Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(50611)

Side by Side Diff: Lib/test/test_xmlrpc.py

Issue 14001: Python v2.7.2 / v3.2.2 (SimpleXMLRPCServer): DoS (excessive CPU usage) by processing malformed XMLRPC / HTTP POST request
Patch Set: Created 7 years, 7 months ago
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | Lib/xmlrpc/server.py » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 import base64 1 import base64
2 import datetime 2 import datetime
3 import sys 3 import sys
4 import time 4 import time
5 import unittest 5 import unittest
6 import xmlrpc.client as xmlrpclib 6 import xmlrpc.client as xmlrpclib
7 import xmlrpc.server 7 import xmlrpc.server
8 import http.client 8 import http.client
9 import socket 9 import socket
10 import os 10 import os
(...skipping 501 matching lines...) Expand 10 before | Expand all | Expand 10 after
512 # start server thread to handle requests 512 # start server thread to handle requests
513 serv_args = (self.evt, self.request_count, self.requestHandler) 513 serv_args = (self.evt, self.request_count, self.requestHandler)
514 threading.Thread(target=self.threadFunc, args=serv_args).start() 514 threading.Thread(target=self.threadFunc, args=serv_args).start()
515 515
516 # wait for the server to be ready 516 # wait for the server to be ready
517 self.evt.wait() 517 self.evt.wait()
518 self.evt.clear() 518 self.evt.clear()
519 519
520 def tearDown(self): 520 def tearDown(self):
521 # wait on the server thread to terminate 521 # wait on the server thread to terminate
522 self.evt.wait(4.0) 522 self.evt.wait()
523 # XXX this code does not work, and in fact stop_serving doesn't exist.
524 if not self.evt.is_set():
525 self.evt.set()
526 stop_serving()
527 raise RuntimeError("timeout reached, test has failed")
528 523
529 # disable traceback reporting 524 # disable traceback reporting
530 xmlrpc.server.SimpleXMLRPCServer._send_traceback_header = False 525 xmlrpc.server.SimpleXMLRPCServer._send_traceback_header = False
531 526
532 class SimpleServerTestCase(BaseServerTestCase): 527 class SimpleServerTestCase(BaseServerTestCase):
533 def test_simple1(self): 528 def test_simple1(self):
534 try: 529 try:
535 p = xmlrpclib.ServerProxy(URL) 530 p = xmlrpclib.ServerProxy(URL)
536 self.assertEqual(p.pow(6,8), 6**8) 531 self.assertEqual(p.pow(6,8), 6**8)
537 except (xmlrpclib.ProtocolError, socket.error) as e: 532 except (xmlrpclib.ProtocolError, socket.error) as e:
(...skipping 125 matching lines...) Expand 10 before | Expand all | Expand 10 after
663 xmlrpc.server.resolve_dotted_attribute, str, '__add') 658 xmlrpc.server.resolve_dotted_attribute, str, '__add')
664 659
665 self.assertTrue(xmlrpc.server.resolve_dotted_attribute(str, 'title')) 660 self.assertTrue(xmlrpc.server.resolve_dotted_attribute(str, 'title'))
666 # Get the test to run faster by sending a request with test_simple1. 661 # Get the test to run faster by sending a request with test_simple1.
667 # This avoids waiting for the socket timeout. 662 # This avoids waiting for the socket timeout.
668 self.test_simple1() 663 self.test_simple1()
669 664
670 def test_unicode_host(self): 665 def test_unicode_host(self):
671 server = xmlrpclib.ServerProxy("http://%s:%d/RPC2" % (ADDR, PORT)) 666 server = xmlrpclib.ServerProxy("http://%s:%d/RPC2" % (ADDR, PORT))
672 self.assertEqual(server.add("a", "\xe9"), "a\xe9") 667 self.assertEqual(server.add("a", "\xe9"), "a\xe9")
668
669 def test_partial_post(self):
670 # Check that a partial POST doesn't make the server loop: issue #14001.
671 conn = http.client.HTTPConnection(ADDR, PORT)
672 conn.request('POST', '/RPC2 HTTP/1.0\r\nContent-Length: 100\r\n\r\nbye')
673 conn.close()
674
673 675
674 class MultiPathServerTestCase(BaseServerTestCase): 676 class MultiPathServerTestCase(BaseServerTestCase):
675 threadFunc = staticmethod(http_multi_server) 677 threadFunc = staticmethod(http_multi_server)
676 request_count = 2 678 request_count = 2
677 def test_path1(self): 679 def test_path1(self):
678 p = xmlrpclib.ServerProxy(URL+"/foo") 680 p = xmlrpclib.ServerProxy(URL+"/foo")
679 self.assertEqual(p.pow(6,8), 6**8) 681 self.assertEqual(p.pow(6,8), 6**8)
680 self.assertRaises(xmlrpclib.Fault, p.add, 6, 8) 682 self.assertRaises(xmlrpclib.Fault, p.add, 6, 8)
681 683
682 def test_path2(self): 684 def test_path2(self):
(...skipping 388 matching lines...) Expand 10 before | Expand all | Expand 10 after
1071 pass #gzip not supported in this build 1073 pass #gzip not supported in this build
1072 xmlrpc_tests.append(MultiPathServerTestCase) 1074 xmlrpc_tests.append(MultiPathServerTestCase)
1073 xmlrpc_tests.append(ServerProxyTestCase) 1075 xmlrpc_tests.append(ServerProxyTestCase)
1074 xmlrpc_tests.append(FailingServerTestCase) 1076 xmlrpc_tests.append(FailingServerTestCase)
1075 xmlrpc_tests.append(CGIHandlerTestCase) 1077 xmlrpc_tests.append(CGIHandlerTestCase)
1076 1078
1077 support.run_unittest(*xmlrpc_tests) 1079 support.run_unittest(*xmlrpc_tests)
1078 1080
1079 if __name__ == "__main__": 1081 if __name__ == "__main__":
1080 test_main() 1082 test_main()
OLDNEW
« no previous file with comments | « no previous file | Lib/xmlrpc/server.py » ('j') | no next file with comments »

RSS Feeds Recent Issues | This issue
This is Rietveld 894c83f36cb7+