blob: 523feb6a998df986741a51de6a1915ac4863176d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
use strict;
use warnings FATAL => 'all';
use Apache::Test;
use Apache::TestRequest;
use Apache::TestUtil;
use MIME::Base64;
use Data::Dumper;
use HTTP::Response;
use Socket;
plan tests => 1, need_min_apache_version('2.4.42');
my $sock = Apache::TestRequest::vhost_socket("core");
if (!$sock) {
print "# failed to connect\n";
ok(0);
next;
}
my $req = sprintf "GET /CVE-2020-1927/%%0D%%0Ahttp://127.0.0.1/ HTTP/1.1\r\nHost: merge-disabled\r\nConnection: close\r\n\r\n";
print "# SENDING to " . peer($sock) . "\n# $req\n";
$sock->print("$req");
$sock->flush();
sleep(0.1);
$req = escape($req);
print "# SENDING to " . peer($sock) . "\n# $req\n";
my $response_data = "";
my $buf;
while ($sock->read($buf, 10000) > 0) {
$response_data .= $buf;
}
my $response = HTTP::Response->parse($response_data);
if (! defined $response) {
die "HTTP::Response->parse failed";
}
ok t_cmp($response->code, 404, "regex didn't match and redirect");
sub escape
{
my $in = shift;
$in =~ s{\\}{\\\\}g;
$in =~ s{\r}{\\r}g;
$in =~ s{\n}{\\n}g;
$in =~ s{\t}{\\t}g;
$in =~ s{([\x00-\x1f])}{sprintf("\\x%02x", ord($1))}ge;
return $in;
}
sub peer
{
my $sock = shift;
my $hersockaddr = getpeername($sock);
return "<disconnected>" if !$hersockaddr;
my ($port, $iaddr) = sockaddr_in($hersockaddr);
my $herhostname = gethostbyaddr($iaddr, AF_INET);
my $herstraddr = inet_ntoa($iaddr);
return "$herstraddr:$port";
}
|