[tor-commits] [tor/master] Test more error cases of our socks code.
nickm at torproject.org
nickm at torproject.org
Wed Sep 27 23:38:03 UTC 2017
commit 57f04a482e8e6ffe2f209cd1e5c732050f534ac4
Author: Nick Mathewson <nickm at torproject.org>
Date: Wed Sep 27 19:37:36 2017 -0400
Test more error cases of our socks code.
Coverage is now respectable. :)
---
src/test/test_socks.c | 127 ++++++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 123 insertions(+), 4 deletions(-)
diff --git a/src/test/test_socks.c b/src/test/test_socks.c
index 331e37845..156845368 100644
--- a/src/test/test_socks.c
+++ b/src/test/test_socks.c
@@ -8,6 +8,7 @@
#include "config.h"
#include "proto_socks.h"
#include "test.h"
+#include "log_test_helpers.h"
typedef struct socks_test_data_t {
socks_request_t *req;
@@ -98,8 +99,7 @@ test_socks_4_supported_commands(void *ptr)
/* SOCKS 4 Send CONNECT [01] to IP address 2.2.2.2:4369 with userid*/
ADD_DATA(buf, "\x04\x01\x11\x12\x02\x02\x02\x04me\x00");
- tt_int_op(fetch_from_buf_socks(buf, socks, get_options()->TestSocks,
- get_options()->SafeSocks),
+ tt_int_op(fetch_from_buf_socks(buf, socks, 1, 0),
OP_EQ, 1);
tt_int_op(4,OP_EQ, socks->socks_version);
tt_int_op(0,OP_EQ, socks->replylen); /* XXX: shouldn't tor reply? */
@@ -116,7 +116,7 @@ test_socks_4_supported_commands(void *ptr)
/* SOCKS 4a Send RESOLVE [F0] request for torproject.org */
ADD_DATA(buf, "\x04\xF0\x01\x01\x00\x00\x00\x02me\x00torproject.org\x00");
- tt_int_op(fetch_from_buf_socks(buf, socks, get_options()->TestSocks,
+ tt_int_op(fetch_from_buf_socks(buf, socks, 1,
get_options()->SafeSocks),
OP_EQ, 1);
tt_int_op(4,OP_EQ, socks->socks_version);
@@ -129,6 +129,83 @@ test_socks_4_supported_commands(void *ptr)
;
}
+static void
+test_socks_4_bad_arguments(void *ptr)
+{
+ SOCKS_TEST_INIT();
+ setup_capture_of_logs(LOG_DEBUG);
+
+ /* Try with 0 IPv4 address */
+ ADD_DATA(buf, "\x04\x01\x00\x50\x00\x00\x00\x00\x00");
+ tt_int_op(fetch_from_buf_socks(buf, socks, get_options()->TestSocks,
+ get_options()->SafeSocks),
+ OP_EQ, -1);
+ buf_clear(buf);
+ expect_log_msg_containing("Port or DestIP is zero.");
+ mock_clean_saved_logs();
+
+ /* Try with 0 port */
+ ADD_DATA(buf, "\x04\x01\x00\x00\x01\x02\x03\x04\x00");
+ tt_int_op(fetch_from_buf_socks(buf, socks, get_options()->TestSocks,
+ get_options()->SafeSocks),
+ OP_EQ, -1);
+ buf_clear(buf);
+ expect_log_msg_containing("Port or DestIP is zero.");
+ mock_clean_saved_logs();
+
+ /* Try with 2000-byte username (!) */
+ ADD_DATA(buf, "\x04\x01\x00\x50\x01\x02\x03\x04");
+ int i;
+ for (i = 0; i < 200; ++i) {
+ ADD_DATA(buf, "1234567890");
+ }
+ ADD_DATA(buf, "\x00");
+ tt_int_op(fetch_from_buf_socks(buf, socks, 1, 0),
+ OP_EQ, -1);
+ buf_clear(buf);
+ expect_log_msg_containing("user name too long; rejecting.");
+ mock_clean_saved_logs();
+
+ /* Try with 2000-byte hostname */
+ ADD_DATA(buf, "\x04\x01\x00\x50\x00\x00\x00\x01\x00");
+ for (i = 0; i < 200; ++i) {
+ ADD_DATA(buf, "1234567890");
+ }
+ ADD_DATA(buf, "\x00");
+ {
+ const char *p;
+ size_t s;
+ buf_pullup(buf, 9999, &p, &s);
+ }
+ tt_int_op(fetch_from_buf_socks(buf, socks, 1, 0),
+ OP_EQ, -1);
+ buf_clear(buf);
+ expect_log_msg_containing("Destaddr too long. Rejecting.");
+ mock_clean_saved_logs();
+
+ /* Try with 2000-byte hostname, not terminated. */
+ ADD_DATA(buf, "\x04\x01\x00\x50\x00\x00\x00\x01\x00");
+ for (i = 0; i < 200; ++i) {
+ ADD_DATA(buf, "1234567890");
+ }
+ tt_int_op(fetch_from_buf_socks(buf, socks, 1, 0),
+ OP_EQ, -1);
+ buf_clear(buf);
+ expect_log_msg_containing("Destaddr too long.");
+ mock_clean_saved_logs();
+
+ /* Socks4, bogus hostname */
+ ADD_DATA(buf, "\x04\x01\x00\x50\x00\x00\x00\x01\x00" "---\x00" );
+ tt_int_op(fetch_from_buf_socks(buf, socks, 1, 0), OP_EQ, -1);
+ buf_clear(buf);
+ expect_log_msg_containing("Your application (using socks4 to port 80) "
+ "gave Tor a malformed hostname: ");
+ mock_clean_saved_logs();
+
+ done:
+ teardown_capture_of_logs();
+}
+
/** Perform unsupported SOCKS 5 commands */
static void
test_socks_5_unsupported_commands(void *ptr)
@@ -225,7 +302,7 @@ test_socks_5_supported_commands(void *ptr)
/* SOCKS 5 Send CONNECT [01] to FQDN torproject.org:4369 */
ADD_DATA(buf, "\x05\x01\x00");
ADD_DATA(buf, "\x05\x01\x00\x03\x0Etorproject.org\x11\x11");
- tt_int_op(fetch_from_buf_socks(buf, socks, get_options()->TestSocks,
+ tt_int_op(fetch_from_buf_socks(buf, socks, 1,
get_options()->SafeSocks),OP_EQ, 1);
tt_int_op(5,OP_EQ, socks->socks_version);
@@ -557,6 +634,25 @@ test_socks_5_malformed_commands(void *ptr)
;
}
+static void
+test_socks_5_bad_arguments(void *ptr)
+{
+ SOCKS_TEST_INIT();
+ setup_capture_of_logs(LOG_DEBUG);
+
+ /* Socks5, bogus hostname */
+ ADD_DATA(buf, "\x05\x01\x00" "\x05\x01\x00\x03\x03" "---" "\x00\x50" );
+ tt_int_op(fetch_from_buf_socks(buf, socks, 1, 0), OP_EQ, -1);
+ buf_clear(buf);
+ expect_log_msg_containing("Your application (using socks5 to port 80) "
+ "gave Tor a malformed hostname: ");
+ mock_clean_saved_logs();
+ socks_request_clear(socks);
+
+ done:
+ teardown_capture_of_logs();
+}
+
/** check for correct behavior when the socks command has not arrived. */
static void
test_socks_truncated(void *ptr)
@@ -656,6 +752,25 @@ test_socks_truncated(void *ptr)
;
}
+static void
+test_socks_wrong_protocol(void *ptr)
+{
+ SOCKS_TEST_INIT();
+ setup_capture_of_logs(LOG_DEBUG);
+
+ /* HTTP request. */
+ ADD_DATA(buf, "GET /index.html HTTP/1.0" );
+ tt_int_op(fetch_from_buf_socks(buf, socks, 1, 0), OP_EQ, -1);
+ buf_clear(buf);
+ expect_log_msg_containing("Socks version 71 not recognized. "
+ "(Tor is not an http proxy.)");
+ mock_clean_saved_logs();
+ socks_request_clear(socks);
+
+ done:
+ teardown_capture_of_logs();
+}
+
/* Check our client-side socks4 parsing (that is to say, our parsing of
* server responses).
*/
@@ -889,6 +1004,7 @@ test_socks_client_truncated(void *arg)
struct testcase_t socks_tests[] = {
SOCKSENT(4_unsupported_commands),
SOCKSENT(4_supported_commands),
+ SOCKSENT(4_bad_arguments),
SOCKSENT(5_unsupported_commands),
SOCKSENT(5_supported_commands),
@@ -899,9 +1015,12 @@ struct testcase_t socks_tests[] = {
SOCKSENT(5_authenticate),
SOCKSENT(5_authenticate_with_data),
SOCKSENT(5_malformed_commands),
+ SOCKSENT(5_bad_arguments),
SOCKSENT(truncated),
+ SOCKSENT(wrong_protocol),
+
{ "client/v4", test_socks_client_v4, TT_FORK, NULL, NULL },
{ "client/v5_auth", test_socks_client_v5_auth, TT_FORK, NULL, NULL },
{ "client/v5_connect", test_socks_client_v5_connect, TT_FORK, NULL, NULL },
More information about the tor-commits
mailing list