Disconnect if bad request/response

lw · lw · commit afb0f70e10df · 2018-09-27T21:26:20.000+01:00
diff --git a/cms/io/rpc.py b/cms/io/rpc.py
@@ -351,6 +351,7 @@ def process_data(self, data):
         try:
             message = json.loads(data.decode('utf-8'))
         except ValueError:
+            self.disconnect("Bad request received")
             logger.warning("Cannot parse incoming message, discarding.")
             return
 
@@ -367,6 +368,7 @@ def process_incoming_request(self, request):
         """
         # Validate the request.
         if not {"__id", "__method", "__data"}.issubset(iterkeys(request)):
+            self.disconnect("Bad request received")
             logger.warning("Request is missing some fields, ignoring.")
             return
 
@@ -542,6 +544,7 @@ def process_data(self, data):
         try:
             message = json.loads(data.decode('utf-8'))
         except ValueError:
+            self.disconnect("Bad response received")
             logger.warning("Cannot parse incoming message, discarding.")
             return
 
@@ -558,6 +561,7 @@ def process_incoming_response(self, response):
         """
         # Validate the response.
         if not {"__id", "__data", "__error"}.issubset(iterkeys(response)):
+            self.disconnect("Bad response received")
             logger.warning("Response is missing some fields, ignoring.")
             return
 
diff --git a/cmstestsuite/unit_tests/io/rpc_test.py b/cmstestsuite/unit_tests/io/rpc_test.py
@@ -415,17 +415,17 @@ def test_send_invalid_json(self):
         sock = gevent.socket.create_connection((self.host, self.port))
         sock.sendall(b"foo\r\n")
         self.sleep()
-        self.assertTrue(self.servers[0].connected)
-        # Verify the server resumes normal operation.
-        self.test_method_return_int()
+        # Malformed messages cause the connection to be closed.
+        self.assertFalse(self.servers[0].connected)
+        sock.close()
 
     def test_send_incomplete_json(self):
         sock = gevent.socket.create_connection((self.host, self.port))
         sock.sendall(b'{"__id": "foo"}\r\n')
         self.sleep()
-        self.assertTrue(self.servers[0].connected)
-        # Verify the server resumes normal operation.
-        self.test_method_return_int()
+        # Malformed messages cause the connection to be closed.
+        self.assertFalse(self.servers[0].connected)
+        sock.close()
 
 
 if __name__ == "__main__":
