1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-17 23:15:08 -05:00
curl/tests
Daniel Stenberg 0b664ba968
wildcardmatch: fix heap buffer overflow in setcharset
The code would previous read beyond the end of the pattern string if the
match pattern ends with an open bracket when the default pattern
matching function is used.

Detected by OSS-Fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4161

CVE-2017-8817

Bug: https://curl.haxx.se/docs/adv_2017-ae72.html
2017-11-27 08:19:34 +01:00
..
certs spelling fixes 2017-03-26 23:56:23 +02:00
data wildcardmatch: fix heap buffer overflow in setcharset 2017-11-27 08:19:34 +01:00
fuzz fuzzer: move to using external curl-fuzzer 2017-10-04 15:33:36 +02:00
libtest test1554: verify connection cache sharing 2017-11-09 11:07:44 +01:00
python_dependencies/impacket test1451: add SMB support to the testbed 2017-07-04 10:41:58 +02:00
server timediff: return timediff_t from the time diff functions 2017-10-25 09:54:37 +02:00
unit time: rename Curl_tvnow to Curl_now 2017-10-25 18:48:05 +02:00
.gitignore tests: give each stunnel.conf file a unique name 2017-05-08 22:59:12 +02:00
CMakeLists.txt cmake: now using BUILD_TESTING=ON/OFF 2016-06-21 23:04:04 +02:00
convsrctest.pl URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
curl_test_data.py ossfuzz: moving towards the ideal integration 2017-09-01 11:22:51 +02:00
dictserver.py test1450: fix up DICT server in torture mode 2017-06-30 14:58:06 +02:00
directories.pm URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
extern-scan.pl extern-scan.pl: strip trailing CR 2017-04-17 08:33:04 +02:00
FILEFORMAT tests: add initial gssapi test using stub implementation 2017-09-15 14:09:08 +02:00
ftp.pm URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
ftpserver.pl ftpserver: support case insensitive commands 2017-10-10 23:00:52 +02:00
getpart.pm URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
http2-server.pl tests: enable HTTP/2 tests to run with non-default port numbers 2017-02-27 22:32:37 +01:00
http_pipe.py URLs: change more http to https 2016-02-04 18:46:54 -05:00
httpserver.pl spelling fixes 2017-03-26 23:56:23 +02:00
keywords.pl URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
Makefile.am fuzzer: move to using external curl-fuzzer 2017-10-04 15:33:36 +02:00
manpage-scan.pl curl: generate the --help output 2017-05-08 23:30:29 +02:00
mem-include-scan.pl URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
memanalyze.pl memdebug: trace send, recv and socket 2017-10-14 17:40:12 +02:00
negtelnetserver.py test1452: add telnet negotiation 2017-07-07 11:00:26 +02:00
nroff-scan.pl nroff-scan.pl: verify that references are made with \fI 2016-05-02 09:09:59 +02:00
pathhelp.pm s/cURL/curl 2016-11-07 10:36:23 +01:00
README test1452: add telnet negotiation 2017-07-07 11:00:26 +02:00
rtspserver.pl spelling fixes 2017-03-26 23:56:23 +02:00
runtests.1 runtests: use -R for random order 2017-05-05 08:12:24 +02:00
runtests.pl HTTP: implement Brotli content encoding 2017-11-05 15:28:16 +01:00
secureserver.pl tests: give each stunnel.conf file a unique name 2017-05-08 22:59:12 +02:00
serverhelp.pm test1452: add telnet negotiation 2017-07-07 11:00:26 +02:00
smbserver.py test1451: add SMB support to the testbed 2017-07-04 10:41:58 +02:00
sshhelp.pm tests/sshserver.pl: use RSA instead of DSA for host auth 2016-02-23 11:55:18 +01:00
sshserver.pl spelling fixes 2017-03-26 23:56:23 +02:00
stunnel.pem stunnel: regenerated self-signed test certificate with SHA1 hash 2014-02-22 16:49:09 +01:00
symbol-scan.pl URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
testcurl.1 testcurl.1: fix the URL to the autobuild summary 2016-10-22 15:15:34 +02:00
testcurl.pl includes: remove curl/curlbuild.h and curl/curlrules.h 2017-06-14 11:07:33 +02:00
tftpserver.pl spelling fixes 2017-03-26 23:56:23 +02:00
valgrind.pm runtests.pl: removed unused arguments to valgrindparse 2017-05-27 14:30:24 +02:00
valgrind.supp valgrind.supp: supress OpenSSL false positive seen on travis 2017-07-07 16:58:08 +02:00

                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
                            | (__| |_| |  _ <| |___
                             \___|\___/|_| \_\_____|

The curl Test Suite

 1. Running
  1.1 Requires to run
  1.2 Port numbers used by test servers
  1.3 Test servers
  1.4 Run
  1.5 Shell startup scripts
  1.6 Memory test
  1.7 Debug
  1.8 Logs
  1.9 Test input files
  1.10 Code coverage
  1.11 Remote testing

 2. Numbering
  2.1 Test case numbering

 3. Write tests
  3.1 test data
  3.2 curl tests
  3.3 libcurl tests
  3.4 unit tests

 4. TODO
  4.1 More protocols
  4.2 SOCKS auth

==============================================================================

1. Running

 1.1 Requires to run

  perl (and a unix-style shell)
  python (and a unix-style shell)
  diff (when a test fails, a diff is shown)
  stunnel (for HTTPS and FTPS tests)
  OpenSSH or SunSSH (for SCP, SFTP and SOCKS4/5 tests)
  nghttpx (for HTTP/2 tests)
  nroff (for --manual tests)

 1.2 Port numbers used by test servers

  - TCP/8990 for HTTP
  - TCP/8991 for HTTPS
  - TCP/8992 for FTP
  - TCP/8993 for FTPS
  - TCP/8994 for HTTP IPv6
  - TCP/8995 for FTP (2)
  - TCP/8996 for FTP IPv6
  - UDP/8997 for TFTP
  - UDP/8998 for TFTP IPv6
  - TCP/8999 for SCP/SFTP
  - TCP/9000 for SOCKS
  - TCP/9001 for POP3
  - TCP/9002 for POP3 IPv6
  - TCP/9003 for IMAP
  - TCP/9004 for IMAP IPv6
  - TCP/9005 for SMTP
  - TCP/9006 for SMTP IPv6
  - TCP/9007 for RTSP
  - TCP/9008 for RTSP IPv6
  - TCP/9009 for GOPHER
  - TCP/9010 for GOPHER IPv6
  - TCP/9011 for HTTPS server with TLS-SRP support
  - TCP/9012 for HTTPS IPv6 server with TLS-SRP support
  - TCP/9013 for HTTP proxy server for CONNECT
  - TCP/9014 for HTTP pipelining server
  - TCP/9015 for HTTP/2 server
  - TCP/9016 for DICT server
  - TCP/9017 for SMB server
  - TCP/9018 for SMBS server (reserved)
  - TCP/9019 for TELNET server with negotiation support

 1.3 Test servers

  The test suite runs simple FTP, POP3, IMAP, SMTP, HTTP and TFTP stand-alone
  servers on the ports listed above to which it makes requests. For SSL tests,
  it runs stunnel to handle encryption to the regular servers. For SSH, it
  runs a standard OpenSSH server. For SOCKS4/5 tests SSH is used to perform
  the SOCKS functionality and requires a SSH client and server.

  The base port number (8990), which all the individual port numbers are
  indexed from, can be set explicitly using runtests.pl' -b option to allow
  running more than one instance of the test suite simultaneously on one
  machine, or just move the servers in case you have local services on any of
  those ports.

  The HTTP server supports listening on a Unix domain socket, the default
  location is 'http.sock'.

 1.4 Run

  './configure && make && make test'. This builds the test suite support code
  and invokes the 'runtests.pl' perl script to run all the tests. Edit the top
  variables of that script in case you have some specific needs, or run the
  script manually (after the support code has been built).

  The script breaks on the first test that doesn't do OK. Use -a to prevent
  the script from aborting on the first error. Run the script with -v for more
  verbose output. Use -d to run the test servers with debug output enabled as
  well. Specifying -k keeps all the log files generated by the test intact.

  Use -s for shorter output, or pass test numbers to run specific tests only
  (like "./runtests.pl 3 4" to test 3 and 4 only). It also supports test case
  ranges with 'to', as in "./runtests 3 to 9" which runs the seven tests from
  3 to 9. Any test numbers starting with ! are disabled, as are any test
  numbers found in the files data/DISABLED or data/DISABLED.local (one per
  line). The latter is meant for local temporary disables and will be ignored
  by git.

  When -s is not present, each successful test will display on one line the
  test number and description and on the next line a set of flags, the test
  result, current test sequence, total number of tests to be run and an
  estimated amount of time to complete the test run. The flags consist of
  these letters describing what is checked in this test:

    s stdout
    d data
    u upload
    p protocol
    o output
    e exit code
    m memory
    v valgrind

 1.5 Shell startup scripts

  Tests which use the ssh test server, SCP/SFTP/SOCKS tests, might be badly
  influenced by the output of system wide or user specific shell startup
  scripts, .bashrc, .profile, /etc/csh.cshrc, .login, /etc/bashrc, etc. which
  output text messages or escape sequences on user login.  When these shell
  startup messages or escape sequences are output they might corrupt the
  expected stream of data which flows to the sftp-server or from the ssh
  client which can result in bad test behaviour or even prevent the test
  server from running.

  If the test suite ssh or sftp server fails to start up and logs the message
  'Received message too long' then you are certainly suffering the unwanted
  output of a shell startup script.  Locate, cleanup or adjust the shell
  script.

 1.6 Memory test

  The test script will check that all allocated memory is freed properly IF
  curl has been built with the CURLDEBUG define set. The script will
  automatically detect if that is the case, and it will use the
  'memanalyze.pl' script to analyze the memory debugging output.

  Also, if you run tests on a machine where valgrind is found, the script will
  use valgrind to run the test with (unless you use -n) to further verify
  correctness.

  runtests.pl's -t option will enable torture testing mode, which runs each
  test many times and makes each different memory allocation fail on each
  successive run.  This tests the out of memory error handling code to ensure
  that memory leaks do not occur even in those situations. It can help to
  compile curl with CPPFLAGS=-DMEMDEBUG_LOG_SYNC when using this option, to
  ensure that the memory log file is properly written even if curl crashes.

 1.7 Debug

  If a test case fails, you can conveniently get the script to invoke the
  debugger (gdb) for you with the server running and the exact same command
  line parameters that failed. Just invoke 'runtests.pl <test number> -g' and
  then just type 'run' in the debugger to perform the command through the
  debugger.

 1.8 Logs

  All logs are generated in the log/ subdirectory (it is emptied first in the
  runtests.pl script). Use runtests.pl -k to force it to keep the temporary
  files after the test run since successful runs will clean it up otherwise.

 1.9 Test input files

  All test cases are put in the data/ subdirectory. Each test is stored in the
  file named according to the test number.

  See FILEFORMAT for the description of the test case files.

 1.10 Code coverage

  gcc provides a tool that can determine the code coverage figures for
  the test suite.  To use it, configure curl with
  CFLAGS='-fprofile-arcs -ftest-coverage -g -O0'.  Make sure you run the normal
  and torture tests to get more full coverage, i.e. do:

    make test
    make test-torture

  The graphical tool ggcov can be used to browse the source and create
  coverage reports on *NIX hosts:

    ggcov -r lib src

  The text mode tool gcov may also be used, but it doesn't handle object files
  in more than one directory very well.

 1.11 Remote testing

  The runtests.pl script provides some hooks to allow curl to be tested on a
  machine where perl can not be run.  The test framework in this case runs on
  a workstation where perl is available, while curl itself is run on a remote
  system using ssh or some other remote execution method.  See the comments at
  the beginning of runtests.pl for details.

2. Numbering

 2.1 Test case numbering

     1   -  99   HTTP
     100 - 199   FTP
     200 - 299   FILE
     300 - 399   HTTPS
     400 - 499   FTPS
     500 - 599   libcurl source code tests, not using the curl command tool
     600 - 699   SCP/SFTP
     700 - 799   SOCKS4 (even numbers) and SOCK5 (odd numbers)
     800 - 849   IMAP
     850 - 899   POP3
     900 - 999   SMTP
     1000 - 1299 miscellaneous
     1300 - 1399 unit tests
     1400 - 1499 miscellaneous
     1500 - 1599 libcurl source code tests, not using the curl command tool
                 (same as 5xx)
     1600 - 1699 unit tests
     2000 - x    multiple sequential protocols per test case

  There's nothing in the system that *requires* us to keep within these number
  series.

3. Write tests

  Here's a quick description on writing test cases. We basically have three
  kinds of tests: the ones that test the curl tool, the ones that build small
  applications and test libcurl directly and the unit tests that test
  individual (possibly internal) functions.

 3.1 test data

  Each test has a master file that controls all the test data. What to read,
  what the protocol exchange should look like, what exit code to expect and
  what command line arguments to use etc.

  These files are tests/data/test[num] where [num] is described in section 2
  of this document, and the XML-like file format of them is described in the
  separate tests/FILEFORMAT document.

 3.2 curl tests

  A test case that runs the curl tool and verifies that it gets the correct
  data, it sends the correct data, it uses the correct protocol primitives
  etc.

 3.3 libcurl tests

  The libcurl tests are identical to the curl ones, except that they use a
  specific and dedicated custom-built program to run instead of "curl". This
  tool is built from source code placed in tests/libtest and if you want to
  make a new libcurl test that is where you add your code.

 3.4 unit tests

  Unit tests are tests in the 13xx sequence and they are placed in tests/unit.
  There's a tests/unit/README describing the specific set of checks and macros
  that may be used when writing tests that verify behaviors of specific
  individual functions.

  The unit tests depend on curl being built with debug enabled.

4. TODO

 4.1 More protocols

  Add tests for TELNET, LDAP, DICT...

 4.2 SOCKS auth

  SOCKS4/5 test deficiencies - no proxy authentication tests as SSH (the
  test mechanism) doesn't support them