'svn commit: r233494 - in /httpd/test/trunk/perl-framework/t:'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apache-test-cvs
Subject:    svn commit: r233494 - in /httpd/test/trunk/perl-framework/t:
From:       jorton () apache ! org
Date:       2005-08-19 16:01:03
Message-ID: 20050819160104.21923.qmail () minotaur ! apache ! org
[Download RAW message or body]

Author: jorton
Date: Fri Aug 19 09:00:56 2005
New Revision: 233494

URL: http://svn.apache.org/viewcvs?rev=233494&view=rev
Log:
Add test case for CAN-2005-2491, PCRE integer overflow in
quantifier parsing.

Added:
    httpd/test/trunk/perl-framework/t/htdocs/security/CAN-2005-2491/
    httpd/test/trunk/perl-framework/t/htdocs/security/CAN-2005-2491/one/
    httpd/test/trunk/perl-framework/t/htdocs/security/CAN-2005-2491/one/.htaccess
    httpd/test/trunk/perl-framework/t/htdocs/security/CAN-2005-2491/two/
    httpd/test/trunk/perl-framework/t/htdocs/security/CAN-2005-2491/two/.htaccess
    httpd/test/trunk/perl-framework/t/security/CAN-2005-2491.t

Added: httpd/test/trunk/perl-framework/t/htdocs/security/CAN-2005-2491/one/.htaccess
URL: http://svn.apache.org/viewcvs/httpd/test/trunk/perl-framework/t/htdocs/security/CAN-2005-2491/one/.htaccess?rev=233494&view=auto
 ==============================================================================
--- httpd/test/trunk/perl-framework/t/htdocs/security/CAN-2005-2491/one/.htaccess \
                (added)
+++ httpd/test/trunk/perl-framework/t/htdocs/security/CAN-2005-2491/one/.htaccess Fri \
Aug 19 09:00:56 2005 @@ -0,0 +1 @@
+RewriteRule a{111111111111111111} /index.html

Added: httpd/test/trunk/perl-framework/t/htdocs/security/CAN-2005-2491/two/.htaccess
URL: http://svn.apache.org/viewcvs/httpd/test/trunk/perl-framework/t/htdocs/security/CAN-2005-2491/two/.htaccess?rev=233494&view=auto
 ==============================================================================
--- httpd/test/trunk/perl-framework/t/htdocs/security/CAN-2005-2491/two/.htaccess \
                (added)
+++ httpd/test/trunk/perl-framework/t/htdocs/security/CAN-2005-2491/two/.htaccess Fri \
Aug 19 09:00:56 2005 @@ -0,0 +1 @@
+RewriteRule a{1,11111111111111111111} /index.html

Added: httpd/test/trunk/perl-framework/t/security/CAN-2005-2491.t
URL: http://svn.apache.org/viewcvs/httpd/test/trunk/perl-framework/t/security/CAN-2005-2491.t?rev=233494&view=auto
 ==============================================================================
--- httpd/test/trunk/perl-framework/t/security/CAN-2005-2491.t (added)
+++ httpd/test/trunk/perl-framework/t/security/CAN-2005-2491.t Fri Aug 19 09:00:56 \
2005 @@ -0,0 +1,21 @@
+use strict;
+use warnings FATAL => 'all';
+
+use Apache::Test;
+use Apache::TestUtil;
+use Apache::TestRequest;
+
+plan tests => 2 * 2;
+
+foreach my $dir ("one/", "two/") {
+    my $r = GET("/security/CAN-2005-2491/" . $dir);
+
+    # LWP will generate the annoying fake-500 response if the server
+    # segfaults before generating its own 500 response; check
+    # the response message explicitly to rule that out.
+
+    ok t_cmp($r->message, 'Internal Server Error',
+             'check that server did not segfault');
+
+    ok t_cmp($r->code, 500, "check for 500 response error");
+}


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic