Add validity checks for HTTP datagrams #85

merged 8 commits into from Jan 27, 2017


None yet

2 participants


Added overloads for the CalculateIsValid method in HttpRequestDatagram and HttpResponseDatagram. This allows to check whether a HTTP datagram is actually a valid datagram before parsing it.

According to the RFCs of HTTP/1.0 and 1.1 a HTTP request must contain at least a method, an URI, and the version. So HttpRequestDatagram.CalculateIsValid() returns true if the parsed method, URI, and version are not null (or empty in case of the URI string).

For responses, the RFCs require at least the version, status code, and a reason phrase. Since the reason phrase can be basically any string I excluded it from the validity check and just check the version and status code. So HttpResponseDatagram.CalculateIsValid() returns true if the parsed version and the status code are not null.

This pull request also includes unit tests for the different cases of missing / present values for the mentioned elements.

+ Assert.IsFalse(packet.Ethernet.IpV4.Tcp.Http.IsValid);
+ }
private static void TestHttpRequest(string httpString, string expectedMethodString = null, string expectedUri = null, HttpVersion expectedVersion = null, HttpHeader expectedHeader = null, string expectedBodyString = null)
bricknerb Jan 21, 2017 edited Contributor

Test the new method also in RandomHttpTest

+ /// <summary>
+ /// An HTTP Request is valid if it contains a method, an URI, and a version.
+ /// </summary>
+ protected override bool CalculateIsValid()
bricknerb Jan 21, 2017 Contributor

I suggest creating a separate property for this instead of overriding CalculateIsValid().
The name of the property can be something like "IsValidStart".
The reason is that an HttpDatagram can be the continuation of a previous HttpDatagram and so doesn't have to start with the first line to be valid.

FlorianHockmann Jan 23, 2017 Contributor

You're right. I didn't think of that because I reassemble the TCP datagrams before parsing the application layer.

FlorianHockmann added some commits Jan 23, 2017
@FlorianHockmann FlorianHockmann HTTP validity checks don't override CalculateIsValid()
Instead of overriding CalculateIsValid, a new property IsValidStart is introduced for HTTP datagrams - as proposed by Boaz Brickner.
The validity checks only validate the header of an HTTP datagram. Since a datagram can be transmitted in multiple packets (due to TCP segmentation and IP fragmentation), a HTTP datagram can be valid without having a header at all.
@FlorianHockmann FlorianHockmann Move common behavior up to HttpDatagram
IsValidStart in HttpDatagram now implements the property with the template method pattern. HttpRequestDatagram and HttpResponseDatagram only override CalculateIsValidStart().
@FlorianHockmann FlorianHockmann Add IsValidStart check to RandomHttpTest
RandomHttpTest now checks for all generated HttpDatagrams that contain a header whether IsValidStart is true.

I am not sure if I got the RandomHttpTest right. It now checks that IsValidStart is true for all HttpDatagrams that contain a header. This should be the case at least for all packets generated during this test due to the way the RandomHttpExtensions work.
But I am of course open for any suggestions for a better test.

@@ -50,6 +50,14 @@ public override ILayer ExtractLayer()
+ /// <summary>
+ /// A HTTP response has a valid start if it contains a version and a status code.
bricknerb Jan 27, 2017 Contributor

Replace "A HTTP" with "An HTTP".

+ var packet = BuildPacket("HTTP/1.0 OK \r\n\r\n");
+ Assert.IsFalse(packet.Ethernet.IpV4.Tcp.Http.IsValidStart);
+ }
bricknerb Jan 27, 2017 Contributor

If you only care about IsValidStart in these tests, you could put "IsValidStart" as part of the test names.
Otherwise you could test other properties for these use cases.


Thanks for improving Pcap.Net!
I've added a few final comments you may want to address.

FlorianHockmann added some commits Jan 27, 2017
@FlorianHockmann FlorianHockmann Fix spelling: "A HTTP" -> "An HTTP" cf6c718
@FlorianHockmann FlorianHockmann Rename HTTP IsValidStart tests to be more descriptive
The names of those tests now follow a schema that should be more in line with the other tests in Pcap.Net.

Thank you for creating such a great library!

I fixed the typo and renamed the tests to follow a common schema that is more descriptive and fits in better with the other tests.

@bricknerb bricknerb merged commit 57a21ac into PcapDotNet:master Jan 27, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment