# HG changeset patch # User Sergey Kandaurov # Date 1445980306 -10800 # Node ID fc846cf75c345f1732f10bdb7e8abf7fbdb7a2a6 # Parent a764054d457f011482b46536c815b0ecc816173d Tests: added HTTP/2 tests for malformed request body length. diff --git a/h2.t b/h2.t --- a/h2.t +++ b/h2.t @@ -32,7 +32,7 @@ plan(skip_all => 'IO::Socket::SSL too ol my $t = Test::Nginx->new()->has(qw/http http_ssl http_v2 proxy cache/) ->has(qw/limit_conn rewrite realip shmem/) - ->has_daemon('openssl')->plan(282); + ->has_daemon('openssl')->plan(284); # Some systems may have also a bug in not treating zero writev iovcnt as EINVAL @@ -1398,6 +1398,33 @@ is($frame->{headers}->{':status'}, '200' ($frame) = grep { $_->{type} eq "HEADERS" } @$frames; is($frame->{headers}->{'x-body'}, 'TEST', 'request body in multiple frames'); +# malformed request body length not equal to content-length + +$sess = new_session(); +$sid = new_stream($sess, + { path => '/proxy2/t2.html', body => 'TEST', headers => [ + { name => ':method', value => 'GET', mode => 0 }, + { name => ':scheme', value => 'http', mode => 0 }, + { name => ':path', value => '/client_max_body_size', mode => 1 }, + { name => ':authority', value => 'localhost', mode => 1 }, + { name => 'content-length', value => '5', mode => 1 }]}); +$frames = h2_read($sess, all => [{ sid => $sid, fin => 1 }]); + +($frame) = grep { $_->{type} eq "HEADERS" } @$frames; +is($frame->{headers}->{':status'}, 400, 'request body less than content-length'); + +$sid = new_stream($sess, + { path => '/proxy2/t2.html', body => 'TEST', headers => [ + { name => ':method', value => 'GET', mode => 0 }, + { name => ':scheme', value => 'http', mode => 0 }, + { name => ':path', value => '/client_max_body_size', mode => 1 }, + { name => ':authority', value => 'localhost', mode => 1 }, + { name => 'content-length', value => '3', mode => 1 }]}); +$frames = h2_read($sess, all => [{ sid => $sid, fin => 1 }]); + +($frame) = grep { $_->{type} eq "HEADERS" } @$frames; +is($frame->{headers}->{':status'}, 400, 'request body more than content-length'); + # client_max_body_size $sess = new_session();