mirror of
https://github.com/curl/curl.git
synced 2026-05-17 22:06:22 +03:00
d3594be653
This started out as regression tests for the `curl_ws_recv()` and
`curl_ws_send()` implementation and ended up with a bugfix, additional
protocol validation and minor logging improvements.
- Fix reset of fragmented message decoder state when a PING/PONG is
received in between message fragments.
- Fix undefined behavior (applying zero offset to null pointer) in
curl_ws_send() when the given buffer is NULL.
- Detect invalid overlong PING/PONG/CLOSE frames.
- Detect invalid fragmented PING/PONG/CLOSE frames.
- Detect invalid sequences of fragmented frames.
- a) A continuation frame (0x80...) is received without any ongoing
fragmented message.
- b) A new fragmented message is started (0x81/0x01/0x82/0x02...)
before the ongoing fragmented message has terminated.
- Made logs for invalid opcodes easier to understand.
- Moved noisy logs to the `CURL_TRC_WS` log level.
- Unified the prefixes for WebSocket log messages: `[WS] ...`
- Add env var `CURL_WS_FORCE_ZERO_MASK` in debug builds.
- If set, it forces the bit mask applied to outgoing payloads to
0x00000000, which effectively means the payload is not masked at
all. This drastically simplifies defining the expected `<protocol>`
data in test cases.
- 2700: Frame types
- 2701: Invalid opcode 0x3
- 2702: Invalid opcode 0xB
- 2703: Invalid reserved bit RSV1 _(replaces 2310)_
- 2704: Invalid reserved bit RSV2
- 2705: Invalid reserved bit RSV3
- 2706: Invalid masked server message
- 2707: Peculiar frame sizes _(part. replaces 2311)_
- 2708: Automatic PONG
- 2709: No automatic PONG _(replaces 2312)_
- 2710: Unsolicited PONG
- 2711: Empty PING/PONG/CLOSE
- 2712: Max sized PING/PONG/CLOSE
- 2713: Invalid oversized PING _(replaces 2307)_
- 2714: Invalid oversized PONG
- 2715: Invalid oversized CLOSE
- 2716: Invalid fragmented PING
- 2717: Invalid fragmented PONG
- 2718: Invalid fragmented CLOSE
- 2719: Fragmented messages _(part. replaces 2311)_
- 2720: Fragmented messages with empty fragments
- 2721: Fragmented messages with interleaved pong
- 2722: Invalid fragmented message without initial frame
- 2723: Invalid fragmented message without final frame
- 2305: curl_ws_recv() loop reading three larger frames
- This test involuntarily sent an invalid sequence of opcodes (0x01...,0x01...,0x81...) , but neither libcurl nor the test caught this! The correct sequence was tested in 2311 (0x01...,0x00...,0x80...). See below for 2311.
- Validation of the opcode sequence was added to libcurl and is now tested in 2723.
- Superseded by 2719 (fragmented message) and 2707 (large frames).
- 2307: overlong PING payload
- The tested PING payload length check was actually missing, but the test didn't catch this since it involuntarily sent an invalid opcode (0x19... instead of 0x89...) so that the expected error occurred, but for the wrong reason.
- Superseded by 2713.
- 2310: unknown reserved bit set in frame header
- Superseded by 2703 and extended by 2704 and 2705.
- 2311: curl_ws_recv() read fragmented message
- Superseded by 2719 (fragmented message) and 2707 (large frames).
- 2312: WebSockets no auto ping
- Superseded by 2709.
- No tests for `CURLOPT_WRITEFUNCTION`.
- No tests for sending of invalid frames/fragments.
Closes #17136
254 lines
6.2 KiB
C
254 lines
6.2 KiB
C
/***************************************************************************
|
|
* _ _ ____ _
|
|
* Project ___| | | | _ \| |
|
|
* / __| | | | |_) | |
|
|
* | (__| |_| | _ <| |___
|
|
* \___|\___/|_| \_\_____|
|
|
*
|
|
* Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
|
|
*
|
|
* This software is licensed as described in the file COPYING, which
|
|
* you should have received as part of this distribution. The terms
|
|
* are also available at https://curl.se/docs/copyright.html.
|
|
*
|
|
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
|
|
* copies of the Software, and permit persons to whom the Software is
|
|
* furnished to do so, under the terms of the COPYING file.
|
|
*
|
|
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
|
|
* KIND, either express or implied.
|
|
*
|
|
* SPDX-License-Identifier: curl
|
|
*
|
|
***************************************************************************/
|
|
|
|
#include "test.h"
|
|
#include "testtrace.h"
|
|
#include "memdebug.h"
|
|
|
|
#ifndef CURL_DISABLE_WEBSOCKETS
|
|
|
|
static const char *descr_flags(int flags)
|
|
{
|
|
if(flags & CURLWS_TEXT)
|
|
return flags & CURLWS_CONT ? "txt ---" : "txt fin";
|
|
if(flags & CURLWS_BINARY)
|
|
return flags & CURLWS_CONT ? "bin ---" : "bin fin";
|
|
if(flags & CURLWS_PING)
|
|
return "ping";
|
|
if(flags & CURLWS_PONG)
|
|
return "pong";
|
|
if(flags & CURLWS_CLOSE)
|
|
return "close";
|
|
assert(false);
|
|
return "";
|
|
}
|
|
|
|
static CURLcode send_header(CURL *curl, int flags, size_t size)
|
|
{
|
|
CURLcode res = CURLE_OK;
|
|
size_t nsent;
|
|
|
|
retry:
|
|
res = curl_ws_send(curl, NULL, 0, &nsent, (curl_off_t)size,
|
|
flags | CURLWS_OFFSET);
|
|
if(res == CURLE_AGAIN) {
|
|
assert(nsent == 0);
|
|
goto retry;
|
|
}
|
|
if(res) {
|
|
curl_mfprintf(stderr, "%s:%d curl_ws_send() failed with code %d (%s)\n",
|
|
__FILE__, __LINE__, res, curl_easy_strerror(res));
|
|
assert(nsent == 0);
|
|
return res;
|
|
}
|
|
|
|
assert(nsent == 0);
|
|
|
|
return CURLE_OK;
|
|
}
|
|
|
|
static CURLcode recv_header(CURL *curl, int *flags, curl_off_t *offset,
|
|
curl_off_t *bytesleft)
|
|
{
|
|
CURLcode res = CURLE_OK;
|
|
size_t nread;
|
|
const struct curl_ws_frame *meta;
|
|
|
|
*flags = 0;
|
|
*offset = 0;
|
|
*bytesleft = 0;
|
|
|
|
retry:
|
|
res = curl_ws_recv(curl, NULL, 0, &nread, &meta);
|
|
if(res == CURLE_AGAIN) {
|
|
assert(nread == 0);
|
|
goto retry;
|
|
}
|
|
if(res) {
|
|
curl_mfprintf(stderr, "%s:%d curl_ws_recv() failed with code %d (%s)\n",
|
|
__FILE__, __LINE__, res, curl_easy_strerror(res));
|
|
assert(nread == 0);
|
|
return res;
|
|
}
|
|
|
|
assert(nread == 0);
|
|
assert(meta != NULL);
|
|
assert(meta->flags);
|
|
assert(meta->offset == 0);
|
|
|
|
*flags = meta->flags;
|
|
*offset = meta->offset;
|
|
*bytesleft = meta->bytesleft;
|
|
|
|
curl_mfprintf(stdout, "%s [%" FMT_OFF_T "]", descr_flags(meta->flags),
|
|
meta->bytesleft);
|
|
|
|
if(meta->bytesleft > 0)
|
|
curl_mfprintf(stdout, " ");
|
|
|
|
res = send_header(curl, meta->flags, (size_t)meta->bytesleft);
|
|
if(res)
|
|
return res;
|
|
|
|
return CURLE_OK;
|
|
}
|
|
|
|
static CURLcode send_chunk(CURL *curl, int flags, const char *buffer,
|
|
size_t size, size_t *offset)
|
|
{
|
|
CURLcode res = CURLE_OK;
|
|
size_t nsent;
|
|
|
|
retry:
|
|
res = curl_ws_send(curl, buffer + *offset, size - *offset, &nsent, 0,
|
|
flags);
|
|
if(res == CURLE_AGAIN) {
|
|
assert(nsent == 0);
|
|
goto retry;
|
|
}
|
|
if(res) {
|
|
curl_mfprintf(stderr, "%s:%d curl_ws_send() failed with code %d (%s)\n",
|
|
__FILE__, __LINE__, res, curl_easy_strerror(res));
|
|
assert(nsent == 0);
|
|
return res;
|
|
}
|
|
|
|
assert(nsent <= size - *offset);
|
|
|
|
*offset += nsent;
|
|
|
|
return CURLE_OK;
|
|
}
|
|
|
|
static CURLcode recv_chunk(CURL *curl, int flags, curl_off_t *offset,
|
|
curl_off_t *bytesleft)
|
|
{
|
|
CURLcode res = CURLE_OK;
|
|
char buffer[256];
|
|
size_t nread;
|
|
const struct curl_ws_frame *meta;
|
|
size_t sendoffset = 0;
|
|
|
|
retry:
|
|
res = curl_ws_recv(curl, buffer, sizeof(buffer), &nread, &meta);
|
|
if(res == CURLE_AGAIN) {
|
|
assert(nread == 0);
|
|
goto retry;
|
|
}
|
|
if(res) {
|
|
curl_mfprintf(stderr, "%s:%d curl_ws_recv() failed with code %d (%s)\n",
|
|
__FILE__, __LINE__, res, curl_easy_strerror(res));
|
|
assert(nread == 0);
|
|
return res;
|
|
}
|
|
|
|
assert(nread <= sizeof(buffer));
|
|
assert(meta != NULL);
|
|
assert(meta->flags == flags);
|
|
assert(meta->offset == *offset);
|
|
assert(meta->bytesleft == (*bytesleft - (curl_off_t)nread));
|
|
|
|
*offset += nread;
|
|
*bytesleft -= nread;
|
|
|
|
fwrite(buffer, 1, nread, stdout);
|
|
|
|
while(sendoffset < nread) {
|
|
res = send_chunk(curl, flags, buffer, nread, &sendoffset);
|
|
if(res)
|
|
return res;
|
|
}
|
|
|
|
return CURLE_OK;
|
|
}
|
|
|
|
static CURLcode recv_frame(CURL *curl, bool *stop)
|
|
{
|
|
CURLcode res = CURLE_OK;
|
|
int flags = 0;
|
|
curl_off_t offset = 0;
|
|
curl_off_t bytesleft = 0;
|
|
|
|
res = recv_header(curl, &flags, &offset, &bytesleft);
|
|
if(res)
|
|
return res;
|
|
|
|
while(bytesleft > 0) {
|
|
res = recv_chunk(curl, flags, &offset, &bytesleft);
|
|
if(res)
|
|
return res;
|
|
}
|
|
|
|
if(flags & CURLWS_CLOSE)
|
|
*stop = true;
|
|
|
|
curl_mfprintf(stdout, "\n");
|
|
|
|
return res;
|
|
}
|
|
|
|
CURLcode test(char *URL)
|
|
{
|
|
CURLcode res = CURLE_OK;
|
|
bool stop = false;
|
|
CURL *curl;
|
|
|
|
global_init(CURL_GLOBAL_ALL);
|
|
curl_global_trace("ws");
|
|
easy_init(curl);
|
|
|
|
easy_setopt(curl, CURLOPT_URL, URL);
|
|
easy_setopt(curl, CURLOPT_USERAGENT, "client/test2700");
|
|
libtest_debug_config.nohex = 1;
|
|
libtest_debug_config.tracetime = 1;
|
|
easy_setopt(curl, CURLOPT_DEBUGDATA, &libtest_debug_config);
|
|
easy_setopt(curl, CURLOPT_DEBUGFUNCTION, libtest_debug_cb);
|
|
easy_setopt(curl, CURLOPT_VERBOSE, 1L);
|
|
easy_setopt(curl, CURLOPT_CONNECT_ONLY, 2L);
|
|
if(!getenv("LIB2700_AUTO_PONG"))
|
|
easy_setopt(curl, CURLOPT_WS_OPTIONS, (long)CURLWS_NOAUTOPONG);
|
|
|
|
res = curl_easy_perform(curl);
|
|
if(res) {
|
|
curl_mfprintf(stderr,
|
|
"%s:%d curl_easy_perform() failed with code %d (%s)\n",
|
|
__FILE__, __LINE__, res, curl_easy_strerror(res));
|
|
goto test_cleanup;
|
|
}
|
|
|
|
while(!stop) {
|
|
res = recv_frame(curl, &stop);
|
|
if(res)
|
|
goto test_cleanup;
|
|
}
|
|
|
|
test_cleanup:
|
|
curl_easy_cleanup(curl);
|
|
curl_global_cleanup();
|
|
return res;
|
|
}
|
|
|
|
#else
|
|
NO_SUPPORT_BUILT_IN
|
|
#endif
|