62b174c1a2
- FIX: Correct JSON string length parameters for query field (8→9) - FIX: Add null-termination after buffer reallocation in dynbuf_append - CHANGE: Remove unparsed_uri, fragment, and content_length fields - TEST: Update unit tests to match dynbuf_append fix Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
1143 lines
37 KiB
C
1143 lines
37 KiB
C
/*
|
|
* test_module_real.c - Real unit tests for mod_reqin_log module
|
|
*
|
|
* These tests compile with the actual module source code to test
|
|
* real implementations, not mocks.
|
|
*/
|
|
|
|
#include <stdarg.h>
|
|
#include <stddef.h>
|
|
#include <setjmp.h>
|
|
#include <cmocka.h>
|
|
#include <string.h>
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <limits.h>
|
|
#include <errno.h>
|
|
#include <apr_pools.h>
|
|
#include <apr_strings.h>
|
|
#include <apr_time.h>
|
|
#include <apr_lib.h>
|
|
#include <apr_tables.h>
|
|
|
|
/* Maximum JSON log line size (64KB) - must match module definition */
|
|
#define MAX_JSON_SIZE (64 * 1024)
|
|
|
|
/* Include the module source to test real functions */
|
|
/* We need to extract and test specific functions */
|
|
|
|
/* ============================================================================
|
|
* Forward declarations for functions under test
|
|
* (These match the implementations in mod_reqin_log.c)
|
|
* ============================================================================ */
|
|
|
|
/* Dynamic string buffer */
|
|
typedef struct {
|
|
char *data;
|
|
apr_size_t len;
|
|
apr_size_t capacity;
|
|
apr_pool_t *pool;
|
|
} dynbuf_t;
|
|
|
|
/* Module configuration structure */
|
|
typedef struct {
|
|
int enabled;
|
|
const char *socket_path;
|
|
apr_array_header_t *headers;
|
|
int max_headers;
|
|
int max_header_value_len;
|
|
int reconnect_interval;
|
|
int error_report_interval;
|
|
} reqin_log_config_t;
|
|
|
|
/* Function signatures for testing */
|
|
static void dynbuf_init(dynbuf_t *db, apr_pool_t *pool, apr_size_t initial_capacity);
|
|
static void dynbuf_append(dynbuf_t *db, const char *str, apr_size_t len);
|
|
static void dynbuf_append_char(dynbuf_t *db, char c);
|
|
static void append_json_string(dynbuf_t *db, const char *str);
|
|
static void format_iso8601(dynbuf_t *db, apr_time_t t);
|
|
static int parse_int_strict(const char *arg, int *out);
|
|
static int is_sensitive_header(const char *name);
|
|
static char *truncate_header_value(apr_pool_t *pool, const char *value, int max_len);
|
|
|
|
/* ============================================================================
|
|
* dynbuf functions (copied from module for testing)
|
|
* ============================================================================ */
|
|
|
|
static void dynbuf_init(dynbuf_t *db, apr_pool_t *pool, apr_size_t initial_capacity)
|
|
{
|
|
db->pool = pool;
|
|
db->capacity = initial_capacity;
|
|
db->len = 0;
|
|
db->data = apr_palloc(pool, initial_capacity);
|
|
db->data[0] = '\0';
|
|
}
|
|
|
|
static void dynbuf_append(dynbuf_t *db, const char *str, apr_size_t len)
|
|
{
|
|
if (str == NULL) return;
|
|
|
|
if (len == (apr_size_t)-1) {
|
|
len = strlen(str);
|
|
}
|
|
|
|
if (db->len + len >= db->capacity) {
|
|
apr_size_t new_capacity = (db->len + len + 1) * 2;
|
|
char *new_data = apr_palloc(db->pool, new_capacity);
|
|
memcpy(new_data, db->data, db->len);
|
|
new_data[db->len] = '\0';
|
|
db->data = new_data;
|
|
db->capacity = new_capacity;
|
|
}
|
|
|
|
memcpy(db->data + db->len, str, len);
|
|
db->len += len;
|
|
db->data[db->len] = '\0';
|
|
}
|
|
|
|
static void dynbuf_append_char(dynbuf_t *db, char c)
|
|
{
|
|
if (db->len + 1 >= db->capacity) {
|
|
apr_size_t new_capacity = db->capacity * 2;
|
|
char *new_data = apr_palloc(db->pool, new_capacity);
|
|
memcpy(new_data, db->data, db->len);
|
|
db->data = new_data;
|
|
db->capacity = new_capacity;
|
|
}
|
|
db->data[db->len++] = c;
|
|
db->data[db->len] = '\0';
|
|
}
|
|
|
|
/* ============================================================================
|
|
* JSON escaping function (real implementation from module)
|
|
* ============================================================================ */
|
|
|
|
static void append_json_string(dynbuf_t *db, const char *str)
|
|
{
|
|
if (str == NULL) {
|
|
return;
|
|
}
|
|
|
|
for (const char *p = str; *p; p++) {
|
|
char c = *p;
|
|
switch (c) {
|
|
case '"': dynbuf_append(db, "\\\"", 2); break;
|
|
case '\\': dynbuf_append(db, "\\\\", 2); break;
|
|
case '\b': dynbuf_append(db, "\\b", 2); break;
|
|
case '\f': dynbuf_append(db, "\\f", 2); break;
|
|
case '\n': dynbuf_append(db, "\\n", 2); break;
|
|
case '\r': dynbuf_append(db, "\\r", 2); break;
|
|
case '\t': dynbuf_append(db, "\\t", 2); break;
|
|
default:
|
|
if ((unsigned char)c < 0x20) {
|
|
char unicode[8];
|
|
snprintf(unicode, sizeof(unicode), "\\u%04x", (unsigned char)c);
|
|
dynbuf_append(db, unicode, -1);
|
|
} else {
|
|
dynbuf_append_char(db, c);
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
/* ============================================================================
|
|
* ISO8601 formatting function (real implementation from module)
|
|
* ============================================================================ */
|
|
|
|
static void format_iso8601(dynbuf_t *db, apr_time_t t)
|
|
{
|
|
apr_time_exp_t tm;
|
|
apr_time_exp_gmt(&tm, t);
|
|
|
|
/* Validate time components to prevent buffer overflow and invalid output.
|
|
* apr_time_exp_gmt should always produce valid values, but we validate
|
|
* defensively to catch any APR bugs or memory corruption. */
|
|
int year = tm.tm_year + 1900;
|
|
int mon = tm.tm_mon + 1;
|
|
int day = tm.tm_mday;
|
|
int hour = tm.tm_hour;
|
|
int min = tm.tm_min;
|
|
int sec = tm.tm_sec;
|
|
|
|
/* Clamp values to valid ranges to ensure fixed-width output (20 chars + null) */
|
|
if (year < 0) year = 0;
|
|
if (year > 9999) year = 9999;
|
|
if (mon < 1) mon = 1;
|
|
if (mon > 12) mon = 12;
|
|
if (day < 1) day = 1;
|
|
if (day > 31) day = 31;
|
|
if (hour < 0) hour = 0;
|
|
if (hour > 23) hour = 23;
|
|
if (min < 0) min = 0;
|
|
if (min > 59) min = 59;
|
|
if (sec < 0) sec = 0;
|
|
if (sec > 61) sec = 61;
|
|
|
|
char time_str[32];
|
|
snprintf(time_str, sizeof(time_str), "%04d-%02d-%02dT%02d:%02d:%02dZ",
|
|
year, mon, day, hour, min, sec);
|
|
dynbuf_append(db, time_str, -1);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Header truncation function (real logic from module)
|
|
* ============================================================================ */
|
|
|
|
static char *truncate_header_value(apr_pool_t *pool, const char *value, int max_len)
|
|
{
|
|
if (value == NULL) {
|
|
return NULL;
|
|
}
|
|
|
|
size_t len = strlen(value);
|
|
if ((int)len > max_len) {
|
|
return apr_pstrmemdup(pool, value, max_len);
|
|
}
|
|
return apr_pstrdup(pool, value);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Sensitive header detection (real logic from module)
|
|
* ============================================================================ */
|
|
|
|
static const char *DEFAULT_SENSITIVE_HEADERS[] = {
|
|
"Authorization",
|
|
"Cookie",
|
|
"Set-Cookie",
|
|
"X-Api-Key",
|
|
"X-Auth-Token",
|
|
"Proxy-Authorization",
|
|
"WWW-Authenticate",
|
|
NULL
|
|
};
|
|
|
|
static int is_sensitive_header(const char *name)
|
|
{
|
|
if (name == NULL) {
|
|
return 0;
|
|
}
|
|
|
|
for (int i = 0; DEFAULT_SENSITIVE_HEADERS[i] != NULL; i++) {
|
|
if (strcasecmp(name, DEFAULT_SENSITIVE_HEADERS[i]) == 0) {
|
|
return 1;
|
|
}
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Strict integer parsing (real logic from module)
|
|
* ============================================================================ */
|
|
|
|
static int parse_int_strict(const char *arg, int *out)
|
|
{
|
|
char *end = NULL;
|
|
long v;
|
|
if (arg == NULL || *arg == '\0' || out == NULL) return -1;
|
|
|
|
/* Reject leading whitespace (strtol skips it by default) */
|
|
if (apr_isspace(*arg)) return -1;
|
|
|
|
errno = 0;
|
|
v = strtol(arg, &end, 10);
|
|
if (errno != 0 || end == arg || *end != '\0' || v < INT_MIN || v > INT_MAX) return -1;
|
|
*out = (int)v;
|
|
return 0;
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test setup and teardown
|
|
* ============================================================================ */
|
|
|
|
static int setup(void **state)
|
|
{
|
|
apr_initialize();
|
|
return 0;
|
|
}
|
|
|
|
static int teardown(void **state)
|
|
{
|
|
apr_terminate();
|
|
return 0;
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: dynbuf initialization
|
|
* ============================================================================ */
|
|
static void test_dynbuf_init(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 64);
|
|
|
|
assert_non_null(db.data);
|
|
assert_int_equal(db.len, 0);
|
|
assert_int_equal(db.capacity, 64);
|
|
assert_string_equal(db.data, "");
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: dynbuf append basic
|
|
* ============================================================================ */
|
|
static void test_dynbuf_append_basic(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 64);
|
|
|
|
dynbuf_append(&db, "hello", 5);
|
|
assert_string_equal(db.data, "hello");
|
|
assert_int_equal(db.len, 5);
|
|
|
|
dynbuf_append(&db, " world", 6);
|
|
assert_string_equal(db.data, "hello world");
|
|
assert_int_equal(db.len, 11);
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: dynbuf append with resize
|
|
* ============================================================================ */
|
|
static void test_dynbuf_append_resize(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 16);
|
|
|
|
/* Append enough to trigger resize */
|
|
dynbuf_append(&db, "12345678901234567890", 20);
|
|
assert_int_equal(db.len, 20);
|
|
assert_true(db.capacity > 16);
|
|
assert_string_equal(db.data, "12345678901234567890");
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: JSON escape empty string
|
|
* ============================================================================ */
|
|
static void test_json_escape_empty(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 64);
|
|
|
|
append_json_string(&db, "");
|
|
assert_string_equal(db.data, "");
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: JSON escape NULL string
|
|
* ============================================================================ */
|
|
static void test_json_escape_null(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 64);
|
|
|
|
append_json_string(&db, NULL);
|
|
assert_string_equal(db.data, "");
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: JSON escape simple string
|
|
* ============================================================================ */
|
|
static void test_json_escape_simple(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 64);
|
|
|
|
append_json_string(&db, "hello world");
|
|
assert_string_equal(db.data, "hello world");
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: JSON escape quotes
|
|
* ============================================================================ */
|
|
static void test_json_escape_quotes(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 64);
|
|
|
|
append_json_string(&db, "say \"hello\"");
|
|
assert_string_equal(db.data, "say \\\"hello\\\"");
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: JSON escape backslashes
|
|
* ============================================================================ */
|
|
static void test_json_escape_backslash(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 64);
|
|
|
|
append_json_string(&db, "path\\to\\file");
|
|
assert_string_equal(db.data, "path\\\\to\\\\file");
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: JSON escape newlines and tabs
|
|
* ============================================================================ */
|
|
static void test_json_escape_newline_tab(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 64);
|
|
|
|
append_json_string(&db, "line1\nline2\ttab");
|
|
assert_string_equal(db.data, "line1\\nline2\\ttab");
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: JSON escape control characters
|
|
* ============================================================================ */
|
|
static void test_json_escape_control_char(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 64);
|
|
|
|
append_json_string(&db, "test\bell");
|
|
/* Bell character (0x07) should be escaped - check for unicode escape or other */
|
|
/* The function should handle control characters (< 0x20) with unicode escape */
|
|
assert_true(db.len > 4); /* Output should be longer than input due to escaping */
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: JSON escape complex user agent
|
|
* ============================================================================ */
|
|
static void test_json_escape_user_agent(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 512);
|
|
|
|
const char *ua = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) \"Test\"";
|
|
append_json_string(&db, ua);
|
|
|
|
assert_true(strstr(db.data, "\\\"Test\\\"") != NULL);
|
|
assert_true(strstr(db.data, "Mozilla/5.0") != NULL);
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: ISO8601 format
|
|
* ============================================================================ */
|
|
static void test_iso8601_format(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 64);
|
|
|
|
/* Use a fixed time: 2026-02-26 12:00:00 UTC */
|
|
apr_time_t test_time = apr_time_from_sec(1772107200);
|
|
format_iso8601(&db, test_time);
|
|
|
|
/* Should produce: 2026-02-26T12:00:00Z */
|
|
assert_string_equal(db.data, "2026-02-26T12:00:00Z");
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: Header truncation within limit
|
|
* ============================================================================ */
|
|
static void test_header_truncation_within(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
const char *value = "short value";
|
|
char *result = truncate_header_value(pool, value, 256);
|
|
|
|
assert_string_equal(result, "short value");
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: Header truncation exceeds limit
|
|
* ============================================================================ */
|
|
static void test_header_truncation_exceeds(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
const char *value = "this is a very long header value that should be truncated";
|
|
char *result = truncate_header_value(pool, value, 15);
|
|
|
|
assert_string_equal(result, "this is a very ");
|
|
assert_int_equal(strlen(result), 15);
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: Header truncation NULL value
|
|
* ============================================================================ */
|
|
static void test_header_truncation_null(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
char *result = truncate_header_value(pool, NULL, 256);
|
|
|
|
assert_null(result);
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: Header truncation empty value
|
|
* ============================================================================ */
|
|
static void test_header_truncation_empty(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
const char *value = "";
|
|
char *result = truncate_header_value(pool, value, 256);
|
|
|
|
assert_string_equal(result, "");
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: Full JSON log line structure
|
|
* ============================================================================ */
|
|
static void test_full_json_line(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 1024);
|
|
|
|
/* Build a minimal JSON log entry */
|
|
dynbuf_append(&db, "{", 1);
|
|
dynbuf_append(&db, "\"time\":\"", 8);
|
|
apr_time_t now = apr_time_from_sec(1772107200);
|
|
format_iso8601(&db, now);
|
|
dynbuf_append(&db, "\",", 2);
|
|
|
|
dynbuf_append(&db, "\"timestamp\":1772107200000000000,", -1);
|
|
dynbuf_append(&db, "\"src_ip\":\"192.0.2.10\",", -1);
|
|
dynbuf_append(&db, "\"src_port\":45678,", -1);
|
|
dynbuf_append(&db, "\"dst_ip\":\"198.51.100.5\",", -1);
|
|
dynbuf_append(&db, "\"dst_port\":443,", -1);
|
|
dynbuf_append(&db, "\"method\":\"GET\",", -1);
|
|
dynbuf_append(&db, "\"path\":\"/api/test\",", -1);
|
|
dynbuf_append(&db, "\"host\":\"example.com\",", -1);
|
|
dynbuf_append(&db, "\"http_version\":\"HTTP/1.1\"", -1);
|
|
dynbuf_append(&db, ",\"header_X-Request-Id\":\"abc-123\"", -1);
|
|
dynbuf_append(&db, "}\n", 2);
|
|
|
|
/* Verify it's valid JSON-like structure */
|
|
assert_true(db.data[0] == '{');
|
|
assert_true(db.data[db.len - 2] == '}');
|
|
assert_true(db.data[db.len - 1] == '\n');
|
|
|
|
/* Verify key fields are present */
|
|
assert_true(strstr(db.data, "\"time\":") != NULL);
|
|
assert_true(strstr(db.data, "\"method\":\"GET\"") != NULL);
|
|
assert_true(strstr(db.data, "\"path\":\"/api/test\"") != NULL);
|
|
assert_true(strstr(db.data, "\"header_X-Request-Id\":\"abc-123\"") != NULL);
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: JSON escape combined special characters
|
|
* ============================================================================ */
|
|
static void test_json_escape_combined_special(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 64);
|
|
|
|
/* String with multiple special chars */
|
|
append_json_string(&db, "line1\nline2\t\"quoted\"\\backslash");
|
|
|
|
assert_true(strstr(db.data, "\\n") != NULL);
|
|
assert_true(strstr(db.data, "\\t") != NULL);
|
|
assert_true(strstr(db.data, "\\\"") != NULL);
|
|
assert_true(strstr(db.data, "\\\\") != NULL);
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: Header value with JSON special chars gets escaped
|
|
* ============================================================================ */
|
|
static void test_header_value_json_escape(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 256);
|
|
|
|
const char *header_value = "test\"value\\with\tspecial";
|
|
|
|
/* Simulate what the module does */
|
|
dynbuf_append(&db, "\"header_Test\":\"", -1);
|
|
append_json_string(&db, header_value);
|
|
dynbuf_append(&db, "\"", 1);
|
|
|
|
/* Should have escaped quotes and backslashes */
|
|
assert_true(strstr(db.data, "\\\"") != NULL);
|
|
assert_true(strstr(db.data, "\\\\") != NULL);
|
|
assert_true(strstr(db.data, "\\t") != NULL);
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: ISO8601 format with year 0 (edge case)
|
|
* ============================================================================ */
|
|
static void test_iso8601_format_year_zero(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 64);
|
|
|
|
/* Use time that would result in year 0 or negative after conversion */
|
|
/* This tests the clamping logic */
|
|
apr_time_t test_time = apr_time_from_sec(0);
|
|
format_iso8601(&db, test_time);
|
|
|
|
/* Should produce valid ISO8601 with clamped values */
|
|
assert_int_equal(strlen(db.data), 20);
|
|
assert_true(strstr(db.data, "Z") != NULL);
|
|
assert_true(db.data[4] == '-');
|
|
assert_true(db.data[7] == '-');
|
|
assert_true(db.data[10] == 'T');
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: ISO8601 format with very large timestamp (overflow test)
|
|
* ============================================================================ */
|
|
static void test_iso8601_format_large_timestamp(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 64);
|
|
|
|
/* Use maximum reasonable apr_time_t value */
|
|
/* This tests that large timestamps don't cause buffer overflow */
|
|
apr_time_t test_time = apr_time_from_sec(253402300799ULL); /* Year 9999 */
|
|
format_iso8601(&db, test_time);
|
|
|
|
/* Should produce valid ISO8601 with year 9999 or clamped */
|
|
assert_int_equal(strlen(db.data), 20);
|
|
assert_true(strstr(db.data, "Z") != NULL);
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: ISO8601 format output length is always fixed
|
|
* ============================================================================ */
|
|
static void test_iso8601_format_fixed_length(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 64);
|
|
|
|
/* Test various timestamps */
|
|
apr_time_t times[] = {
|
|
apr_time_from_sec(0),
|
|
apr_time_from_sec(946684800), /* 2000-01-01 */
|
|
apr_time_from_sec(1772107200), /* 2026-02-26 */
|
|
apr_time_from_sec(253402300799ULL) /* Year 9999 */
|
|
};
|
|
|
|
for (size_t i = 0; i < sizeof(times) / sizeof(times[0]); i++) {
|
|
db.len = 0;
|
|
db.data[0] = '\0';
|
|
format_iso8601(&db, times[i]);
|
|
|
|
/* ISO8601 format is always 20 characters: YYYY-MM-DDTHH:MM:SSZ */
|
|
assert_int_equal(strlen(db.data), 20);
|
|
}
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: Timestamp calculation does not overflow
|
|
* ============================================================================ */
|
|
static void test_timestamp_no_overflow(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
/* Test that converting apr_time_t (microseconds) to nanoseconds
|
|
* doesn't overflow for reasonable timestamps */
|
|
|
|
/* Current time in microseconds */
|
|
apr_time_t now = apr_time_now();
|
|
|
|
/* Convert to nanoseconds (same as module does) */
|
|
apr_uint64_t ns = ((apr_uint64_t)now) * APR_UINT64_C(1000);
|
|
|
|
/* Should be a large but valid number */
|
|
assert_true(ns > 0);
|
|
|
|
/* Should be less than maximum apr_uint64_t */
|
|
/* Current time ~1.7e9 seconds * 1e9 = 1.7e18 nanoseconds */
|
|
/* APR_UINT64_MAX is ~1.8e19, so we have plenty of headroom */
|
|
assert_true(ns < APR_UINT64_MAX);
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: JSON size limit enforcement (64KB)
|
|
* ============================================================================ */
|
|
static void test_json_size_limit(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 4096);
|
|
|
|
/* Build JSON up to the limit */
|
|
dynbuf_append(&db, "{", 1);
|
|
|
|
/* Add a large header value to approach the limit */
|
|
dynbuf_append(&db, "\"header_Test\":\"", -1);
|
|
|
|
/* Add data up to just under the limit */
|
|
size_t target_size = MAX_JSON_SIZE - 100;
|
|
char *large_data = apr_palloc(pool, target_size);
|
|
memset(large_data, 'A', target_size - 1);
|
|
large_data[target_size - 1] = '\0';
|
|
|
|
append_json_string(&db, large_data);
|
|
dynbuf_append(&db, "\"}", -1);
|
|
|
|
/* Should have built the JSON without crash */
|
|
assert_true(db.data[0] == '{');
|
|
|
|
/* Check that we can detect when limit is exceeded */
|
|
if (db.len >= MAX_JSON_SIZE) {
|
|
/* Size limit reached - this is expected for large data */
|
|
/* In real module this would be logged via ap_log_error */
|
|
}
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: JSON size limit - buffer check before headers
|
|
* ============================================================================ */
|
|
static void test_json_size_limit_before_headers(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, MAX_JSON_SIZE + 1024);
|
|
|
|
/* Build base JSON fields */
|
|
dynbuf_append(&db, "{\"time\":\"", -1);
|
|
format_iso8601(&db, apr_time_now());
|
|
dynbuf_append(&db, "\",\"timestamp\":", -1);
|
|
|
|
/* Add a very large timestamp field */
|
|
char ts_buf[64];
|
|
snprintf(ts_buf, sizeof(ts_buf), "%" APR_UINT64_T_FMT,
|
|
((apr_uint64_t)apr_time_now()) * APR_UINT64_C(1000));
|
|
dynbuf_append(&db, ts_buf, -1);
|
|
|
|
dynbuf_append(&db, ",\"src_ip\":\"", -1);
|
|
|
|
/* Add large IP-like string */
|
|
char *large_ip = apr_palloc(pool, MAX_JSON_SIZE - 200);
|
|
memset(large_ip, '1', MAX_JSON_SIZE - 201);
|
|
large_ip[MAX_JSON_SIZE - 201] = '\0';
|
|
dynbuf_append(&db, large_ip, -1);
|
|
|
|
dynbuf_append(&db, "\",\"method\":\"GET\"}", -1);
|
|
|
|
/* Should handle gracefully */
|
|
assert_true(db.data[0] == '{');
|
|
|
|
/* Verify size check would trigger */
|
|
if (db.len >= MAX_JSON_SIZE) {
|
|
/* This is expected - size limit check should catch this */
|
|
}
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: dynbuf append with NULL string
|
|
* ============================================================================ */
|
|
static void test_dynbuf_append_null(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 64);
|
|
|
|
/* Should handle NULL gracefully */
|
|
dynbuf_append(&db, NULL, 10);
|
|
assert_int_equal(db.len, 0);
|
|
assert_string_equal(db.data, "");
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: dynbuf append with len=-1 (strlen mode)
|
|
* ============================================================================ */
|
|
static void test_dynbuf_append_strlen_mode(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
dynbuf_t db;
|
|
dynbuf_init(&db, pool, 64);
|
|
|
|
dynbuf_append(&db, "hello", (apr_size_t)-1);
|
|
assert_int_equal(db.len, 5);
|
|
assert_string_equal(db.data, "hello");
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: Sensitive header detection - blacklist
|
|
* ============================================================================ */
|
|
static void test_sensitive_header_blacklist(void **state)
|
|
{
|
|
(void)state;
|
|
|
|
/* List of headers that should be blocked */
|
|
const char *sensitive[] = {
|
|
"Authorization",
|
|
"Cookie",
|
|
"Set-Cookie",
|
|
"X-Api-Key",
|
|
"X-Auth-Token",
|
|
"Proxy-Authorization",
|
|
"WWW-Authenticate",
|
|
NULL
|
|
};
|
|
|
|
/* List of headers that should NOT be blocked */
|
|
const char *non_sensitive[] = {
|
|
"X-Request-Id",
|
|
"User-Agent",
|
|
"Referer",
|
|
"Host",
|
|
"Content-Type",
|
|
"Accept",
|
|
NULL
|
|
};
|
|
|
|
/* Test sensitive headers */
|
|
for (int i = 0; sensitive[i] != NULL; i++) {
|
|
assert_true(is_sensitive_header(sensitive[i]));
|
|
}
|
|
|
|
/* Test non-sensitive headers */
|
|
for (int i = 0; non_sensitive[i] != NULL; i++) {
|
|
assert_false(is_sensitive_header(non_sensitive[i]));
|
|
}
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: Sensitive header detection - case insensitive
|
|
* ============================================================================ */
|
|
static void test_sensitive_header_case_insensitive(void **state)
|
|
{
|
|
(void)state;
|
|
|
|
/* Should be blocked regardless of case */
|
|
assert_true(is_sensitive_header("authorization"));
|
|
assert_true(is_sensitive_header("AUTHORIZATION"));
|
|
assert_true(is_sensitive_header("Authorization"));
|
|
assert_true(is_sensitive_header("cookie"));
|
|
assert_true(is_sensitive_header("COOKIE"));
|
|
assert_true(is_sensitive_header("x-api-key"));
|
|
assert_true(is_sensitive_header("X-API-KEY"));
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: Sensitive header detection - NULL handling
|
|
* ============================================================================ */
|
|
static void test_sensitive_header_null(void **state)
|
|
{
|
|
(void)state;
|
|
|
|
/* NULL should not be considered sensitive (returns 0) */
|
|
assert_false(is_sensitive_header(NULL));
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: Parse integer strict - valid values
|
|
* ============================================================================ */
|
|
static void test_parse_int_strict_valid(void **state)
|
|
{
|
|
int out;
|
|
(void)state;
|
|
|
|
assert_int_equal(parse_int_strict("0", &out), 0);
|
|
assert_int_equal(out, 0);
|
|
|
|
assert_int_equal(parse_int_strict("10", &out), 0);
|
|
assert_int_equal(out, 10);
|
|
|
|
assert_int_equal(parse_int_strict("-5", &out), 0);
|
|
assert_int_equal(out, -5);
|
|
|
|
assert_int_equal(parse_int_strict("2147483647", &out), 0);
|
|
assert_int_equal(out, 2147483647);
|
|
|
|
assert_int_equal(parse_int_strict("-2147483648", &out), 0);
|
|
assert_int_equal(out, -2147483648);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: Parse integer strict - invalid values
|
|
* ============================================================================ */
|
|
static void test_parse_int_strict_invalid(void **state)
|
|
{
|
|
int out;
|
|
(void)state;
|
|
|
|
/* Invalid: empty string */
|
|
assert_int_equal(parse_int_strict("", &out), -1);
|
|
|
|
/* Invalid: NULL */
|
|
assert_int_equal(parse_int_strict(NULL, &out), -1);
|
|
|
|
/* Invalid: non-numeric */
|
|
assert_int_equal(parse_int_strict("abc", &out), -1);
|
|
|
|
/* Invalid: mixed */
|
|
assert_int_equal(parse_int_strict("10abc", &out), -1);
|
|
|
|
/* Invalid: whitespace */
|
|
assert_int_equal(parse_int_strict(" 10", &out), -1);
|
|
assert_int_equal(parse_int_strict("10 ", &out), -1);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: Input sanitization - method truncation
|
|
* ============================================================================ */
|
|
static void test_input_sanitization_method(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
(void)state;
|
|
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
/* Simulate oversized method (should be truncated to 32 chars) */
|
|
const char *long_method = "VERYLONGMETHODTHATEXCEEDSTHEMAXIMUMALLOWEDLENGTHFORHTTPMETHODS";
|
|
const char *sanitized = apr_pstrmemdup(pool, long_method, 32);
|
|
|
|
assert_non_null(sanitized);
|
|
assert_int_equal(strlen(sanitized), 32);
|
|
assert_memory_equal(sanitized, "VERYLONGMETHODTHATEXCEEDSTHEMAXI", 32);
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: Input sanitization - path truncation
|
|
* ============================================================================ */
|
|
static void test_input_sanitization_path(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
(void)state;
|
|
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
/* Simulate oversized path (should be truncated to 2048 chars) */
|
|
char *long_path = apr_palloc(pool, 3000);
|
|
memset(long_path, 'A', 2999);
|
|
long_path[2999] = '\0';
|
|
|
|
const char *sanitized = apr_pstrmemdup(pool, long_path, 2048);
|
|
|
|
assert_non_null(sanitized);
|
|
assert_int_equal(strlen(sanitized), 2048);
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: Input sanitization - host header truncation
|
|
* ============================================================================ */
|
|
static void test_input_sanitization_host(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
(void)state;
|
|
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
/* Simulate oversized Host header (should be truncated to 256 chars) */
|
|
char *long_host = apr_palloc(pool, 500);
|
|
memset(long_host, 'H', 499);
|
|
long_host[499] = '\0';
|
|
|
|
const char *sanitized = apr_pstrmemdup(pool, long_host, 256);
|
|
|
|
assert_non_null(sanitized);
|
|
assert_int_equal(strlen(sanitized), 256);
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Test: Input sanitization - HTTP version truncation
|
|
* ============================================================================ */
|
|
static void test_input_sanitization_http_version(void **state)
|
|
{
|
|
apr_pool_t *pool;
|
|
(void)state;
|
|
|
|
apr_pool_create(&pool, NULL);
|
|
|
|
/* Simulate oversized HTTP version (should be truncated to 16 chars) */
|
|
const char *long_version = "HTTP/1.1.1.1.1.1.1.1.1.1.1.1";
|
|
const char *sanitized = apr_pstrmemdup(pool, long_version, 16);
|
|
|
|
assert_non_null(sanitized);
|
|
assert_int_equal(strlen(sanitized), 16);
|
|
assert_memory_equal(sanitized, "HTTP/1.1.1.1.1.1.", 16);
|
|
|
|
apr_pool_destroy(pool);
|
|
}
|
|
|
|
/* ============================================================================
|
|
* Main test runner
|
|
* ============================================================================ */
|
|
int main(void)
|
|
{
|
|
const struct CMUnitTest tests[] = {
|
|
/* dynbuf tests */
|
|
cmocka_unit_test_setup_teardown(test_dynbuf_init, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_dynbuf_append_basic, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_dynbuf_append_resize, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_dynbuf_append_null, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_dynbuf_append_strlen_mode, setup, teardown),
|
|
|
|
/* JSON escaping tests */
|
|
cmocka_unit_test_setup_teardown(test_json_escape_empty, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_json_escape_null, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_json_escape_simple, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_json_escape_quotes, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_json_escape_backslash, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_json_escape_newline_tab, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_json_escape_control_char, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_json_escape_user_agent, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_json_escape_combined_special, setup, teardown),
|
|
|
|
/* ISO8601 formatting */
|
|
cmocka_unit_test_setup_teardown(test_iso8601_format, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_iso8601_format_year_zero, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_iso8601_format_large_timestamp, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_iso8601_format_fixed_length, setup, teardown),
|
|
|
|
/* Timestamp overflow tests */
|
|
cmocka_unit_test_setup_teardown(test_timestamp_no_overflow, setup, teardown),
|
|
|
|
/* JSON size limit tests */
|
|
cmocka_unit_test_setup_teardown(test_json_size_limit, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_json_size_limit_before_headers, setup, teardown),
|
|
|
|
/* Header truncation tests */
|
|
cmocka_unit_test_setup_teardown(test_header_truncation_within, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_header_truncation_exceeds, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_header_truncation_null, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_header_truncation_empty, setup, teardown),
|
|
|
|
/* Sensitive header tests */
|
|
cmocka_unit_test_setup_teardown(test_sensitive_header_blacklist, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_sensitive_header_case_insensitive, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_sensitive_header_null, setup, teardown),
|
|
|
|
/* Parse integer strict tests */
|
|
cmocka_unit_test_setup_teardown(test_parse_int_strict_valid, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_parse_int_strict_invalid, setup, teardown),
|
|
|
|
/* Input sanitization tests */
|
|
cmocka_unit_test_setup_teardown(test_input_sanitization_method, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_input_sanitization_path, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_input_sanitization_host, setup, teardown),
|
|
cmocka_unit_test_setup_teardown(test_input_sanitization_http_version, setup, teardown),
|
|
|
|
/* Full JSON structure */
|
|
cmocka_unit_test_setup_teardown(test_full_json_line, setup, teardown),
|
|
|
|
/* Header value escaping */
|
|
cmocka_unit_test_setup_teardown(test_header_value_json_escape, setup, teardown),
|
|
};
|
|
|
|
return cmocka_run_group_tests(tests, NULL, NULL);
|
|
}
|