort(getPort()); + client.setRequest(new String[] {request}); + + client.connect(); + client.processRequest(); + assertTrue(client.isResponse200()); + assertTrue(client.getResponseBody().contains("test - data")); + } + + + public void testWithTESavedRequest() throws Exception { + Tomcat tomcat = getTomcatInstance(); + + // Use the normal Tomcat ROOT context + File root = new File("test/webapp-3.0"); + tomcat.addWebapp("", root.getAbsolutePath()); + + tomcat.start(); + + String request = + "POST /echo-params.jsp HTTP/1.1" + SimpleHttpClient.CRLF + + "Host: any" + SimpleHttpClient.CRLF + + "Transfer-encoding: savedrequest" + SimpleHttpClient.CRLF + + "Content-Length: 9" + SimpleHttpClient.CRLF + + "Content-Type: application/x-www-form-urlencoded" + + SimpleHttpClient.CRLF + + SimpleHttpClient.CRLF + + "test=data"; + + Client client = new Client(); + client.setPort(getPort()); + client.setRequest(new String[] {request}); + + client.connect(); + client.processRequest(); + assertTrue(client.isResponse501()); + } + + + public void testWithTEUnsupported() throws Exception { + Tomcat tomcat = getTomcatInstance(); + + // Use the normal Tomcat ROOT context + File root = new File("test/webapp-3.0"); + tomcat.addWebapp("", root.getAbsolutePath()); + + tomcat.start(); + + String request = + "POST /echo-params.jsp HTTP/1.1" + SimpleHttpClient.CRLF + + "Host: any" + SimpleHttpClient.CRLF + + "Transfer-encoding: unsupported" + SimpleHttpClient.CRLF + + "Content-Length: 9" + SimpleHttpClient.CRLF + + "Content-Type: application/x-www-form-urlencoded" + + SimpleHttpClient.CRLF + + SimpleHttpClient.CRLF + + "test=data"; + + Client client = new Client(); + client.setPort(getPort()); + client.setRequest(new String[] {request}); + + client.connect(); + client.processRequest(); + assertTrue(client.isResponse501()); + } + + + private static final class Client extends SimpleHttpClient { + @Override + public boolean isResponseBodyOK() { + return getResponseBody().contains("test - data"); + } + } +} -- 2.11.0