test,http: check that http server is robust from handler abuse

The only way I could find to complete coverage for _http_common.js is to use semi-private (exposed but probably shouldn't be) handlers to get the state into something weird. With the if-condition being checked (see Refs) commented out, I get this result from this test: ``` node:_http_common:140 if (len > 0 && !stream._dumped) { ^ TypeError: Cannot read property '_dumped' of null at HTTPParser.parserOnBody (node:_http_common:140:26) ``` With the check in place, the test passes without an error. Seems like quite the edge case, but I'm going to assume it's there for a reason. Refs: https://coverage.nodejs.org/coverage-b560645d6b0a4bed/lib/_http_common.js.html#L137 PR-URL: #37958 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
nodejs · Apr 8, 2021 · 0da7a11e543f17617caf5ac0baf0773cbee35625 · 0da7a11
1 parent b16e79e
commit 0da7a11e543f17617caf5ac0baf0773cbee35625
Unified Split

Showing with 26 additions and 0 deletions.

+26 −0 test/parallel/test-http-req-close-robust-from-tampering.js
diff --git a/test/parallel/test-http-req-close-robust-from-tampering.js b/test/parallel/test-http-req-close-robust-from-tampering.js
@@ -0,0 +1,26 @@
+'use strict';
+const common = require('../common');
+const { createServer } = require('http');
+const { connect } = require('net');
+
+// Make sure that calling the semi-private close() handlers manually doesn't
+// cause an error.
+
+const server = createServer(common.mustCall((req, res) => {
+  req.client._events.close.forEach((fn) => { fn.bind(req)(); });
+}));
+
+server.unref();
+
+server.listen(0, common.mustCall(() => {
+  const client = connect(server.address().port);
+
+  const req = [
+    'POST / HTTP/1.1',
+    'Content-Length: 11',
+    '',
+    'hello world',
+  ].join('\r\n');
+
+  client.end(req);
+}));