mirror of
https://github.com/Grasscutters/mitmproxy.git
synced 2024-11-21 22:58:24 +00:00
Merge pull request #4810 from mhils/h2-fuzzing
Improve h2 Fuzzing Setup
This commit is contained in:
commit
6be24f452e
@ -32,6 +32,9 @@ class StreamState(Enum):
|
||||
HEADERS_RECEIVED = 2
|
||||
|
||||
|
||||
CATCH_HYPER_H2_ERRORS = (ValueError, IndexError)
|
||||
|
||||
|
||||
class Http2Connection(HttpConnection):
|
||||
h2_conf: ClassVar[h2.config.H2Configuration]
|
||||
h2_conf_defaults = dict(
|
||||
@ -139,7 +142,7 @@ class Http2Connection(HttpConnection):
|
||||
try:
|
||||
try:
|
||||
events = self.h2_conn.receive_data(event.data)
|
||||
except (ValueError, IndexError) as e: # pragma: no cover
|
||||
except CATCH_HYPER_H2_ERRORS as e: # pragma: no cover
|
||||
# this should never raise a ValueError, but we triggered one while fuzzing:
|
||||
# https://github.com/python-hyper/hyper-h2/issues/1231
|
||||
# this stays here as defense-in-depth.
|
||||
|
2
setup.py
2
setup.py
@ -75,7 +75,7 @@ setup(
|
||||
"cryptography>=3.3,<3.5",
|
||||
"flask>=1.1.1,<2.1",
|
||||
"h11>=0.11,<0.13",
|
||||
"h2>=4.0,<5",
|
||||
"h2>=4.1,<5",
|
||||
"hyperframe>=6.0,<7",
|
||||
"kaitaistruct>=0.7,<0.10",
|
||||
"ldap3>=2.8,<2.10",
|
||||
|
@ -19,10 +19,22 @@ from test.mitmproxy.proxy.layers.http.hyper_h2_test_helpers import FrameFactory
|
||||
from test.mitmproxy.proxy.layers.http.test_http2 import make_h2, example_response_headers, example_request_headers, \
|
||||
start_h2_client
|
||||
from test.mitmproxy.proxy.tutils import Placeholder, Playbook, reply, _TracebackInPlaybook, _eq
|
||||
from mitmproxy.proxy.layers.http import _http2
|
||||
|
||||
opts = options.Options()
|
||||
Proxyserver().load(opts)
|
||||
|
||||
|
||||
@pytest.fixture(scope="module", autouse=True)
|
||||
def disable_h2_error_catching():
|
||||
errs = _http2.CATCH_HYPER_H2_ERRORS
|
||||
_http2.CATCH_HYPER_H2_ERRORS = ()
|
||||
try:
|
||||
yield None
|
||||
finally:
|
||||
_http2.CATCH_HYPER_H2_ERRORS = errs
|
||||
|
||||
|
||||
request_lines = sampled_from([
|
||||
b"GET / HTTP/1.1",
|
||||
b"GET http://example.com/ HTTP/1.1",
|
||||
@ -269,6 +281,7 @@ def _h2_response(chunks):
|
||||
@example([b'\x00\x00\x00\x01\x04\x00\x00\x00\x01'])
|
||||
@example([b'\x00\x00\x07\x05\x04\x00\x00\x00\x01\x00\x00\x00\x02\x84\x86\x82'])
|
||||
@example([b'\x00\x00\x06\x014\x00\x01\x00\x00\x00\x00\x01@\x80\x81c\x86\x82'])
|
||||
@example([b'\x00\x00\x06\x01\x04\x00\x00\x00\x01@\x80\x81c\x86\x82'])
|
||||
def test_fuzz_h2_response_chunks(chunks):
|
||||
_h2_response(chunks)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user