Refactor to validate message boundaries while parsing request headers

clue · clue · commit 8e5e77ad3384 · 2019-09-25T11:07:45.000+02:00
diff --git a/src/Io/RequestHeaderParser.php b/src/Io/RequestHeaderParser.php
@@ -199,6 +199,26 @@ public function parseRequest($headers, $remoteSocketUri, $localSocketUri)
             }
         }
 
+        // ensure message boundaries are valid according to Content-Length and Transfer-Encoding request headers
+        if ($request->hasHeader('Transfer-Encoding')) {
+            if (\strtolower($request->getHeaderLine('Transfer-Encoding')) !== 'chunked') {
+                throw new \InvalidArgumentException('Only chunked-encoding is allowed for Transfer-Encoding', 501);
+            }
+
+            // Transfer-Encoding: chunked and Content-Length header MUST NOT be used at the same time
+            // as per https://tools.ietf.org/html/rfc7230#section-3.3.3
+            if ($request->hasHeader('Content-Length')) {
+                throw new \InvalidArgumentException('Using both `Transfer-Encoding: chunked` and `Content-Length` is not allowed', 400);
+            }
+        } elseif ($request->hasHeader('Content-Length')) {
+            $string = $request->getHeaderLine('Content-Length');
+
+            if ((string)(int)$string !== $string) {
+                // Content-Length value is not an integer or not a single integer
+                throw new \InvalidArgumentException('The value of `Content-Length` is not valid', 400);
+            }
+        }
+
         // set URI components from socket address if not already filled via Host header
         if ($request->getUri()->getHost() === '') {
             $parts = \parse_url($localSocketUri);
diff --git a/src/StreamingServer.php b/src/StreamingServer.php
@@ -185,30 +185,10 @@ public function handleRequest(ConnectionInterface $conn, ServerRequestInterface
         $contentLength = 0;
         $stream = new CloseProtectionStream($conn);
         if ($request->hasHeader('Transfer-Encoding')) {
-            if (\strtolower($request->getHeaderLine('Transfer-Encoding')) !== 'chunked') {
-                $this->emit('error', array(new \InvalidArgumentException('Only chunked-encoding is allowed for Transfer-Encoding')));
-                return $this->writeError($conn, 501, $request);
-            }
-
-            // Transfer-Encoding: chunked and Content-Length header MUST NOT be used at the same time
-            // as per https://tools.ietf.org/html/rfc7230#section-3.3.3
-            if ($request->hasHeader('Content-Length')) {
-                $this->emit('error', array(new \InvalidArgumentException('Using both `Transfer-Encoding: chunked` and `Content-Length` is not allowed')));
-                return $this->writeError($conn, 400, $request);
-            }
-
-            $stream = new ChunkedDecoder($stream);
             $contentLength = null;
+            $stream = new ChunkedDecoder($stream);
         } elseif ($request->hasHeader('Content-Length')) {
-            $string = $request->getHeaderLine('Content-Length');
-
-            $contentLength = (int)$string;
-            if ((string)$contentLength !== $string) {
-                // Content-Length value is not an integer or not a single integer
-                $this->emit('error', array(new \InvalidArgumentException('The value of `Content-Length` is not valid')));
-                return $this->writeError($conn, 400, $request);
-            }
-
+            $contentLength = (int)$request->getHeaderLine('Content-Length');
             $stream = new LengthLimitedStream($stream, $contentLength);
         }
 
diff --git a/tests/Io/RequestHeaderParserTest.php b/tests/Io/RequestHeaderParserTest.php
@@ -423,6 +423,86 @@ public function testInvalidHttpVersion()
         $this->assertSame('Received request with invalid protocol version', $error->getMessage());
     }
 
+    public function testInvalidContentLengthRequestHeaderWillEmitError()
+    {
+        $error = null;
+
+        $parser = new RequestHeaderParser();
+        $parser->on('headers', $this->expectCallableNever());
+        $parser->on('error', function ($message) use (&$error) {
+            $error = $message;
+        });
+
+        $connection = $this->getMockBuilder('React\Socket\Connection')->disableOriginalConstructor()->setMethods(null)->getMock();
+        $parser->handle($connection);
+
+        $connection->emit('data', array("GET / HTTP/1.1\r\nContent-Length: foo\r\n\r\n"));
+
+        $this->assertInstanceOf('InvalidArgumentException', $error);
+        $this->assertSame(400, $error->getCode());
+        $this->assertSame('The value of `Content-Length` is not valid', $error->getMessage());
+    }
+
+    public function testInvalidRequestWithMultipleContentLengthRequestHeadersWillEmitError()
+    {
+        $error = null;
+
+        $parser = new RequestHeaderParser();
+        $parser->on('headers', $this->expectCallableNever());
+        $parser->on('error', function ($message) use (&$error) {
+            $error = $message;
+        });
+
+        $connection = $this->getMockBuilder('React\Socket\Connection')->disableOriginalConstructor()->setMethods(null)->getMock();
+        $parser->handle($connection);
+
+        $connection->emit('data', array("GET / HTTP/1.1\r\nContent-Length: 4\r\nContent-Length: 5\r\n\r\n"));
+
+        $this->assertInstanceOf('InvalidArgumentException', $error);
+        $this->assertSame(400, $error->getCode());
+        $this->assertSame('The value of `Content-Length` is not valid', $error->getMessage());
+    }
+
+    public function testInvalidTransferEncodingRequestHeaderWillEmitError()
+    {
+        $error = null;
+
+        $parser = new RequestHeaderParser();
+        $parser->on('headers', $this->expectCallableNever());
+        $parser->on('error', function ($message) use (&$error) {
+            $error = $message;
+        });
+
+        $connection = $this->getMockBuilder('React\Socket\Connection')->disableOriginalConstructor()->setMethods(null)->getMock();
+        $parser->handle($connection);
+
+        $connection->emit('data', array("GET / HTTP/1.1\r\nTransfer-Encoding: foo\r\n\r\n"));
+
+        $this->assertInstanceOf('InvalidArgumentException', $error);
+        $this->assertSame(501, $error->getCode());
+        $this->assertSame('Only chunked-encoding is allowed for Transfer-Encoding', $error->getMessage());
+    }
+
+    public function testInvalidRequestWithBothTransferEncodingAndContentLengthWillEmitError()
+    {
+        $error = null;
+
+        $parser = new RequestHeaderParser();
+        $parser->on('headers', $this->expectCallableNever());
+        $parser->on('error', function ($message) use (&$error) {
+            $error = $message;
+        });
+
+        $connection = $this->getMockBuilder('React\Socket\Connection')->disableOriginalConstructor()->setMethods(null)->getMock();
+        $parser->handle($connection);
+
+        $connection->emit('data', array("GET / HTTP/1.1\r\nTransfer-Encoding: chunked\r\nContent-Length: 0\r\n\r\n"));
+
+        $this->assertInstanceOf('InvalidArgumentException', $error);
+        $this->assertSame(400, $error->getCode());
+        $this->assertSame('Using both `Transfer-Encoding: chunked` and `Content-Length` is not allowed', $error->getMessage());
+    }
+
     public function testServerParamsWillBeSetOnHttpsRequest()
     {
         $request = null;
diff --git a/tests/StreamingServerTest.php b/tests/StreamingServerTest.php
