From a6e4c8e5c7b4e3d3cac23449d472f275399a6222 Mon Sep 17 00:00:00 2001 From: Florian Zschocke Date: Mon, 11 Nov 2019 00:10:43 +0100 Subject: Fix NPE when no action can be parsed from the URL Renames `static final` variables according to convention to be in all upper case. That makes it easier to see that in an `equals` comparison the final variable should come first as it will not trigger a NPE. Also strip parameters from the URL when extracting the repository name from it. Parameters can not be part of a repository name, and this way an empty repository name can be detected. Fixes #1092 --- .../java/com/gitblit/tests/GitServletTest.java | 54 ++++++++++++++++++++++ 1 file changed, 54 insertions(+) (limited to 'src/test/java') diff --git a/src/test/java/com/gitblit/tests/GitServletTest.java b/src/test/java/com/gitblit/tests/GitServletTest.java index f9a1bec4..c433ab18 100644 --- a/src/test/java/com/gitblit/tests/GitServletTest.java +++ b/src/test/java/com/gitblit/tests/GitServletTest.java @@ -25,6 +25,11 @@ import java.util.Date; import java.util.List; import java.util.concurrent.atomic.AtomicBoolean; +import org.apache.commons.io.IOUtils; +import org.apache.http.HttpResponse; +import org.apache.http.client.HttpClient; +import org.apache.http.client.methods.HttpGet; +import org.apache.http.impl.client.HttpClientBuilder; import org.eclipse.jgit.api.CloneCommand; import org.eclipse.jgit.api.Git; import org.eclipse.jgit.api.MergeCommand.FastForwardMode; @@ -928,4 +933,53 @@ public class GitServletTest extends GitblitUnitTest { GitBlitSuite.close(repository); assertTrue("Repository has an empty push log!", pushes.size() > 0); } + + + + @Test + public void testInvalidURLNoRepoName() throws IOException { + final String testURL = GitBlitSuite.gitServletUrl + "/?service=git-upload-pack"; + + HttpClient client = HttpClientBuilder.create().build(); + HttpGet request = new HttpGet(testURL); + + HttpResponse response = client.execute(request); + assertEquals("Expected BAD REQUEST due to missing repository string", 400, response.getStatusLine().getStatusCode()); + } + + @Test + public void testInvalidURLNoRepoName2() throws IOException { + final String testURL = GitBlitSuite.gitServletUrl + "//info/refs"; + + HttpClient client = HttpClientBuilder.create().build(); + HttpGet request = new HttpGet(testURL); + + HttpResponse response = client.execute(request); + assertEquals("Expected BAD REQUEST due to missing repository string", 400, response.getStatusLine().getStatusCode()); + } + + + @Test + public void testURLUnknownRepo() throws IOException { + final String testURL = GitBlitSuite.url + "/r/foobar.git/info/refs"; + + HttpClient client = HttpClientBuilder.create().build(); + HttpGet request = new HttpGet(testURL); + + HttpResponse response = client.execute(request); + assertEquals(401, response.getStatusLine().getStatusCode()); + } + + @Test + public void testURLUnknownAction() throws IOException { + final String testURL = GitBlitSuite.gitServletUrl + "/helloworld.git/something/unknown"; + + HttpClient client = HttpClientBuilder.create().build(); + HttpGet request = new HttpGet(testURL); + + HttpResponse response = client.execute(request); + + assertEquals(400, response.getStatusLine().getStatusCode()); + } + } -- cgit v1.2.3