verify that digest.update() fails after .final() has already been called

58858a78 · Geoff Simmons · 4eeed3b6 · 58858a78 · 58858a78
Commit 58858a78 authored Nov 01, 2016 by Geoff Simmons
Hide whitespace changes
Inline Side-by-side

Showing with 71 additions and 2 deletions

md5.vtc src/tests/md5.vtc +65 -0

vmod_blobdigest.c src/vmod_blobdigest.c +6 -2

No files found.
--- a/src/tests/md5.vtc
+++ b/src/tests/md5.vtc
@@ -543,3 +543,68 @@ client c1 {
 	expect resp.http.d2_c1 == "0CC175B9C0F1B6A831C399E269772661"
 	expect resp.http.d2_c2 == "0CC175B9C0F1B6A831C399E269772661"
 } -run
+
+# digest.update() may not be called after digest.final()
+varnish v1 -errvcl {vmod blobdigest error: already finalized in d1.update()} {
+	import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so";
+	import blobcode;
+	import blob;
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_init {
+		new empty = blobcode.blob(IDENTITY, "");
+		new hash = blobcode.blob(HEX,
+		                         "D41D8CD98F00B204E9800998ECF8427E");
+
+		new d1 = blobdigest.digest(MD5);
+		if (!d1.update(empty.get())) {
+			return(fail);
+		}
+		if (!blob.equal(d1.final(), hash.get())) {
+			return(fail);
+		}
+		if (!d1.update(empty.get())) {
+			return(fail);
+		}
+	}
+}
+
+varnish v1 -vcl {
+	import blobdigest from "${vmod_topbuild}/src/.libs/libvmod_blobdigest.so";
+	import blobcode;
+	backend b { .host = "${bad_ip}"; }
+
+	sub vcl_init {
+		new a = blobcode.blob(IDENTITY, "a");
+		new d1 = blobdigest.digest(MD5);
+	}
+
+	sub vcl_recv {
+		return(synth(200));
+	}
+
+	sub vcl_synth {
+		if (!d1.update(a.get())) {
+			set resp.status = 500;
+			return(deliver);
+		}
+		set resp.http.a = blobcode.encode(HEXUC, d1.final());
+		if (!d1.update(a.get())) {
+			set resp.status = 500;
+			return(deliver);
+		}
+	}
+}
+
+client c1 {
+	txreq
+	rxresp
+	expect resp.status == 500
+	expect resp.http.a == "0CC175B9C0F1B6A831C399E269772661"
+} -run
+
+logexpect l1 -v v1 -d 1 -g vxid -q "VCL_Error" {
+        expect 0 * Begin req
+        expect * = VCL_Error "^vmod blobdigest error: already finalized in d1.update..$"
+	expect * = End
+} -run
--- a/src/vmod_blobdigest.c
+++ b/src/vmod_blobdigest.c
@@ -45,6 +45,9 @@
 #define ERR(ctx, msg) \
 	errmsg((ctx), "vmod blobdigest error: " msg)

+#define VERR(ctx, fmt, ...) \
+        errmsg((ctx), "vmod blobdigest error: " fmt, __VA_ARGS__)
+
 #define ERRNOMEM(ctx, msg) \
 	ERR((ctx), msg ", out of space")

@@ -291,11 +294,12 @@ vmod_digest_update(VRT_CTX, struct vmod_blobdigest_digest *h, VCL_BLOB b)
 	CHECK_OBJ_NOTNULL(h, VMOD_BLOBDIGEST_DIGEST_MAGIC);

 	if (h->result != NULL) {
-		ERR(ctx, "already finalized in digest.update()");
+		VERR(ctx, "already finalized in %s.update()", h->vcl_name);
 		return 0;
 	}

 	/* XXX: is b == NULL an error? */
+	/* XXX: no error calling .update() after .final() in these cases */
 	if (b == NULL || b->len == 0 || b->priv == NULL)
 		return 1;

@@ -307,7 +311,7 @@ vmod_digest_update(VRT_CTX, struct vmod_blobdigest_digest *h, VCL_BLOB b)
 	task = get_task(ctx, h);
 	CHECK_OBJ_NOTNULL(task, VMOD_BLOBDIGEST_DIGEST_TASK_MAGIC);
 	if (task->result != NULL) {
-		ERR(ctx, "already finalized in digest.update()");
+		VERR(ctx, "already finalized in %s.update()", h->vcl_name);
 		return 0;
 	}
 	update(h->hash, &task->ctx, b->priv, b->len);