RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
MIT License
2.52k
stars
283
forks
source link
adjusted if statement for single-chunk data transfer #897
This PR aims to improve the handling of the corner case when a chunked response has just a single chunk.
PR Checklist
[x] Applies to work item: engine/transport_layer/messaging.py
[x] CLA signed.
[ ] Tests added/passed
[ ] Requires documentation to be updated
[ ] I've discussed this with core contributors already. If not checked, I'm ready to accept this work might be rejected in favor of a different approach. Issue number where discussion took place:
Info on Pull Request
While testing restler I encountered the problem that every second request got a time out.
To address this I added a TERMINATING_CHUNK_DELIM constant which should ensure that this line doesn't trigger on the HEADER delimiter like it currently does.
Currently if the response is chunked, only the header of the response could be assigned to data which causes a timeout on this call. I suspect this is the case because the response from the first request of a TCP connection is still buffered, but only the payload without the HEADER is available, because the previous call consumed the HEADER. This causes the tool to retry the request with a new TCP connection, which succeeds, but the next request runs into the same problem.
Validation Steps Performed
Run the tool with the modified code without encountering the time out problem.
Summary of the Pull Request
This PR aims to improve the handling of the corner case when a chunked response has just a single chunk.
PR Checklist
Info on Pull Request
While testing restler I encountered the problem that every second request got a time out. To address this I added a
TERMINATING_CHUNK_DELIM
constant which should ensure that this line doesn't trigger on the HEADER delimiter like it currently does.Currently if the response is chunked, only the header of the response could be assigned to data which causes a timeout on this call. I suspect this is the case because the response from the first request of a TCP connection is still buffered, but only the payload without the HEADER is available, because the previous call consumed the HEADER. This causes the tool to retry the request with a new TCP connection, which succeeds, but the next request runs into the same problem.
Validation Steps Performed
Run the tool with the modified code without encountering the time out problem.