From 9ce2f473f6febf3738dca77b20ab9a7d3092d3d0 Mon Sep 17 00:00:00 2001
From: Aldo Cortesi <aldo@nullcube.com>
Date: Fri, 7 Nov 2014 15:59:00 +1300
Subject: [PATCH] Simplify expected_http_body_size signature, fixing a
 traceback found in fuzzing

---
 netlib/http.py      | 10 +++++-----
 netlib/http_auth.py |  4 ++--
 netlib/socks.py     | 18 ++++++++++++++----
 test/test_http.py   |  4 ++--
 4 files changed, 23 insertions(+), 13 deletions(-)

diff --git a/netlib/http.py b/netlib/http.py
index 9268418cf..d2fc6343f 100644
--- a/netlib/http.py
+++ b/netlib/http.py
@@ -406,8 +406,11 @@ def expected_http_body_size(headers, is_request, request_method, response_code):
     """
         Returns the expected body length:
          - a positive integer, if the size is known in advance
-         - None, if the size in unknown in advance (chunked encoding)
+         - None, if the size in unknown in advance (chunked encoding or invalid
+         data)
          - -1, if all data should be read until end of stream.
+
+        May raise HttpError.
     """
     # Determine response size according to
     # http://tools.ietf.org/html/rfc7230#section-3.3
@@ -429,10 +432,7 @@ def expected_http_body_size(headers, is_request, request_method, response_code):
                 raise ValueError()
             return size
         except ValueError:
-            raise HttpError(
-                400 if is_request else 502,
-                "Invalid content-length header: %s" % headers["content-length"]
-            )
+            return None
     if is_request:
         return 0
     return -1
diff --git a/netlib/http_auth.py b/netlib/http_auth.py
index 49f5925f3..dca6e2f36 100644
--- a/netlib/http_auth.py
+++ b/netlib/http_auth.py
@@ -1,5 +1,4 @@
 from __future__ import (absolute_import, print_function, division)
-from passlib.apache import HtpasswdFile
 from argparse import Action, ArgumentTypeError
 from . import http
 
@@ -83,7 +82,8 @@ class PassManHtpasswd:
         """
             Raises ValueError if htpasswd file is invalid.
         """
-        self.htpasswd = HtpasswdFile(path)
+        import passlib.apache
+        self.htpasswd = passlib.apache.HtpasswdFile(path)
 
     def test(self, username, password_token):
         return bool(self.htpasswd.check_password(username, password_token))
diff --git a/netlib/socks.py b/netlib/socks.py
index 5b05b3977..a3c4e9a23 100644
--- a/netlib/socks.py
+++ b/netlib/socks.py
@@ -53,7 +53,10 @@ def _read(f, n):
         if len(d) == n:
             return d
         else:
-            raise SocksError(REP.GENERAL_SOCKS_SERVER_FAILURE, "Incomplete Read")
+            raise SocksError(
+                REP.GENERAL_SOCKS_SERVER_FAILURE,
+                "Incomplete Read"
+            )
     except socket.error as e:
         raise SocksError(REP.GENERAL_SOCKS_SERVER_FAILURE, str(e))
 
@@ -76,6 +79,7 @@ class ClientGreeting(object):
         f.write(struct.pack("!BB", self.ver, len(self.methods)))
         f.write(self.methods.tostring())
 
+
 class ServerGreeting(object):
     __slots__ = ("ver", "method")
 
@@ -91,6 +95,7 @@ class ServerGreeting(object):
     def to_file(self, f):
         f.write(struct.pack("!BB", self.ver, self.method))
 
+
 class Message(object):
     __slots__ = ("ver", "msg", "atyp", "addr")
 
@@ -108,7 +113,8 @@ class Message(object):
                              "Socks Request: Invalid reserved byte: %s" % rsv)
 
         if atyp == ATYP.IPV4_ADDRESS:
-            host = socket.inet_ntoa(_read(f, 4))  # We use tnoa here as ntop is not commonly available on Windows.
+            # We use tnoa here as ntop is not commonly available on Windows.
+            host = socket.inet_ntoa(_read(f, 4))
             use_ipv6 = False
         elif atyp == ATYP.IPV6_ADDRESS:
             host = socket.inet_ntop(socket.AF_INET6, _read(f, 16))
@@ -135,5 +141,9 @@ class Message(object):
             f.write(struct.pack("!B", len(self.addr.host)))
             f.write(self.addr.host)
         else:
-            raise SocksError(REP.ADDRESS_TYPE_NOT_SUPPORTED, "Unknown ATYP: %s" % self.atyp)
-        f.write(struct.pack("!H", self.addr.port))
\ No newline at end of file
+            raise SocksError(
+                REP.ADDRESS_TYPE_NOT_SUPPORTED,
+                "Unknown ATYP: %s" % self.atyp
+            )
+        f.write(struct.pack("!H", self.addr.port))
+
diff --git a/test/test_http.py b/test/test_http.py
index 497e80e20..e3e92a1e1 100644
--- a/test/test_http.py
+++ b/test/test_http.py
@@ -119,11 +119,11 @@ def test_expected_http_body_size():
     # gibber in the content-length field
     h = odict.ODictCaseless()
     h["content-length"] = ["foo"]
-    tutils.raises(http.HttpError, http.expected_http_body_size, h, False, "GET", 200)
+    assert http.expected_http_body_size(h, False, "GET", 200) is None
     # negative number in the content-length field
     h = odict.ODictCaseless()
     h["content-length"] = ["-7"]
-    tutils.raises(http.HttpError, http.expected_http_body_size, h, False, "GET", 200)
+    assert http.expected_http_body_size(h, False, "GET", 200) is None
     # explicit length
     h = odict.ODictCaseless()
     h["content-length"] = ["5"]