59c9f70c1f
==16414==ERROR: AddressSanitizer: dynamic-stack-buffer-overflow on address 0x7f81f8df5510 at pc 0x0000005eb5a4 bp 0x7f81f8df54b0 sp 0x7f81f8df4c60
READ of size 23 at 0x7f81f8df5510 thread T3 (websrv_poll)
#0 0x5eb5a3 in __interceptor_strlen.part.34 /home/vmiklos/git/libreoffice/lode/packages/llvm-472c6ef8b0f53061b049039f9775ab127beafbe4.src/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:365
#1 0x7f8201d22e47 in std::char_traits<char>::length(char const*) /home/vmiklos/git/libreoffice/lode/packages/gccbuild/x86_64-pc-linux-gnu/libstdc++-v3/include/bits/char_traits.h:320
#2 0x7f8201d22e47 in std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) /home/vmiklos/git/libreoffice/lode/packages/gccbuild/x86_64-pc-linux-gnu/libstdc++-v3/include/bits/basic_string.h:511
#3 0x7f81fcaa59c3 in WopiTestServer::handleHttpRequest(Poco::Net::HTTPRequest const&, Poco::MemoryInputStream&, std::shared_ptr<StreamSocket>&) /home/vmiklos/git/libreoffice/online-san/test/./WopiTestServer.hpp:237:28
Problem was that the test code assumed a 0-terminated buffer, but that
was not the reality. So specify the buffer size explicitly.
Change-Id: I9a9edfe5623a1136aa77c381d1d3d8b8e1ca2258
258 lines
9.2 KiB
C++
258 lines
9.2 KiB
C++
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; fill-column: 100 -*- */
|
|
/*
|
|
* This file is part of the LibreOffice project.
|
|
*
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
*/
|
|
|
|
#include "config.h"
|
|
|
|
#include "helpers.hpp"
|
|
#include "Log.hpp"
|
|
#include "Unit.hpp"
|
|
#include "UnitHTTP.hpp"
|
|
|
|
|
|
#include <Poco/DateTimeFormat.h>
|
|
#include <Poco/DateTimeFormatter.h>
|
|
#include <Poco/JSON/Object.h>
|
|
#include <Poco/MemoryStream.h>
|
|
#include <Poco/Net/HTTPRequest.h>
|
|
#include <Poco/URI.h>
|
|
#include <Poco/Timestamp.h>
|
|
|
|
class WopiTestServer : public UnitWSD
|
|
{
|
|
enum class LOOLStatusCode
|
|
{
|
|
DocChanged = 1010
|
|
};
|
|
|
|
private:
|
|
/// The WOPISrc URL.
|
|
std::string _wopiSrc;
|
|
|
|
/// Websocket to communicate.
|
|
std::unique_ptr<UnitWebSocket> _ws;
|
|
|
|
/// Content of the file.
|
|
std::string _fileContent;
|
|
|
|
/// Last modified time of the file
|
|
Poco::Timestamp _fileLastModifiedTime;
|
|
|
|
protected:
|
|
const std::string& getWopiSrc() const { return _wopiSrc; }
|
|
|
|
const std::unique_ptr<UnitWebSocket>& getWs() const { return _ws; }
|
|
|
|
const std::string& getFileContent() const { return _fileContent; }
|
|
|
|
/// Sets the file content to a given value and update the last file modified time
|
|
void setFileContent(const std::string& fileContent)
|
|
{
|
|
_fileContent = fileContent;
|
|
_fileLastModifiedTime = Poco::Timestamp();
|
|
}
|
|
|
|
const Poco::Timestamp& getFileLastModifiedTime() const { return _fileLastModifiedTime; }
|
|
|
|
public:
|
|
WopiTestServer(std::string fileContent = "Hello, world")
|
|
: _fileContent(std::move(fileContent))
|
|
{
|
|
}
|
|
|
|
void initWebsocket(const std::string& wopiName)
|
|
{
|
|
Poco::URI wopiURL(helpers::getTestServerURI() + wopiName);
|
|
|
|
_wopiSrc = "";
|
|
Poco::URI::encode(wopiURL.toString(), ":/?", _wopiSrc);
|
|
|
|
LOG_INF("Connecting to the fake WOPI server: /lool/" << _wopiSrc << "/ws");
|
|
|
|
_ws.reset(new UnitWebSocket("/lool/" + _wopiSrc + "/ws"));
|
|
assert(_ws.get());
|
|
}
|
|
|
|
virtual void assertCheckFileInfoRequest(const Poco::Net::HTTPRequest& /*request*/)
|
|
{
|
|
}
|
|
|
|
virtual void assertGetFileRequest(const Poco::Net::HTTPRequest& /*request*/)
|
|
{
|
|
}
|
|
|
|
virtual void assertPutFileRequest(const Poco::Net::HTTPRequest& /*request*/)
|
|
{
|
|
}
|
|
|
|
virtual void assertPutRelativeFileRequest(const Poco::Net::HTTPRequest& /*request*/)
|
|
{
|
|
}
|
|
|
|
virtual void assertRenameFileRequest(const Poco::Net::HTTPRequest& /*request*/)
|
|
{
|
|
}
|
|
|
|
protected:
|
|
/// Here we act as a WOPI server, so that we have a server that responds to
|
|
/// the wopi requests without additional expensive setup.
|
|
virtual bool handleHttpRequest(const Poco::Net::HTTPRequest& request, Poco::MemoryInputStream& message, std::shared_ptr<StreamSocket>& socket) override
|
|
{
|
|
Poco::URI uriReq(request.getURI());
|
|
Poco::RegularExpression regInfo("/wopi/files/[0-9]");
|
|
Poco::RegularExpression regContent("/wopi/files/[0-9]/contents");
|
|
LOG_INF("Fake wopi host request: " << uriReq.toString());
|
|
|
|
// CheckFileInfo
|
|
if (request.getMethod() == "GET" && regInfo.match(uriReq.getPath()))
|
|
{
|
|
LOG_INF("Fake wopi host request, handling CheckFileInfo: " << uriReq.getPath());
|
|
|
|
assertCheckFileInfoRequest(request);
|
|
|
|
Poco::LocalDateTime now;
|
|
const std::string fileName(uriReq.getPath() == "/wopi/files/3" ? "he%llo.txt" : "hello.txt");
|
|
Poco::JSON::Object::Ptr fileInfo = new Poco::JSON::Object();
|
|
fileInfo->set("BaseFileName", fileName);
|
|
fileInfo->set("Size", _fileContent.size());
|
|
fileInfo->set("Version", "1.0");
|
|
fileInfo->set("OwnerId", "test");
|
|
fileInfo->set("UserId", "test");
|
|
fileInfo->set("UserFriendlyName", "test");
|
|
fileInfo->set("UserCanWrite", "true");
|
|
fileInfo->set("PostMessageOrigin", "localhost");
|
|
fileInfo->set("LastModifiedTime", Poco::DateTimeFormatter::format(Poco::DateTime(_fileLastModifiedTime), Poco::DateTimeFormat::ISO8601_FRAC_FORMAT));
|
|
fileInfo->set("EnableOwnerTermination", "true");
|
|
|
|
std::ostringstream jsonStream;
|
|
fileInfo->stringify(jsonStream);
|
|
std::string responseString = jsonStream.str();
|
|
|
|
const std::string mimeType = "application/json; charset=utf-8";
|
|
|
|
std::ostringstream oss;
|
|
oss << "HTTP/1.1 200 OK\r\n"
|
|
"Last-Modified: " << Poco::DateTimeFormatter::format(_fileLastModifiedTime, Poco::DateTimeFormat::HTTP_FORMAT) << "\r\n"
|
|
"User-Agent: " WOPI_AGENT_STRING "\r\n"
|
|
"Content-Length: " << responseString.size() << "\r\n"
|
|
"Content-Type: " << mimeType << "\r\n"
|
|
"\r\n"
|
|
<< responseString;
|
|
|
|
socket->send(oss.str());
|
|
socket->shutdown();
|
|
|
|
return true;
|
|
}
|
|
// GetFile
|
|
else if (request.getMethod() == "GET" && regContent.match(uriReq.getPath()))
|
|
{
|
|
LOG_INF("Fake wopi host request, handling GetFile: " << uriReq.getPath());
|
|
|
|
assertGetFileRequest(request);
|
|
|
|
const std::string mimeType = "text/plain; charset=utf-8";
|
|
|
|
std::ostringstream oss;
|
|
oss << "HTTP/1.1 200 OK\r\n"
|
|
"Last-Modified: " << Poco::DateTimeFormatter::format(_fileLastModifiedTime, Poco::DateTimeFormat::HTTP_FORMAT) << "\r\n"
|
|
"User-Agent: " WOPI_AGENT_STRING "\r\n"
|
|
"Content-Length: " << _fileContent.size() << "\r\n"
|
|
"Content-Type: " << mimeType << "\r\n"
|
|
"\r\n"
|
|
<< _fileContent;
|
|
|
|
socket->send(oss.str());
|
|
socket->shutdown();
|
|
|
|
return true;
|
|
}
|
|
else if (request.getMethod() == "POST" && regInfo.match(uriReq.getPath()))
|
|
{
|
|
LOG_INF("Fake wopi host request, handling PutRelativeFile: " << uriReq.getPath());
|
|
std::string wopiURL = helpers::getTestServerURI() + "/something wopi/files/1?access_token=anything";
|
|
std::string content;
|
|
|
|
if(request.get("X-WOPI-Override") == std::string("PUT_RELATIVE"))
|
|
{
|
|
CPPUNIT_ASSERT_EQUAL(std::string("PUT_RELATIVE"), request.get("X-WOPI-Override"));
|
|
assertPutRelativeFileRequest(request);
|
|
content = "{ \"Name\":\"hello world%1.pdf\", \"Url\":\"" + wopiURL + "\" }";
|
|
}
|
|
else
|
|
{
|
|
// rename file; response should be the file name without the url and the extension
|
|
CPPUNIT_ASSERT_EQUAL(std::string("RENAME_FILE"), request.get("X-WOPI-Override"));
|
|
assertRenameFileRequest(request);
|
|
content = "{ \"Name\":\"hello\", \"Url\":\"" + wopiURL + "\" }";
|
|
}
|
|
|
|
std::ostringstream oss;
|
|
oss << "HTTP/1.1 200 OK\r\n"
|
|
"Last-Modified: " << Poco::DateTimeFormatter::format(_fileLastModifiedTime, Poco::DateTimeFormat::HTTP_FORMAT) << "\r\n"
|
|
"User-Agent: " WOPI_AGENT_STRING "\r\n"
|
|
"Content-Length: " << content.size() << "\r\n"
|
|
"Content-Type: application/json\r\n"
|
|
"\r\n"
|
|
<< content;
|
|
|
|
socket->send(oss.str());
|
|
socket->shutdown();
|
|
|
|
return true;
|
|
}
|
|
else if (request.getMethod() == "POST" && regContent.match(uriReq.getPath()))
|
|
{
|
|
LOG_INF("Fake wopi host request, handling PutFile: " << uriReq.getPath());
|
|
|
|
std::string wopiTimestamp = request.get("X-LOOL-WOPI-Timestamp");
|
|
if (!wopiTimestamp.empty())
|
|
{
|
|
|
|
const std::string fileModifiedTime =
|
|
Poco::DateTimeFormatter::format(Poco::DateTime(_fileLastModifiedTime),
|
|
Poco::DateTimeFormat::ISO8601_FRAC_FORMAT);
|
|
if (wopiTimestamp != fileModifiedTime)
|
|
{
|
|
std::ostringstream oss;
|
|
oss << "HTTP/1.1 409 Conflict\r\n"
|
|
"User-Agent: " WOPI_AGENT_STRING "\r\n"
|
|
"\r\n"
|
|
"{\"LOOLStatusCode\":" << static_cast<int>(LOOLStatusCode::DocChanged) << "}";
|
|
|
|
socket->send(oss.str());
|
|
socket->shutdown();
|
|
return true;
|
|
}
|
|
}
|
|
|
|
std::streamsize size = request.getContentLength();
|
|
char buffer[size];
|
|
message.read(buffer, size);
|
|
setFileContent(std::string(buffer, size));
|
|
|
|
assertPutFileRequest(request);
|
|
|
|
std::ostringstream oss;
|
|
oss << "HTTP/1.1 200 OK\r\n"
|
|
"User-Agent: " WOPI_AGENT_STRING "\r\n"
|
|
"\r\n"
|
|
"{\"LastModifiedTime\": \"" << Poco::DateTimeFormatter::format(_fileLastModifiedTime, Poco::DateTimeFormat::ISO8601_FRAC_FORMAT) << "\" }";
|
|
|
|
socket->send(oss.str());
|
|
socket->shutdown();
|
|
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
};
|
|
|
|
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
|