~ubuntu-branches/ubuntu/precise/apr-util/precise : contents of test/testxml.c at revision 31

~ubuntu-branches/ubuntu/precise/apr-util/precise : (revision 31)

/* Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#include "apr.h"
#include "apr_general.h"
#include "apr_xml.h"
#include "abts.h"
#include "testutil.h"

static apr_status_t create_dummy_file_error(abts_case *tc, apr_pool_t *p,
                                            apr_file_t **fd)
{
    int i;
    apr_status_t rv;
    apr_off_t off = 0L;
    char template[] = "data/testxmldummyerrorXXXXXX";

    rv = apr_file_mktemp(fd, template, APR_CREATE | APR_TRUNCATE | APR_DELONCLOSE |
                         APR_READ | APR_WRITE | APR_EXCL, p);
    ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);

    if (rv != APR_SUCCESS)
        return rv;

    rv = apr_file_puts("<?xml version=\"1.0\" ?>\n<maryx>"
                       "<had a=\"little\"/><lamb/>\n", *fd);
    ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);

    for (i = 0; i < 5000; i++) {
        rv = apr_file_puts("<hmm roast=\"lamb\" "
                           "for=\"dinner\">yummy</hmm>\n", *fd);
        ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
    }

    rv = apr_file_puts("</mary>\n", *fd);
    ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);

    rv = apr_file_seek(*fd, APR_SET, &off);
    ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);

    return rv;
}

static apr_status_t create_dummy_file(abts_case *tc, apr_pool_t *p,
                                      apr_file_t **fd)
{
    int i;
    apr_status_t rv;
    apr_off_t off = 0L;
    char template[] = "data/testxmldummyXXXXXX";

    rv = apr_file_mktemp(fd, template, APR_CREATE | APR_TRUNCATE | APR_DELONCLOSE |
                         APR_READ | APR_WRITE | APR_EXCL, p);
    ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);

    if (rv != APR_SUCCESS)
        return rv;

    rv = apr_file_puts("<?xml version=\"1.0\" ?>\n<mary>\n", *fd);
    ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);

    for (i = 0; i < 5000; i++) {
        rv = apr_file_puts("<hmm roast=\"lamb\" "
                           "for=\"dinner &lt;&gt;&#x3D;\">yummy</hmm>\n", *fd);
        ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
    }

    rv = apr_file_puts("</mary>\n", *fd);
    ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);

    rv = apr_file_seek(*fd, APR_SET, &off);
    ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);

    return rv;
}

static void dump_xml(abts_case *tc, apr_xml_elem *e, int level)
{
    apr_xml_attr *a;
    apr_xml_elem *ec;

    if (level == 0) {
        ABTS_STR_EQUAL(tc, "mary", e->name);
    } else {
        ABTS_STR_EQUAL(tc, "hmm", e->name);
    }

    if (e->attr) {
        a = e->attr;
        ABTS_PTR_NOTNULL(tc, a);
        ABTS_STR_EQUAL(tc, "for", a->name);
        ABTS_STR_EQUAL(tc, "dinner <>=", a->value);
        a = a->next;
        ABTS_PTR_NOTNULL(tc, a);
        ABTS_STR_EQUAL(tc, "roast", a->name);
        ABTS_STR_EQUAL(tc, "lamb", a->value);
    }
    if (e->first_child) {
        ec = e->first_child;
        while (ec) {
            dump_xml(tc, ec, level + 1);
            ec = ec->next;
        }
    }
}

static void test_xml_parser(abts_case *tc, void *data)
{
    apr_file_t *fd;
    apr_xml_parser *parser;
    apr_xml_doc *doc;
    apr_status_t rv;

    rv = create_dummy_file(tc, p, &fd);
    ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);

    if (rv != APR_SUCCESS)
        return;

    rv = apr_xml_parse_file(p, &parser, &doc, fd, 2000);
    ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);

    dump_xml(tc, doc->root, 0);

    rv = apr_file_close(fd);
    ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);

    rv = create_dummy_file_error(tc, p, &fd);
    ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);

    if (rv != APR_SUCCESS)
        return;

    rv = apr_xml_parse_file(p, &parser, &doc, fd, 2000);
    ABTS_TRUE(tc, rv != APR_SUCCESS);
}

static void test_billion_laughs(abts_case *tc, void *data)
{
    apr_file_t *fd;
    apr_xml_parser *parser;
    apr_xml_doc *doc;
    apr_status_t rv;

    rv = apr_file_open(&fd, "data/billion-laughs.xml", 
                       APR_FOPEN_READ, 0, p);
    apr_assert_success(tc, "open billion-laughs.xml", rv);

    /* Don't test for return value; if it returns, chances are the bug
     * is fixed or the machine has insane amounts of RAM. */
    apr_xml_parse_file(p, &parser, &doc, fd, 2000);

    apr_file_close(fd);
}

static void test_CVE_2009_3720_alpha(abts_case *tc, void *data)
{
    apr_xml_parser *xp;
    apr_xml_doc *doc;
    apr_status_t rv;

    xp = apr_xml_parser_create(p);
    
    rv = apr_xml_parser_feed(xp, "\0\r\n", 3);
    if (rv == APR_SUCCESS)
        apr_xml_parser_done(xp, &doc);
}

static void test_CVE_2009_3720_beta(abts_case *tc, void *data)
{
    apr_xml_parser *xp;
    apr_xml_doc *doc;
    apr_status_t rv;

    xp = apr_xml_parser_create(p);
    
    rv = apr_xml_parser_feed(xp, "<?xml version\xc2\x85='1.0'?>\r\n", 25);
    if (rv == APR_SUCCESS)
        apr_xml_parser_done(xp, &doc);
}

abts_suite *testxml(abts_suite *suite)
{
    suite = ADD_SUITE(suite);

    abts_run_test(suite, test_xml_parser, NULL);
    abts_run_test(suite, test_billion_laughs, NULL);
    abts_run_test(suite, test_CVE_2009_3720_alpha, NULL);
    abts_run_test(suite, test_CVE_2009_3720_beta, NULL);

    return suite;
}

1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	1	/* Licensed to the Apache Software Foundation (ASF) under one or more
	2	* contributor license agreements. See the NOTICE file distributed with
	3	* this work for additional information regarding copyright ownership.
	4	* The ASF licenses this file to You under the Apache License, Version 2.0
	5	* (the "License"); you may not use this file except in compliance with
	6	* the License. You may obtain a copy of the License at
1 by Tollef Fog Heen Import upstream version 1.2.7	7	*
	8	* http://www.apache.org/licenses/LICENSE-2.0
	9	*
	10	* Unless required by applicable law or agreed to in writing, software
	11	* distributed under the License is distributed on an "AS IS" BASIS,
	12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	13	* See the License for the specific language governing permissions and
	14	* limitations under the License.
	15	*/
	16
	17	#include "apr.h"
	18	#include "apr_general.h"
	19	#include "apr_xml.h"
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	20	#include "abts.h"
	21	#include "testutil.h"
	22
	23	static apr_status_t create_dummy_file_error(abts_case tc, apr_pool_t p,
	24	apr_file_t **fd)
1 by Tollef Fog Heen Import upstream version 1.2.7	25	{
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	26	int i;
1 by Tollef Fog Heen Import upstream version 1.2.7	27	apr_status_t rv;
1 by Tollef Fog Heen Import upstream version 1.2.7	28	apr_off_t off = 0L;
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	29	char template[] = "data/testxmldummyerrorXXXXXX";
1 by Tollef Fog Heen Import upstream version 1.2.7	30
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	31	rv = apr_file_mktemp(fd, template, APR_CREATE \| APR_TRUNCATE \| APR_DELONCLOSE \|
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	32	APR_READ \| APR_WRITE \| APR_EXCL, p);
0.3.1 by Stefan Fritsch Import upstream version 1.3.2+dfsg	33	ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
1 by Tollef Fog Heen Import upstream version 1.2.7	34
	35	if (rv != APR_SUCCESS)
	36	return rv;
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	37
1 by Tollef Fog Heen Import upstream version 1.2.7	38	rv = apr_file_puts("<?xml version=\"1.0\" ?>\n<maryx>"
0.2.2 by Peter Samuelson Import upstream version 1.3.9+dfsg	39	"<had a=\"little\"/><lamb/>\n", *fd);
0.3.1 by Stefan Fritsch Import upstream version 1.3.2+dfsg	40	ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
1 by Tollef Fog Heen Import upstream version 1.2.7	41
	42	for (i = 0; i < 5000; i++) {
	43	rv = apr_file_puts("<hmm roast=\"lamb\" "
	44	"for=\"dinner\">yummy</hmm>\n", *fd);
0.3.1 by Stefan Fritsch Import upstream version 1.3.2+dfsg	45	ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
1 by Tollef Fog Heen Import upstream version 1.2.7	46	}
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	47
1 by Tollef Fog Heen Import upstream version 1.2.7	48	rv = apr_file_puts("</mary>\n", *fd);
0.3.1 by Stefan Fritsch Import upstream version 1.3.2+dfsg	49	ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	50
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	51	rv = apr_file_seek(*fd, APR_SET, &off);
0.3.1 by Stefan Fritsch Import upstream version 1.3.2+dfsg	52	ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	53
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	54	return rv;
1 by Tollef Fog Heen Import upstream version 1.2.7	55	}
1 by Tollef Fog Heen Import upstream version 1.2.7	56
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	57	static apr_status_t create_dummy_file(abts_case tc, apr_pool_t p,
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	58	apr_file_t **fd)
1 by Tollef Fog Heen Import upstream version 1.2.7	59	{
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	60	int i;
1 by Tollef Fog Heen Import upstream version 1.2.7	61	apr_status_t rv;
1 by Tollef Fog Heen Import upstream version 1.2.7	62	apr_off_t off = 0L;
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	63	char template[] = "data/testxmldummyXXXXXX";
	64
	65	rv = apr_file_mktemp(fd, template, APR_CREATE \| APR_TRUNCATE \| APR_DELONCLOSE \|
	66	APR_READ \| APR_WRITE \| APR_EXCL, p);
0.3.1 by Stefan Fritsch Import upstream version 1.3.2+dfsg	67	ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	68
	69	if (rv != APR_SUCCESS)
	70	return rv;
	71
	72	rv = apr_file_puts("<?xml version=\"1.0\" ?>\n<mary>\n", *fd);
0.3.1 by Stefan Fritsch Import upstream version 1.3.2+dfsg	73	ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
1 by Tollef Fog Heen Import upstream version 1.2.7	74
	75	for (i = 0; i < 5000; i++) {
	76	rv = apr_file_puts("<hmm roast=\"lamb\" "
0.2.2 by Peter Samuelson Import upstream version 1.3.9+dfsg	77	"for=\"dinner <>=\">yummy</hmm>\n", *fd);
0.3.1 by Stefan Fritsch Import upstream version 1.3.2+dfsg	78	ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
1 by Tollef Fog Heen Import upstream version 1.2.7	79	}
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	80
1 by Tollef Fog Heen Import upstream version 1.2.7	81	rv = apr_file_puts("</mary>\n", *fd);
0.3.1 by Stefan Fritsch Import upstream version 1.3.2+dfsg	82	ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
1 by Tollef Fog Heen Import upstream version 1.2.7	83
1 by Tollef Fog Heen Import upstream version 1.2.7	84	rv = apr_file_seek(*fd, APR_SET, &off);
0.3.1 by Stefan Fritsch Import upstream version 1.3.2+dfsg	85	ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	86
1 by Tollef Fog Heen Import upstream version 1.2.7	87	return rv;
	88	}
	89
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	90	static void dump_xml(abts_case tc, apr_xml_elem e, int level)
1 by Tollef Fog Heen Import upstream version 1.2.7	91	{
	92	apr_xml_attr *a;
	93	apr_xml_elem *ec;
	94
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	95	if (level == 0) {
0.3.1 by Stefan Fritsch Import upstream version 1.3.2+dfsg	96	ABTS_STR_EQUAL(tc, "mary", e->name);
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	97	} else {
0.3.1 by Stefan Fritsch Import upstream version 1.3.2+dfsg	98	ABTS_STR_EQUAL(tc, "hmm", e->name);
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	99	}
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	100
1 by Tollef Fog Heen Import upstream version 1.2.7	101	if (e->attr) {
1 by Tollef Fog Heen Import upstream version 1.2.7	102	a = e->attr;
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	103	ABTS_PTR_NOTNULL(tc, a);
0.3.1 by Stefan Fritsch Import upstream version 1.3.2+dfsg	104	ABTS_STR_EQUAL(tc, "for", a->name);
0.2.2 by Peter Samuelson Import upstream version 1.3.9+dfsg	105	ABTS_STR_EQUAL(tc, "dinner <>=", a->value);
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	106	a = a->next;
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	107	ABTS_PTR_NOTNULL(tc, a);
0.3.1 by Stefan Fritsch Import upstream version 1.3.2+dfsg	108	ABTS_STR_EQUAL(tc, "roast", a->name);
0.3.1 by Stefan Fritsch Import upstream version 1.3.2+dfsg	109	ABTS_STR_EQUAL(tc, "lamb", a->value);
1 by Tollef Fog Heen Import upstream version 1.2.7	110	}
	111	if (e->first_child) {
	112	ec = e->first_child;
	113	while (ec) {
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	114	dump_xml(tc, ec, level + 1);
1 by Tollef Fog Heen Import upstream version 1.2.7	115	ec = ec->next;
	116	}
	117	}
	118	}
	119
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	120	static void test_xml_parser(abts_case tc, void data)
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	121	{
1 by Tollef Fog Heen Import upstream version 1.2.7	122	apr_file_t *fd;
	123	apr_xml_parser *parser;
	124	apr_xml_doc *doc;
	125	apr_status_t rv;
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	126
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	127	rv = create_dummy_file(tc, p, &fd);
0.3.1 by Stefan Fritsch Import upstream version 1.3.2+dfsg	128	ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	129
	130	if (rv != APR_SUCCESS)
	131	return;
	132
	133	rv = apr_xml_parse_file(p, &parser, &doc, fd, 2000);
0.3.1 by Stefan Fritsch Import upstream version 1.3.2+dfsg	134	ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	135
	136	dump_xml(tc, doc->root, 0);
	137
	138	rv = apr_file_close(fd);
0.3.1 by Stefan Fritsch Import upstream version 1.3.2+dfsg	139	ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	140
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	141	rv = create_dummy_file_error(tc, p, &fd);
0.3.1 by Stefan Fritsch Import upstream version 1.3.2+dfsg	142	ABTS_INT_EQUAL(tc, APR_SUCCESS, rv);
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	143
	144	if (rv != APR_SUCCESS)
	145	return;
	146
	147	rv = apr_xml_parse_file(p, &parser, &doc, fd, 2000);
	148	ABTS_TRUE(tc, rv != APR_SUCCESS);
	149	}
	150
0.2.2 by Peter Samuelson Import upstream version 1.3.9+dfsg	151	static void test_billion_laughs(abts_case tc, void data)
	152	{
	153	apr_file_t *fd;
	154	apr_xml_parser *parser;
	155	apr_xml_doc *doc;
	156	apr_status_t rv;
	157
	158	rv = apr_file_open(&fd, "data/billion-laughs.xml",
	159	APR_FOPEN_READ, 0, p);
	160	apr_assert_success(tc, "open billion-laughs.xml", rv);
	161
	162	/* Don't test for return value; if it returns, chances are the bug
	163	* is fixed or the machine has insane amounts of RAM. */
	164	apr_xml_parse_file(p, &parser, &doc, fd, 2000);
	165
	166	apr_file_close(fd);
	167	}
	168
0.7.1 by Stefan Fritsch Import upstream version 1.3.10+dfsg	169	static void test_CVE_2009_3720_alpha(abts_case tc, void data)
	170	{
	171	apr_xml_parser *xp;
	172	apr_xml_doc *doc;
	173	apr_status_t rv;
	174
	175	xp = apr_xml_parser_create(p);
	176
	177	rv = apr_xml_parser_feed(xp, "\0\r\n", 3);
	178	if (rv == APR_SUCCESS)
	179	apr_xml_parser_done(xp, &doc);
	180	}
	181
	182	static void test_CVE_2009_3720_beta(abts_case tc, void data)
	183	{
	184	apr_xml_parser *xp;
	185	apr_xml_doc *doc;
	186	apr_status_t rv;
	187
	188	xp = apr_xml_parser_create(p);
	189
	190	rv = apr_xml_parser_feed(xp, "<?xml version\xc2\x85='1.0'?>\r\n", 25);
	191	if (rv == APR_SUCCESS)
	192	apr_xml_parser_done(xp, &doc);
	193	}
	194
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	195	abts_suite testxml(abts_suite suite)
	196	{
	197	suite = ADD_SUITE(suite);
	198
	199	abts_run_test(suite, test_xml_parser, NULL);
0.2.2 by Peter Samuelson Import upstream version 1.3.9+dfsg	200	abts_run_test(suite, test_billion_laughs, NULL);
0.7.1 by Stefan Fritsch Import upstream version 1.3.10+dfsg	201	abts_run_test(suite, test_CVE_2009_3720_alpha, NULL);
0.7.1 by Stefan Fritsch Import upstream version 1.3.10+dfsg	202	abts_run_test(suite, test_CVE_2009_3720_beta, NULL);
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	203
1.1.2 by Stefan Fritsch Import upstream version 1.2.12+dfsg	204	return suite;
1 by Tollef Fog Heen Import upstream version 1.2.7	205	}