Permalink
Browse files

Fuzzing, and fixes for errors found with fuzzing.

  • Loading branch information...
1 parent 8216801 commit cde66cd58470cd68a76a9d8b1022a45e99a5cd8d @cortesi committed Mar 3, 2013
Showing with 33 additions and 10 deletions.
  1. +2 −1 libmproxy/proxy.py
  2. +13 −2 test/fuzzing/go_proxy
  3. +5 −6 test/test_dump.py
  4. +12 −0 test/test_fuzzing.py
  5. +1 −1 test/test_server.py
View
3 libmproxy/proxy.py
@@ -237,6 +237,8 @@ def handle_request(self, cc):
continue
else:
raise
+ except http.HttpError, v:
+ raise ProxyError(502, "Invalid server response.")
else:
break
@@ -278,7 +280,6 @@ def handle_request(self, cc):
)
else:
self.log(cc, cc.error)
-
if isinstance(e, ProxyError):
self.send_error(e.code, e.msg, e.headers)
else:
View
15 test/fuzzing/go_proxy
@@ -3,7 +3,18 @@
# mitmproxy/mitmdump is running on port 8080 in straight proxy mode.
# pathod is running on port 9999
-BASE="/Users/aldo/git/public/pathod/venv/bin/pathoc -eo -I 200,400,405,502 -p 8080 localhost "
-$BASE -n 10000 "get:'http://localhost:9999':ir,@1"
+BASE_HTTP="/Users/aldo/git/public/pathod/pathoc -Tt 1 -eo -I 200,400,405,502 -p 8080 localhost "
+#$BASE_HTTP -n 10000 "get:'http://localhost:9999':ir,@1"
+#$BASE_HTTP -n 100 "get:'http://localhost:9999':dr"
+#$BASE_HTTP -n 10000 "get:'http://localhost:9999/p/200:ir,@300.0
+# Assuming:
+# mitmproxy/mitmdump is running on port 8080 in straight proxy mode.
+# pathod with SSL enabled is running on port 9999
+
+BASE_HTTPS="/Users/aldo/git/public/pathod/pathoc -sc localhost:9999 -Tt 1 -eo -I 200,400,404,405,502,800 -p 8080 localhost "
+$BASE_HTTPS -en 10000 "get:/p/200:ir,@1"
+#$BASE_HTTP -n 100 "get:/p/'200:dr'"
+#$BASE_HTTPS -n 10000 "get:'/p/200:ir,@3000'"
+#$BASE_HTTPS -n 10000 "get:'/p/200:ir,\"\ \n \"'"
View
11 test/test_dump.py
@@ -1,6 +1,5 @@
import os
from cStringIO import StringIO
-import libpry
from libmproxy import dump, flow, proxy
import tutils
import mock
@@ -65,7 +64,7 @@ def test_replay(self):
cs = StringIO()
o = dump.Options(server_replay="nonexistent", kill=True)
- libpry.raises(dump.DumpError, dump.DumpMaster, None, o, None, outfile=cs)
+ tutils.raises(dump.DumpError, dump.DumpMaster, None, o, None, outfile=cs)
with tutils.tmpdir() as t:
p = os.path.join(t, "rep")
@@ -90,7 +89,7 @@ def test_read(self):
self._flowfile(p)
assert "GET" in self._dummy_cycle(0, None, "", verbosity=1, rfile=p)
- libpry.raises(
+ tutils.raises(
dump.DumpError, self._dummy_cycle,
0, None, "", verbosity=1, rfile="/nonexistent"
)
@@ -130,7 +129,7 @@ def test_write(self):
assert len(list(flow.FlowReader(open(p)).stream())) == 1
def test_write_err(self):
- libpry.raises(
+ tutils.raises(
dump.DumpError,
self._dummy_cycle,
1,
@@ -148,11 +147,11 @@ def test_script(self):
assert "XREQUEST" in ret
assert "XRESPONSE" in ret
assert "XCLIENTDISCONNECT" in ret
- libpry.raises(
+ tutils.raises(
dump.DumpError,
self._dummy_cycle, 1, None, "", script="nonexistent"
)
- libpry.raises(
+ tutils.raises(
dump.DumpError,
self._dummy_cycle, 1, None, "", script="starterr.py"
)
View
12 test/test_fuzzing.py
@@ -25,3 +25,15 @@ def test_invalid_ipv6_url(self):
req = 'get:"http://localhost:%s":i13,"["'
p = self.pathoc()
assert p.request(req%self.server.port).status_code == 400
+
+ def test_invalid_upstream(self):
+ req = r"get:'http://localhost:%s/p/200:i10,\'+\''"
+ p = self.pathoc()
+ assert p.request(req%self.server.port).status_code == 502
+
+ def test_upstream_disconnect(self):
+ req = r'200:d0:h"Date"="Sun, 03 Mar 2013 04:00:00 GMT"'
+ p = self.pathod(req)
+ assert p.status_code == 400
+
+
View
2 test/test_server.py
@@ -185,7 +185,7 @@ class TestHTTPSNoUpstream(tservers.HTTPProxTest, CommonMixin):
no_upstream_cert = True
def test_cert_gen_error(self):
f = self.pathoc_raw()
- f.connect((u"\u2102\u0001".encode("utf8"), 0))
+ f.connect((u"foo..bar".encode("utf8"), 0))
f.request("get:/")
assert "dummy cert" in "".join(self.proxy.log)

0 comments on commit cde66cd

Please sign in to comment.