diff options
author | Bartek Grzybowski <b.grzybowski@partner.samsung.com> | 2020-04-16 03:28:14 -0700 |
---|---|---|
committer | Bartek Grzybowski <b.grzybowski@partner.samsung.com> | 2020-04-16 03:28:14 -0700 |
commit | eb24769c91469a9b57344421061c8e366b8a8c2a (patch) | |
tree | ed805620d0cafa0376beb495ee5aac660c0c0816 /test/mocks | |
parent | 18c479f0b09bb406c21c707bf7acc03fc34ef0a0 (diff) |
Fix invalid prefix check handling
Should the URI prefix length in the request be incorrect
and not contain two "/" the service would fail with "empty
response" on client side due to unhandled "list index
out of range" in the server process while trying to get
the idName from pathlist[4] which throws IndexError.
Prefix validation, id and class variable assignment are
wrapped up in try-except clause to evaluate the prefix check
correctly, catch the exception and return appropriate response
to the client.
Change-Id: If6333228fbdd3a8075ade55436c3ca9bb8a97caa
Issue-ID: INT-1529
Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Diffstat (limited to 'test/mocks')
-rw-r--r-- | test/mocks/prov-mns-provider/src/ProvMnSProvider.py | 48 |
1 files changed, 28 insertions, 20 deletions
diff --git a/test/mocks/prov-mns-provider/src/ProvMnSProvider.py b/test/mocks/prov-mns-provider/src/ProvMnSProvider.py index da445e223..d61b4494e 100644 --- a/test/mocks/prov-mns-provider/src/ProvMnSProvider.py +++ b/test/mocks/prov-mns-provider/src/ProvMnSProvider.py @@ -37,12 +37,14 @@ class ServerHTTP(BaseHTTPRequestHandler): request = urlparse(path) print("the PATH of the received GET request:" + request.path) pathlist = request.path.split('/') - if "/" + pathlist[1] + "/"+ pathlist[2] == prefix: - prefix_check = True - else: + prefix_check = True + try: + if "/" + pathlist[1] + "/"+ pathlist[2] != prefix: + prefix_check = False + className = pathlist[3] + idName = pathlist[4] + except IndexError: prefix_check = False - className = pathlist[3] - idName = pathlist[4] response = {} query_params = parse_qs(request.query) if self.headers['Authorization'] == authheader and prefix_check is True: @@ -100,12 +102,14 @@ class ServerHTTP(BaseHTTPRequestHandler): request = urlparse(path) print("the PATH of the received GET request:" + request.path) pathlist = request.path.split('/') - if "/" + pathlist[1] + "/"+ pathlist[2] == prefix: - prefix_check = True - else: + prefix_check = True + try: + if "/" + pathlist[1] + "/"+ pathlist[2] != prefix: + prefix_check = False + className = pathlist[3] + idName = pathlist[4] + except IndexError: prefix_check = False - className = pathlist[3] - idName = pathlist[4] response = {} query_params = parse_qs(request.query) if self.headers['Authorization'] == authheader and prefix_check is True: @@ -169,12 +173,14 @@ class ServerHTTP(BaseHTTPRequestHandler): request = urlparse(path) print("the PATH of the received DELETE request:" + request.path) pathlist = request.path.split('/') - if "/" + pathlist[1] + "/"+ pathlist[2] == prefix: - prefix_check = True - else: + prefix_check = True + try: + if "/" + pathlist[1] + "/"+ pathlist[2] != prefix: + prefix_check = False + className = pathlist[3] + idName = pathlist[4] + except IndexError: prefix_check = False - className = pathlist[3] - idName = pathlist[4] response = {} query_params = parse_qs(request.query) if self.headers['Authorization'] == authheader and prefix_check is True: @@ -221,12 +227,14 @@ class ServerHTTP(BaseHTTPRequestHandler): print("\n**************************** NEW PUT REQUEST ********************************") print("the PATH of the received PUT request:" + path) pathlist = path.split('/') - if "/" + pathlist[1] + "/"+ pathlist[2] == prefix: - prefix_check = True - else: + prefix_check = True + try: + if "/" + pathlist[1] + "/"+ pathlist[2] != prefix: + prefix_check = False + className = pathlist[3] + idName = pathlist[4] + except IndexError: prefix_check = False - className = pathlist[3] - idName = pathlist[4] response = {} if self.headers['Authorization'] == authheader and prefix_check is True: if className in SupportingFunctionList: |