Rooba
/
mitmproxy
mirror of https://github.com/mitmproxy/mitmproxy.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Simplify expected_http_body_size signature, fixing a traceback found in fuzzing

This commit is contained in:
Aldo Cortesi 2014-11-07 15:59:00 +13:00
parent ba468f12b8
commit 9ce2f473f6
4 changed files with 23 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
netlib/http.py
View File

@ -406,8 +406,11 @@ def expected_http_body_size(headers, is_request, request_method, response_code):
"""
Returns the expected body length:
- a positive integer, if the size is known in advance
- None, if the size in unknown in advance (chunked encoding)
- None, if the size in unknown in advance (chunked encoding or invalid
data)
- -1, if all data should be read until end of stream.
May raise HttpError.
"""
# Determine response size according to
# http://tools.ietf.org/html/rfc7230#section-3.3
@ -429,10 +432,7 @@ def expected_http_body_size(headers, is_request, request_method, response_code):
raise ValueError()
return size
except ValueError:
raise HttpError(
400 if is_request else 502,
"Invalid content-length header: %s" % headers["content-length"]
)
return None
if is_request:
return 0
return -1

4
netlib/http_auth.py
View File

@ -1,5 +1,4 @@
from __future__ import (absolute_import, print_function, division)
from passlib.apache import HtpasswdFile
from argparse import Action, ArgumentTypeError
from . import http
@ -83,7 +82,8 @@ class PassManHtpasswd:
"""
Raises ValueError if htpasswd file is invalid.
"""
self.htpasswd = HtpasswdFile(path)
import passlib.apache
self.htpasswd = passlib.apache.HtpasswdFile(path)
def test(self, username, password_token):
return bool(self.htpasswd.check_password(username, password_token))

18
netlib/socks.py
View File

@ -53,7 +53,10 @@ def _read(f, n):
if len(d) == n:
return d
else:
raise SocksError(REP.GENERAL_SOCKS_SERVER_FAILURE, "Incomplete Read")
raise SocksError(
REP.GENERAL_SOCKS_SERVER_FAILURE,
"Incomplete Read"
)
except socket.error as e:
raise SocksError(REP.GENERAL_SOCKS_SERVER_FAILURE, str(e))
@ -76,6 +79,7 @@ class ClientGreeting(object):
f.write(struct.pack("!BB", self.ver, len(self.methods)))
f.write(self.methods.tostring())
class ServerGreeting(object):
__slots__ = ("ver", "method")
@ -91,6 +95,7 @@ class ServerGreeting(object):
def to_file(self, f):
f.write(struct.pack("!BB", self.ver, self.method))
class Message(object):
__slots__ = ("ver", "msg", "atyp", "addr")
@ -108,7 +113,8 @@ class Message(object):
"Socks Request: Invalid reserved byte: %s" % rsv)
if atyp == ATYP.IPV4_ADDRESS:
host = socket.inet_ntoa(_read(f, 4)) # We use tnoa here as ntop is not commonly available on Windows.
# We use tnoa here as ntop is not commonly available on Windows.
host = socket.inet_ntoa(_read(f, 4))
use_ipv6 = False
elif atyp == ATYP.IPV6_ADDRESS:
host = socket.inet_ntop(socket.AF_INET6, _read(f, 16))
@ -135,5 +141,9 @@ class Message(object):
f.write(struct.pack("!B", len(self.addr.host)))
f.write(self.addr.host)
else:
raise SocksError(REP.ADDRESS_TYPE_NOT_SUPPORTED, "Unknown ATYP: %s" % self.atyp)
f.write(struct.pack("!H", self.addr.port))
raise SocksError(
REP.ADDRESS_TYPE_NOT_SUPPORTED,
"Unknown ATYP: %s" % self.atyp
)
f.write(struct.pack("!H", self.addr.port))

4
test/test_http.py
View File

@ -119,11 +119,11 @@ def test_expected_http_body_size():
# gibber in the content-length field
h = odict.ODictCaseless()
h["content-length"] = ["foo"]
tutils.raises(http.HttpError, http.expected_http_body_size, h, False, "GET", 200)
assert http.expected_http_body_size(h, False, "GET", 200) is None
# negative number in the content-length field
h = odict.ODictCaseless()
h["content-length"] = ["-7"]
tutils.raises(http.HttpError, http.expected_http_body_size, h, False, "GET", 200)
assert http.expected_http_body_size(h, False, "GET", 200) is None
# explicit length
h = odict.ODictCaseless()
h["content-length"] = ["5"]