@@ -10674,18 +10674,11 @@ TEST(VulnerabilityTest, CRLFInjection) {
1067410674TEST (VulnerabilityTest, CRLFInjectionInHeaders) {
1067510675 auto server_thread = std::thread ([] {
1067610676 auto srv = ::socket (AF_INET, SOCK_STREAM, 0 );
10677- int on = 1 ;
10678- ::setsockopt (srv, SOL_SOCKET, SO_REUSEADDR,
10679- #ifdef _WIN32
10680- reinterpret_cast <const char *>(&on),
10681- #else
10682- &on,
10683- #endif
10684- sizeof (on));
10677+ default_socket_options (srv);
1068510678
1068610679 sockaddr_in addr{};
1068710680 addr.sin_family = AF_INET;
10688- addr.sin_port = htons (PORT);
10681+ addr.sin_port = htons (PORT + 1 );
1068910682 ::inet_pton (AF_INET, " 127.0.0.1"
1069010683 ::bind (srv, reinterpret_cast <sockaddr *>(&addr), sizeof(addr));
1069110684 ::listen (srv, 1 );
@@ -10694,16 +10687,7 @@ TEST(VulnerabilityTest, CRLFInjectionInHeaders) {
1069410687 socklen_t cli_len = sizeof (cli_addr);
1069510688 auto cli = ::accept (srv, reinterpret_cast <sockaddr *>(&cli_addr), &cli_len);
1069610689
10697- struct timeval tv;
10698- tv.tv_sec = 1 ;
10699- tv.tv_usec = 0 ;
10700- ::setsockopt (cli, SOL_SOCKET, SO_RCVTIMEO,
10701- #ifdef _WIN32
10702- reinterpret_cast <const char *>(&tv),
10703- #else
10704- &tv,
10705- #endif
10706- sizeof (tv));
10690+ detail::set_socket_opt_time (cli, SOL_SOCKET, SO_RCVTIMEO, 1 , 0 );
1070710691
1070810692 std::string buf_all;
1070910693 char buf[2048 ];
@@ -10731,22 +10715,21 @@ TEST(VulnerabilityTest, CRLFInjectionInHeaders) {
1073110715 }
1073210716 }
1073310717
10734- ::close (cli);
10735- ::close (srv);
10718+ httplib::detail::close_socket (cli);
10719+ httplib::detail::close_socket (srv);
1073610720 });
1073710721
1073810722 std::this_thread::sleep_for (std::chrono::milliseconds (200 ));
1073910723
10740- auto cli = httplib::Client (" 127 .0.0.1"
10724+ auto cli = httplib::Client (" 172 .0.0.1" + 1 );
1074110725
1074210726 auto headers = httplib::Headers{
1074310727 {" A" " B\r\n\r\n GET /pwned HTTP/1.1\r\n Host: 127.0.0.1:1234\r\n\r\n "
1074410728 {" Connection" " keep-alive"
1074510729
1074610730 auto res = cli.Get (" /hi"
1074710731 EXPECT_FALSE (res);
10748-
10749- if (res) { EXPECT_EQ (httplib::Error::InvalidHeaders, res.error ()); }
10732+ EXPECT_EQ (httplib::Error::InvalidHeaders, res.error ());
1075010733
1075110734 server_thread.join ();
1075210735}
0 commit comments