aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBartek Grzybowski <b.grzybowski@partner.samsung.com>2020-04-16 03:28:14 -0700
committerBartek Grzybowski <b.grzybowski@partner.samsung.com>2020-04-16 03:28:14 -0700
commiteb24769c91469a9b57344421061c8e366b8a8c2a (patch)
treeed805620d0cafa0376beb495ee5aac660c0c0816
parent18c479f0b09bb406c21c707bf7acc03fc34ef0a0 (diff)
Fix invalid prefix check handling
Should the URI prefix length in the request be incorrect and not contain two "/" the service would fail with "empty response" on client side due to unhandled "list index out of range" in the server process while trying to get the idName from pathlist[4] which throws IndexError. Prefix validation, id and class variable assignment are wrapped up in try-except clause to evaluate the prefix check correctly, catch the exception and return appropriate response to the client. Change-Id: If6333228fbdd3a8075ade55436c3ca9bb8a97caa Issue-ID: INT-1529 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Diffstat
-rw-r--r--test/mocks/prov-mns-provider/src/ProvMnSProvider.py48
1 files changed, 28 insertions, 20 deletions
diff --git a/test/mocks/prov-mns-provider/src/ProvMnSProvider.py b/test/mocks/prov-mns-provider/src/ProvMnSProvider.py
index da445e223..d61b4494e 100644
--- a/test/mocks/prov-mns-provider/src/ProvMnSProvider.py
+++ b/test/mocks/prov-mns-provider/src/ProvMnSProvider.py
@@ -37,12 +37,14 @@ class ServerHTTP(BaseHTTPRequestHandler):
request = urlparse(path)
print("the PATH of the received GET request:" + request.path)
pathlist = request.path.split('/')
- if "/" + pathlist[1] + "/"+ pathlist[2] == prefix:
- prefix_check = True
- else:
+ prefix_check = True
+ try:
+ if "/" + pathlist[1] + "/"+ pathlist[2] != prefix:
+ prefix_check = False
+ className = pathlist[3]
+ idName = pathlist[4]
+ except IndexError:
prefix_check = False
- className = pathlist[3]
- idName = pathlist[4]
response = {}
query_params = parse_qs(request.query)
if self.headers['Authorization'] == authheader and prefix_check is True:
@@ -100,12 +102,14 @@ class ServerHTTP(BaseHTTPRequestHandler):
request = urlparse(path)
print("the PATH of the received GET request:" + request.path)
pathlist = request.path.split('/')
- if "/" + pathlist[1] + "/"+ pathlist[2] == prefix:
- prefix_check = True
- else:
+ prefix_check = True
+ try:
+ if "/" + pathlist[1] + "/"+ pathlist[2] != prefix:
+ prefix_check = False
+ className = pathlist[3]
+ idName = pathlist[4]
+ except IndexError:
prefix_check = False
- className = pathlist[3]
- idName = pathlist[4]
response = {}
query_params = parse_qs(request.query)
if self.headers['Authorization'] == authheader and prefix_check is True:
@@ -169,12 +173,14 @@ class ServerHTTP(BaseHTTPRequestHandler):
request = urlparse(path)
print("the PATH of the received DELETE request:" + request.path)
pathlist = request.path.split('/')
- if "/" + pathlist[1] + "/"+ pathlist[2] == prefix:
- prefix_check = True
- else:
+ prefix_check = True
+ try:
+ if "/" + pathlist[1] + "/"+ pathlist[2] != prefix:
+ prefix_check = False
+ className = pathlist[3]
+ idName = pathlist[4]
+ except IndexError:
prefix_check = False
- className = pathlist[3]
- idName = pathlist[4]
response = {}
query_params = parse_qs(request.query)
if self.headers['Authorization'] == authheader and prefix_check is True:
@@ -221,12 +227,14 @@ class ServerHTTP(BaseHTTPRequestHandler):
print("\n**************************** NEW PUT REQUEST ********************************")
print("the PATH of the received PUT request:" + path)
pathlist = path.split('/')
- if "/" + pathlist[1] + "/"+ pathlist[2] == prefix:
- prefix_check = True
- else:
+ prefix_check = True
+ try:
+ if "/" + pathlist[1] + "/"+ pathlist[2] != prefix:
+ prefix_check = False
+ className = pathlist[3]
+ idName = pathlist[4]
+ except IndexError:
prefix_check = False
- className = pathlist[3]
- idName = pathlist[4]
response = {}
if self.headers['Authorization'] == authheader and prefix_check is True:
if className in SupportingFunctionList: