summaryrefslogtreecommitdiffstats
path: root/debian/perl-framework/t/security/CVE-2009-1890.t
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 15:01:31 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 15:01:31 +0000
commitc9cf025fadfe043f0f2f679e10d1207d8a158bb6 (patch)
tree3a94effe0bdc0a6814d8134f4ed840d7cc6b6f19 /debian/perl-framework/t/security/CVE-2009-1890.t
parentAdding upstream version 2.4.57. (diff)
downloadapache2-debian/2.4.57-2.tar.xz
apache2-debian/2.4.57-2.zip
Adding debian version 2.4.57-2.debian/2.4.57-2
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/perl-framework/t/security/CVE-2009-1890.t')
-rw-r--r--debian/perl-framework/t/security/CVE-2009-1890.t65
1 files changed, 65 insertions, 0 deletions
diff --git a/debian/perl-framework/t/security/CVE-2009-1890.t b/debian/perl-framework/t/security/CVE-2009-1890.t
new file mode 100644
index 0000000..6ef46b2
--- /dev/null
+++ b/debian/perl-framework/t/security/CVE-2009-1890.t
@@ -0,0 +1,65 @@
+use strict;
+use warnings FATAL => 'all';
+
+use Apache::Test;
+use Apache::TestRequest;
+use Apache::TestUtil;
+
+use IO::Select;
+
+plan tests => 7, need [qw(mod_proxy proxy_http.c)];
+
+my $len = 100000;
+
+my $sock = Apache::TestRequest::vhost_socket('proxy_http_reverse');
+ok $sock && $sock->connected;
+
+my $req =
+ "POST /reverse/modules/cgi/perl_echo.pl HTTP/1.0\r\n".
+ "Content-Length: 0" . $len . "\r\n".
+ "\r\n";
+
+ok $sock->print($req);
+
+my $half_body = 'x' x ($len/2);
+ok $sock->print($half_body);
+sleep(1);
+ok $sock->print($half_body);
+
+my $readable = IO::Select->new($sock)->can_read(10);
+ok $readable, 1, "timeout, server hung";
+if (!$readable) {
+ skip "server hung, not testing further", foreach(1..2);
+ exit(0);
+}
+
+my $line = Apache::TestRequest::getline($sock) || '';
+ok t_cmp($line, qr{^HTTP/1\.. 200}, "request was parsed");
+
+do {
+ $line = Apache::TestRequest::getline($sock) || '';
+ $line = super_chomp($line);
+ print "# header: $line\n";
+} until ($line eq "");
+
+my $buffer;
+while ($len > 0 && $sock->read($buffer, $len)) {
+ print "# got: $buffer\n";
+ $len -= length($buffer);
+ print "# remaining: $len\n";
+}
+
+ok t_cmp($len, 0, "read entire body");
+
+sub super_chomp {
+ my ($body) = shift;
+
+ ## super chomp - all leading and trailing \n (and \r for win32)
+ $body =~ s/^[\n\r]*//;
+ $body =~ s/[\n\r]*$//;
+ ## and all the rest change to spaces
+ $body =~ s/\n/ /g;
+ $body =~ s/\r//g; #rip out all remaining \r's
+
+ $body;
+}