Projet

Général

Profil

0001-misc-check-null-characters-in-query-string-and-form-.patch

Benjamin Dauvergne, 22 octobre 2020 18:32

Télécharger (3,46 ko)

Voir les différences:

Subject: [PATCH 1/2] misc: check null characters in query-string and form data
 (#46625)

 src/authentic2/middleware.py | 20 ++++++++++++++++++++
 src/authentic2/settings.py   |  1 +
 tests/test_idp_saml2.py      |  5 +++++
 tests/test_login.py          |  8 ++++++++
 4 files changed, 34 insertions(+)
src/authentic2/middleware.py
31 31
from django.utils.translation import ugettext as _
32 32
from django.utils.six.moves.urllib import parse as urlparse
33 33
from django.shortcuts import render
34
from django import http
34 35

  
35 36
from . import app_settings, utils, plugins
36 37
from .utils.service import get_service_from_request, get_service_from_session
......
222 223
    def middleware(request):
223 224
        request.journal = journal.Journal(request=request)
224 225
        return get_response(request)
226
    return middleware
227

  
228

  
229
def null_character_middleware(get_response):
230
    def middleware(request):
231
        def check_query_dict(qd):
232
            for key in qd:
233
                for value in qd.getlist(key):
234
                    if '\0' in value:
235
                        return False
236
            return True
225 237

  
238
        if not check_query_dict(request.GET):
239
            return http.HttpResponseBadRequest('null character in query string')
240

  
241
        if request.content_type == 'application/x-www-form-urlencoded':
242
            if not check_query_dict(request.POST):
243
                return http.HttpResponseBadRequest('null character in form data')
244

  
245
        return get_response(request)
226 246
    return middleware
src/authentic2/settings.py
88 88

  
89 89

  
90 90
MIDDLEWARE = (
91
    'authentic2.middleware.null_character_middleware',
91 92
    'authentic2.middleware.StoreRequestMiddleware',
92 93
    'authentic2.middleware.RequestIdMiddleware',
93 94
    'authentic2.middleware.ServiceAccessControlMiddleware',
tests/test_idp_saml2.py
968 968
owIDAQAB
969 969
-----END PUBLIC KEY-----'''
970 970
    response = app.get('/idp/saml2/metadata')
971

  
972

  
973
def test_null_character_nonce(app, db):
974
    response = app.get('/idp/saml2/continue/', params={'nonce': '\0'}, status=400)
975
    assert response.text == 'null character in query string'
tests/test_login.py
318 318
    for cookie in app.cookiejar:
319 319
        if cookie.name == 'A2_OPENED_SESSION':
320 320
            assert cookie.secure is True
321

  
322

  
323
def test_null_characters(app, db):
324
    response = app.get('/login/')
325
    response.form.set('username', 'xx\0xx')
326
    response.form.set('password', 'whatever')
327
    response = response.form.submit(name='login-password-submit', status=400)
328
    assert response.text == 'null character in form data'
321
-