Merge pull request #1650 from fl4via/backport_2.3.x

[UNDERTOW-2417][UNDERTOW-2256][UNDERTOW-2381] Backport fixes to 2.3.x

Author: fl4via

core/src/main/java/io/undertow/protocols/http2/HPackHuffman.java

@@ -397,6 +397,10 @@ public static void decode(ByteBuffer data, int length, StringBuilder target) thr
                         eosCount = 0;
                     }
                 } else {
+                    // we need to check for EOS symbol in the string literal
+                    if (((val >> 16) & LOW_MASK) == 256) {
+                        throw UndertowMessages.MESSAGES.hpackFailed();
+                    }
                     //bit not set, we want the lower part of the tree
                     if ((val & HIGH_TERMINAL_BIT) == 0) {
                         treePos = (val >> 16) & LOW_MASK;

core/src/main/java/io/undertow/server/handlers/resource/DirectoryUtils.java

@@ -108,11 +108,29 @@ public static StringBuilder renderDirectoryListing(final HttpServerExchange exch
         if (!path.endsWith("/")){
             path += "/";
         }
+
+        String relative = null;
+        if (exchange != null) {
+            final Map<String, Object> context = exchange.getAttachment(Predicate.PREDICATE_CONTEXT);
+            if (context != null) {
+                final PathPrefixPredicate.PathPrefixMatchRecord trans = (PathPrefixMatchRecord) context
+                        .get(PathPrefixPredicate.PREFIX_MATCH_RECORD);
+                if (trans != null) {
+                    if (trans.isOverWritten()) {
+                        relative = trans.getPrefix();
+                        if (!relative.endsWith("/") && !path.startsWith("/")) {
+                            relative += "/";
+                        }
+                    }
+                }
+            }
+        }
+
         StringBuilder builder = new StringBuilder();
-        builder.append("<html>\n<head>\n<script src='").append(path).append("?js'></script>\n")
-                .append("<link rel='stylesheet' type='text/css' href='").append(path).append("?css' />\n</head>\n");
+        builder.append("<html>\n<head>\n<script src='").append(relative  == null ? path : relative + path).append("?js'></script>\n")
+                .append("<link rel='stylesheet' type='text/css' href='").append(relative  == null ? path : relative + path).append("?css' />\n</head>\n");
         builder.append("<body onresize='growit()' onload='growit()'>\n<table id='thetable'>\n<thead>\n");
-        builder.append("<tr><th class='loc' colspan='3'>Directory Listing - ").append(path).append("</th></tr>\n")
+        builder.append("<tr><th class='loc' colspan='3'>Directory Listing - ").append(relative  == null ? path : relative + path).append("</th></tr>\n")
                 .append("<tr><th class='label offset'>Name</th><th class='label'>Last Modified</th><th class='label'>Size</th></tr>\n</thead>\n")
                 .append("<tfoot>\n<tr><th class=\"loc footer\" colspan=\"3\">Powered by Undertow</th></tr>\n</tfoot>\n<tbody>\n");
 
@@ -137,23 +155,6 @@ public static StringBuilder renderDirectoryListing(final HttpServerExchange exch
             }
         }
 
-        String relative = null;
-        if (exchange != null) {
-            final Map<String, Object> context = exchange.getAttachment(Predicate.PREDICATE_CONTEXT);
-            if (context != null) {
-                final PathPrefixPredicate.PathPrefixMatchRecord trans = (PathPrefixMatchRecord) context
-                        .get(PathPrefixPredicate.PREFIX_MATCH_RECORD);
-                if (trans != null) {
-                    if (trans.isOverWritten()) {
-                        relative = trans.getPrefix();
-                        if (!relative.endsWith("/") && !path.startsWith("/")) {
-                            relative += "/";
-                        }
-                    }
-                }
-            }
-        }
-
         SimpleDateFormat format = new SimpleDateFormat("MMM dd, yyyy HH:mm:ss", Locale.US);
         int i = 0;
         if (parent != null) {

core/src/test/java/io/undertow/protocols/http2/HpackHuffmanDecodingStringLiteralRepresentation.java

@@ -0,0 +1,77 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2014 Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package io.undertow.protocols.http2;
+
+
+import io.undertow.testutils.category.UnitTest;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import java.nio.ByteBuffer;
+
+
+
+
+/**
+ * @author Marek Jusko
+ */
+@Category(UnitTest.class)
+public class HpackHuffmanDecodingStringLiteralRepresentation {
+
+    /**
+     * Sends a Huffman-encoded string literal representation containing the EOS symbol.
+     * <p>
+     * Requirement: The endpoint MUST treat this as a decoding error.
+     */
+    @Test
+    public void testStringLiteralContainingEOS() throws HpackException {
+        byte[] data = new byte[]{0x00, (byte) 0x85, (byte) 0xf2, (byte) 0xb2, 0x4a, (byte) 0x84, (byte) 0xff, (byte) 0x87, 0x49, (byte) 0x51, (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xfa, 0x7f};
+        HpackDecoder decoder = new HpackDecoder(256);
+
+        Assert.assertThrows(HpackException.class, () -> decoder.decode(ByteBuffer.wrap(data), false));
+    }
+
+    /**
+     * Sends a Huffman-encoded string literal representation with padding longer than 7 bits.
+     * <p>
+     * Requirement: The endpoint MUST treat this as a decoding error.
+     */
+    @Test
+    public void testStringLiteralPaddingLongerThan7Bits() throws HpackException {
+        byte[] data = new byte[]{0x00, (byte) 0x85, (byte) 0xf2, (byte) 0xb2, 0x4a, (byte) 0x84, (byte) 0xff, (byte) 0x84, 0x49, (byte) 0x50, (byte) 0x9f, (byte) 0xff};
+        HpackDecoder decoder = new HpackDecoder(256);
+
+        Assert.assertThrows(HpackException.class, () -> decoder.decode(ByteBuffer.wrap(data), false));
+    }
+
+    /**
+     * Sends a Huffman-encoded string literal representation padded by zero.
+     * <p>
+     * Requirement: The endpoint MUST treat this as a decoding error.
+     */
+    @Test
+    public void testStringLiteralPaddedByZero() throws HpackException {
+        byte[] data = new byte[]{0x00, (byte) 0x85, (byte) 0xf2, (byte) 0xb2, 0x4a, (byte) 0x84, (byte) 0xff, (byte) 0x83, 0x49, (byte) 0x50, (byte) 0x90};
+        HpackDecoder decoder = new HpackDecoder(256);
+
+        Assert.assertThrows(HpackException.class, () -> decoder.decode(ByteBuffer.wrap(data), false));
+    }
+
+}

core/src/test/java/io/undertow/server/handlers/file/FileHandlerWithPredicateTestCase.java

@@ -0,0 +1,86 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2024 Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package io.undertow.server.handlers.file;
+
+import io.undertow.predicate.PredicatesHandler;
+import io.undertow.server.handlers.ResponseCodeHandler;
+import io.undertow.server.handlers.builder.PredicatedHandler;
+import io.undertow.server.handlers.builder.PredicatedHandlersParser;
+import io.undertow.server.handlers.resource.DirectoryUtils;
+import io.undertow.testutils.DefaultServer;
+import io.undertow.testutils.TestHttpClient;
+import org.apache.http.HttpEntity;
+import org.apache.http.client.methods.HttpGet;
+import org.apache.http.util.EntityUtils;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import java.io.IOException;
+import java.net.URISyntaxException;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.List;
+
+@RunWith(DefaultServer.class)
+public class FileHandlerWithPredicateTestCase {
+    @Test
+    public void testIfHandlerReturnsResourcesWhenItIsInPredicate() throws IOException, URISyntaxException {
+        TestHttpClient client = new TestHttpClient();
+        Path rootPath = Paths.get(getClass().getResource("page.html").toURI()).getParent();
+        try {
+            List<PredicatedHandler> predicatedHandlers = PredicatedHandlersParser.parse("path-prefix(/subdir)-> { set(attribute=%U,value=${remaining}); resource(location='"+ rootPath +"',allow-listing=true) }", FileHandlerWithPredicateTestCase.class.getClassLoader());
+            PredicatesHandler predicatesHandler = new PredicatesHandler(new ResponseCodeHandler(200));
+            for (PredicatedHandler handler : predicatedHandlers) {
+                predicatesHandler.addPredicatedHandler(handler);
+            }
+            DefaultServer.setRootHandler(predicatesHandler);
+
+            //Make sure that we receive a body with the js needed to render the page.
+            CheckResponse(client, "/subdir/?js", true, false);
+
+            //Same for css
+            CheckResponse(client, "/subdir/?css", false, false);
+
+            //Make sure that we receive a body with the js needed to render the page.
+            CheckResponse(client, "/?js", true, true);
+
+            //Same for css
+            CheckResponse(client, "/?css", false, true);
+
+        } finally {
+            client.getConnectionManager().shutdown();
+        }
+    }
+
+    private void CheckResponse(TestHttpClient client, String path, Boolean isJs, Boolean emptyResponseExpected) throws IOException {
+        //Make sure that we receive a body with the js needed to render the page.
+        HttpGet get = new HttpGet(DefaultServer.getDefaultServerURL() + path);
+        HttpEntity result = client.execute(get).getEntity();
+
+        if (emptyResponseExpected){
+            Assert.assertEquals("The response is not empty", "", EntityUtils.toString(result));
+        } else {
+            if (isJs){
+                Assert.assertEquals("The returned js code is different or empty", DirectoryUtils.Blobs.FILE_JS, EntityUtils.toString(result));
+            } else {
+                Assert.assertEquals("The returned css code is different or empty", DirectoryUtils.Blobs.FILE_CSS, EntityUtils.toString(result));
+            }
+        }
+    }
+}

pom.xml

@@ -193,7 +193,7 @@
                         </compilerArgs>
                         <!-- need to specify directly, for some reason properties are ignored -->
                         <showDeprecation>${maven.compiler.showDeprecation}</showDeprecation>
-                        <showWarnings>${maven.compilie${maven.compiler.showWarnings}</showWarnings>
+                        <showWarnings>${maven.compiler.showWarnings}</showWarnings>
                     </configuration>
                 </plugin>