From 139af01c5ca4dd6a504a6e88d93ec21529c186f6 Mon Sep 17 00:00:00 2001 From: hallvictoria <59299039+hallvictoria@users.noreply.github.com> Date: Tue, 12 Nov 2024 10:16:59 -0600 Subject: [PATCH] fix: codeql fixes (#1606) * codeql fixes * lint * removed redundant pycryptodome definition --------- Co-authored-by: Victoria Hall --- .../blob_functions_stein/function_app.py | 40 ++++++------- .../generic/function_app.py | 40 ++++++------- .../main.py | 4 +- .../main.py | 4 +- .../main.py | 4 +- .../main.py | 4 +- .../main.py | 4 +- .../main.py | 20 +++---- .../test_mock_blob_shared_memory_functions.py | 60 +++++++++---------- .../test_third_party_http_functions.py | 9 ++- .../stein/asgi_function/function_app.py | 17 +++++- .../stein/wsgi_function/function_app.py | 4 +- 12 files changed, 113 insertions(+), 97 deletions(-) diff --git a/tests/endtoend/blob_functions/blob_functions_stein/function_app.py b/tests/endtoend/blob_functions/blob_functions_stein/function_app.py index 2621a336..2edc1384 100644 --- a/tests/endtoend/blob_functions/blob_functions_stein/function_app.py +++ b/tests/endtoend/blob_functions/blob_functions_stein/function_app.py @@ -52,11 +52,11 @@ def get_blob_as_bytes_return_http_response(req: func.HttpRequest, file: bytes) \ assert isinstance(file, bytes) content_size = len(file) - content_md5 = hashlib.md5(file).hexdigest() + content_sha256 = hashlib.sha256(file).hexdigest() response_dict = { 'content_size': content_size, - 'content_md5': content_md5 + 'content_sha256': content_sha256 } response_body = json.dumps(response_dict, indent=2) @@ -84,11 +84,11 @@ def get_blob_as_bytes_stream_return_http_response(req: func.HttpRequest, file_bytes = file.read() content_size = len(file_bytes) - content_md5 = hashlib.md5(file_bytes).hexdigest() + content_sha256 = hashlib.sha256(file_bytes).hexdigest() response_dict = { 'content_size': content_size, - 'content_md5': content_md5 + 'content_sha256': content_sha256 } response_body = json.dumps(response_dict, indent=2) @@ -127,11 +127,11 @@ def get_blob_as_str_return_http_response(req: func.HttpRequest, num_chars = len(file) content_bytes = file.encode('utf-8') - content_md5 = hashlib.md5(content_bytes).hexdigest() + content_sha256 = hashlib.sha256(content_bytes).hexdigest() response_dict = { 'num_chars': num_chars, - 'content_md5': content_md5 + 'content_sha256': content_sha256 } response_body = json.dumps(response_dict, indent=2) @@ -212,13 +212,13 @@ def put_blob_as_bytes_return_http_response(req: func.HttpRequest, content = b'\x01' * content_size else: content = bytearray(random.getrandbits(8) for _ in range(content_size)) - content_md5 = hashlib.md5(content).hexdigest() + content_sha256 = hashlib.sha256(content).hexdigest() file.set(content) response_dict = { 'content_size': content_size, - 'content_md5': content_md5 + 'content_sha256': content_sha256 } response_body = json.dumps(response_dict, indent=2) @@ -249,14 +249,14 @@ def put_blob_as_str_return_http_response(req: func.HttpRequest, file: func.Out[ k=num_chars)) content_bytes = content.encode('utf-8') content_size = len(content_bytes) - content_md5 = hashlib.md5(content_bytes).hexdigest() + content_sha256 = hashlib.sha256(content_bytes).hexdigest() file.set(content) response_dict = { 'num_chars': num_chars, 'content_size': content_size, - 'content_md5': content_md5 + 'content_sha256': content_sha256 } response_body = json.dumps(response_dict, indent=2) @@ -321,8 +321,8 @@ def put_blob_trigger(req: func.HttpRequest, file: func.Out[str]) -> str: def _generate_content_and_digest(content_size): content = bytearray(random.getrandbits(8) for _ in range(content_size)) - content_md5 = hashlib.md5(content).hexdigest() - return content, content_md5 + content_sha256 = hashlib.sha256(content).hexdigest() + return content, content_sha256 @app.function_name(name="put_get_multiple_blobs_as_bytes_return_http_response") @@ -359,15 +359,15 @@ def put_get_multiple_blobs_as_bytes_return_http_response( input_content_size_1 = len(inputfile1) input_content_size_2 = len(inputfile2) - input_content_md5_1 = hashlib.md5(inputfile1).hexdigest() - input_content_md5_2 = hashlib.md5(inputfile2).hexdigest() + input_content_sha256_1 = hashlib.sha256(inputfile1).hexdigest() + input_content_sha256_2 = hashlib.sha256(inputfile2).hexdigest() output_content_size_1 = int(req.params['output_content_size_1']) output_content_size_2 = int(req.params['output_content_size_2']) - output_content_1, output_content_md5_1 = \ + output_content_1, output_content_sha256_1 = \ _generate_content_and_digest(output_content_size_1) - output_content_2, output_content_md5_2 = \ + output_content_2, output_content_sha256_2 = \ _generate_content_and_digest(output_content_size_2) outputfile1.set(output_content_1) @@ -376,12 +376,12 @@ def put_get_multiple_blobs_as_bytes_return_http_response( response_dict = { 'input_content_size_1': input_content_size_1, 'input_content_size_2': input_content_size_2, - 'input_content_md5_1': input_content_md5_1, - 'input_content_md5_2': input_content_md5_2, + 'input_content_sha256_1': input_content_sha256_1, + 'input_content_sha256_2': input_content_sha256_2, 'output_content_size_1': output_content_size_1, 'output_content_size_2': output_content_size_2, - 'output_content_md5_1': output_content_md5_1, - 'output_content_md5_2': output_content_md5_2 + 'output_content_sha256_1': output_content_sha256_1, + 'output_content_sha256_2': output_content_sha256_2 } response_body = json.dumps(response_dict, indent=2) diff --git a/tests/endtoend/blob_functions/blob_functions_stein/generic/function_app.py b/tests/endtoend/blob_functions/blob_functions_stein/generic/function_app.py index d902a09e..77e9dc59 100644 --- a/tests/endtoend/blob_functions/blob_functions_stein/generic/function_app.py +++ b/tests/endtoend/blob_functions/blob_functions_stein/generic/function_app.py @@ -64,11 +64,11 @@ def get_blob_as_bytes_return_http_response(req: func.HttpRequest, file: bytes) \ assert isinstance(file, bytes) content_size = len(file) - content_md5 = hashlib.md5(file).hexdigest() + content_sha256 = hashlib.sha256(file).hexdigest() response_dict = { 'content_size': content_size, - 'content_md5': content_md5 + 'content_sha256': content_sha256 } response_body = json.dumps(response_dict, indent=2) @@ -100,11 +100,11 @@ def get_blob_as_bytes_stream_return_http_response(req: func.HttpRequest, file_bytes = file.read() content_size = len(file_bytes) - content_md5 = hashlib.md5(file_bytes).hexdigest() + content_sha256 = hashlib.sha256(file_bytes).hexdigest() response_dict = { 'content_size': content_size, - 'content_md5': content_md5 + 'content_sha256': content_sha256 } response_body = json.dumps(response_dict, indent=2) @@ -151,11 +151,11 @@ def get_blob_as_str_return_http_response(req: func.HttpRequest, num_chars = len(file) content_bytes = file.encode('utf-8') - content_md5 = hashlib.md5(content_bytes).hexdigest() + content_sha256 = hashlib.sha256(content_bytes).hexdigest() response_dict = { 'num_chars': num_chars, - 'content_md5': content_md5 + 'content_sha256': content_sha256 } response_body = json.dumps(response_dict, indent=2) @@ -259,13 +259,13 @@ def put_blob_as_bytes_return_http_response(req: func.HttpRequest, content = b'\x01' * content_size else: content = bytearray(random.getrandbits(8) for _ in range(content_size)) - content_md5 = hashlib.md5(content).hexdigest() + content_sha256 = hashlib.sha256(content).hexdigest() file.set(content) response_dict = { 'content_size': content_size, - 'content_md5': content_md5 + 'content_sha256': content_sha256 } response_body = json.dumps(response_dict, indent=2) @@ -299,14 +299,14 @@ def put_blob_as_str_return_http_response( k=num_chars)) content_bytes = content.encode('utf-8') content_size = len(content_bytes) - content_md5 = hashlib.md5(content_bytes).hexdigest() + content_sha256 = hashlib.sha256(content_bytes).hexdigest() file.set(content) response_dict = { 'num_chars': num_chars, 'content_size': content_size, - 'content_md5': content_md5 + 'content_sha256': content_sha256 } response_body = json.dumps(response_dict, indent=2) @@ -389,8 +389,8 @@ def put_blob_trigger(req: func.HttpRequest, file: func.Out[str]) -> str: def _generate_content_and_digest(content_size): content = bytearray(random.getrandbits(8) for _ in range(content_size)) - content_md5 = hashlib.md5(content).hexdigest() - return content, content_md5 + content_sha256 = hashlib.sha256(content).hexdigest() + return content, content_sha256 @app.function_name(name="put_get_multiple_blobs_as_bytes_return_http_response") @@ -437,15 +437,15 @@ def put_get_multiple_blobs_as_bytes_return_http_response( input_content_size_1 = len(inputfile1) input_content_size_2 = len(inputfile2) - input_content_md5_1 = hashlib.md5(inputfile1).hexdigest() - input_content_md5_2 = hashlib.md5(inputfile2).hexdigest() + input_content_sha256_1 = hashlib.sha256(inputfile1).hexdigest() + input_content_sha256_2 = hashlib.sha256(inputfile2).hexdigest() output_content_size_1 = int(req.params['output_content_size_1']) output_content_size_2 = int(req.params['output_content_size_2']) - output_content_1, output_content_md5_1 = \ + output_content_1, output_content_sha256_1 = \ _generate_content_and_digest(output_content_size_1) - output_content_2, output_content_md5_2 = \ + output_content_2, output_content_sha256_2 = \ _generate_content_and_digest(output_content_size_2) outputfile1.set(output_content_1) @@ -454,12 +454,12 @@ def put_get_multiple_blobs_as_bytes_return_http_response( response_dict = { 'input_content_size_1': input_content_size_1, 'input_content_size_2': input_content_size_2, - 'input_content_md5_1': input_content_md5_1, - 'input_content_md5_2': input_content_md5_2, + 'input_content_sha256_1': input_content_sha256_1, + 'input_content_sha256_2': input_content_sha256_2, 'output_content_size_1': output_content_size_1, 'output_content_size_2': output_content_size_2, - 'output_content_md5_1': output_content_md5_1, - 'output_content_md5_2': output_content_md5_2 + 'output_content_sha256_1': output_content_sha256_1, + 'output_content_sha256_2': output_content_sha256_2 } response_body = json.dumps(response_dict, indent=2) diff --git a/tests/endtoend/blob_functions/get_blob_as_bytes_return_http_response/main.py b/tests/endtoend/blob_functions/get_blob_as_bytes_return_http_response/main.py index 636ac90d..f7069cab 100644 --- a/tests/endtoend/blob_functions/get_blob_as_bytes_return_http_response/main.py +++ b/tests/endtoend/blob_functions/get_blob_as_bytes_return_http_response/main.py @@ -15,11 +15,11 @@ def main(req: azf.HttpRequest, file: bytes) -> azf.HttpResponse: assert isinstance(file, bytes) content_size = len(file) - content_md5 = hashlib.md5(file).hexdigest() + content_sha256 = hashlib.sha256(file).hexdigest() response_dict = { 'content_size': content_size, - 'content_md5': content_md5 + 'content_sha256': content_sha256 } response_body = json.dumps(response_dict, indent=2) diff --git a/tests/endtoend/blob_functions/get_blob_as_bytes_stream_return_http_response/main.py b/tests/endtoend/blob_functions/get_blob_as_bytes_stream_return_http_response/main.py index eb8986c0..bd65835b 100644 --- a/tests/endtoend/blob_functions/get_blob_as_bytes_stream_return_http_response/main.py +++ b/tests/endtoend/blob_functions/get_blob_as_bytes_stream_return_http_response/main.py @@ -15,11 +15,11 @@ def main(req: azf.HttpRequest, file: azf.InputStream) -> azf.HttpResponse: file_bytes = file.read() content_size = len(file_bytes) - content_md5 = hashlib.md5(file_bytes).hexdigest() + content_sha256 = hashlib.sha256(file_bytes).hexdigest() response_dict = { 'content_size': content_size, - 'content_md5': content_md5 + 'content_sha256': content_sha256 } response_body = json.dumps(response_dict, indent=2) diff --git a/tests/endtoend/blob_functions/get_blob_as_str_return_http_response/main.py b/tests/endtoend/blob_functions/get_blob_as_str_return_http_response/main.py index 8d8bf533..16f98375 100644 --- a/tests/endtoend/blob_functions/get_blob_as_str_return_http_response/main.py +++ b/tests/endtoend/blob_functions/get_blob_as_str_return_http_response/main.py @@ -16,11 +16,11 @@ def main(req: azf.HttpRequest, file: str) -> azf.HttpResponse: num_chars = len(file) content_bytes = file.encode('utf-8') - content_md5 = hashlib.md5(content_bytes).hexdigest() + content_sha256 = hashlib.sha256(content_bytes).hexdigest() response_dict = { 'num_chars': num_chars, - 'content_md5': content_md5 + 'content_sha256': content_sha256 } response_body = json.dumps(response_dict, indent=2) diff --git a/tests/endtoend/blob_functions/put_blob_as_bytes_return_http_response/main.py b/tests/endtoend/blob_functions/put_blob_as_bytes_return_http_response/main.py index 5e461cf9..58325882 100644 --- a/tests/endtoend/blob_functions/put_blob_as_bytes_return_http_response/main.py +++ b/tests/endtoend/blob_functions/put_blob_as_bytes_return_http_response/main.py @@ -24,13 +24,13 @@ def main(req: azf.HttpRequest, file: azf.Out[bytes]) -> azf.HttpResponse: content = b'\x01' * content_size else: content = bytearray(random.getrandbits(8) for _ in range(content_size)) - content_md5 = hashlib.md5(content).hexdigest() + content_sha256 = hashlib.sha256(content).hexdigest() file.set(content) response_dict = { 'content_size': content_size, - 'content_md5': content_md5 + 'content_sha256': content_sha256 } response_body = json.dumps(response_dict, indent=2) diff --git a/tests/endtoend/blob_functions/put_blob_as_str_return_http_response/main.py b/tests/endtoend/blob_functions/put_blob_as_str_return_http_response/main.py index 4e16c84a..3174d3cf 100644 --- a/tests/endtoend/blob_functions/put_blob_as_str_return_http_response/main.py +++ b/tests/endtoend/blob_functions/put_blob_as_str_return_http_response/main.py @@ -21,14 +21,14 @@ def main(req: azf.HttpRequest, file: azf.Out[str]) -> azf.HttpResponse: k=num_chars)) content_bytes = content.encode('utf-8') content_size = len(content_bytes) - content_md5 = hashlib.md5(content_bytes).hexdigest() + content_sha256 = hashlib.sha256(content_bytes).hexdigest() file.set(content) response_dict = { 'num_chars': num_chars, 'content_size': content_size, - 'content_md5': content_md5 + 'content_sha256': content_sha256 } response_body = json.dumps(response_dict, indent=2) diff --git a/tests/endtoend/blob_functions/put_get_multiple_blobs_as_bytes_return_http_response/main.py b/tests/endtoend/blob_functions/put_get_multiple_blobs_as_bytes_return_http_response/main.py index 9d2811e3..95710c9c 100644 --- a/tests/endtoend/blob_functions/put_get_multiple_blobs_as_bytes_return_http_response/main.py +++ b/tests/endtoend/blob_functions/put_get_multiple_blobs_as_bytes_return_http_response/main.py @@ -10,8 +10,8 @@ def _generate_content_and_digest(content_size): content = bytearray(random.getrandbits(8) for _ in range(content_size)) - content_md5 = hashlib.md5(content).hexdigest() - return content, content_md5 + content_sha256 = hashlib.sha256(content).hexdigest() + return content, content_sha256 def main( @@ -30,15 +30,15 @@ def main( input_content_size_1 = len(inputfile1) input_content_size_2 = len(inputfile2) - input_content_md5_1 = hashlib.md5(inputfile1).hexdigest() - input_content_md5_2 = hashlib.md5(inputfile2).hexdigest() + input_content_sha256_1 = hashlib.sha256(inputfile1).hexdigest() + input_content_sha256_2 = hashlib.sha256(inputfile2).hexdigest() output_content_size_1 = int(req.params['output_content_size_1']) output_content_size_2 = int(req.params['output_content_size_2']) - output_content_1, output_content_md5_1 = \ + output_content_1, output_content_sha256_1 = \ _generate_content_and_digest(output_content_size_1) - output_content_2, output_content_md5_2 = \ + output_content_2, output_content_sha256_2 = \ _generate_content_and_digest(output_content_size_2) outputfile1.set(output_content_1) @@ -47,12 +47,12 @@ def main( response_dict = { 'input_content_size_1': input_content_size_1, 'input_content_size_2': input_content_size_2, - 'input_content_md5_1': input_content_md5_1, - 'input_content_md5_2': input_content_md5_2, + 'input_content_sha256_1': input_content_sha256_1, + 'input_content_sha256_2': input_content_sha256_2, 'output_content_size_1': output_content_size_1, 'output_content_size_2': output_content_size_2, - 'output_content_md5_1': output_content_md5_1, - 'output_content_md5_2': output_content_md5_2 + 'output_content_sha256_1': output_content_sha256_1, + 'output_content_sha256_2': output_content_sha256_2 } response_body = json.dumps(response_dict, indent=2) diff --git a/tests/unittests/test_mock_blob_shared_memory_functions.py b/tests/unittests/test_mock_blob_shared_memory_functions.py index cdbbfc92..f1154542 100644 --- a/tests/unittests/test_mock_blob_shared_memory_functions.py +++ b/tests/unittests/test_mock_blob_shared_memory_functions.py @@ -78,12 +78,12 @@ async def test_binary_blob_write_function(self): self.assertEqual(protos.StatusResult.Success, response_msg.response.result.status) - # The function responds back in the HTTP body with the md5 digest of + # The function responds back in the HTTP body with the sha256 digest of # the output it created along with its size response_bytes = response_msg.response.return_value.http.body.bytes json_response = json.loads(response_bytes) func_created_content_size = json_response['content_size'] - func_created_content_md5 = json_response['content_md5'] + func_created_content_sha256 = json_response['content_sha256'] # Verify if the worker produced an output blob which was written # in shared memory @@ -122,8 +122,8 @@ async def test_binary_blob_write_function(self): # Verify if we were able to read the correct output that the # function has produced - read_content_md5 = hashlib.md5(read_content).hexdigest() - self.assertEqual(func_created_content_md5, read_content_md5) + read_content_sha256 = hashlib.sha256(read_content).hexdigest() + self.assertEqual(func_created_content_sha256, read_content_sha256) self.assertEqual(len(read_content), func_created_content_size) async def test_str_blob_read_function(self): @@ -144,7 +144,7 @@ async def test_str_blob_read_function(self): num_chars = int(content_size / consts.SIZE_OF_CHAR_BYTES) content = self.get_random_string(num_chars) content_bytes = content.encode('utf-8') - content_md5 = hashlib.md5(content_bytes).hexdigest() + content_sha256 = hashlib.sha256(content_bytes).hexdigest() mem_map_size = consts.CONTENT_HEADER_TOTAL_BYTES + content_size mem_map = self.file_accessor.create_mem_map(mem_map_name, mem_map_size) @@ -187,12 +187,12 @@ async def test_str_blob_read_function(self): response_bytes = response_msg.response.return_value.http.body.bytes json_response = json.loads(response_bytes) func_received_num_chars = json_response['num_chars'] - func_received_content_md5 = json_response['content_md5'] + func_received_content_sha256 = json_response['content_sha256'] # Check the function response to ensure that it read the complete - # input that we provided and the md5 matches + # input that we provided and the sha256 matches self.assertEqual(num_chars, func_received_num_chars) - self.assertEqual(content_md5, func_received_content_md5) + self.assertEqual(content_sha256, func_received_content_sha256) async def test_str_blob_write_function(self): """ @@ -226,12 +226,12 @@ async def test_str_blob_write_function(self): self.assertEqual(protos.StatusResult.Success, response_msg.response.result.status) - # The function responds back in the HTTP body with the md5 digest of + # The function responds back in the HTTP body with the sha256 digest of # the output it created along with its size response_bytes = response_msg.response.return_value.http.body.bytes json_response = json.loads(response_bytes) func_created_num_chars = json_response['num_chars'] - func_created_content_md5 = json_response['content_md5'] + func_created_content_sha256 = json_response['content_sha256'] # Verify if the worker produced an output blob which was written # in shared memory @@ -270,8 +270,8 @@ async def test_str_blob_write_function(self): # Verify if we were able to read the correct output that the # function has produced - read_content_md5 = hashlib.md5(read_content_bytes).hexdigest() - self.assertEqual(func_created_content_md5, read_content_md5) + read_content_sha256 = hashlib.sha256(read_content_bytes).hexdigest() + self.assertEqual(func_created_content_sha256, read_content_sha256) read_content = read_content_bytes.decode('utf-8') self.assertEqual(len(read_content), func_created_num_chars) @@ -386,7 +386,7 @@ async def test_multiple_input_output_blobs(self): mem_map_name_1 = self.get_new_mem_map_name() input_content_size_1 = consts.MIN_BYTES_FOR_SHARED_MEM_TRANSFER + 10 input_content_1 = self.get_random_bytes(input_content_size_1) - input_content_md5_1 = hashlib.md5(input_content_1).hexdigest() + input_content_sha256_1 = hashlib.sha256(input_content_1).hexdigest() input_mem_map_size_1 = \ consts.CONTENT_HEADER_TOTAL_BYTES + input_content_size_1 input_mem_map_1 = \ @@ -412,7 +412,7 @@ async def test_multiple_input_output_blobs(self): mem_map_name_2 = self.get_new_mem_map_name() input_content_size_2 = consts.MIN_BYTES_FOR_SHARED_MEM_TRANSFER + 20 input_content_2 = self.get_random_bytes(input_content_size_2) - input_content_md5_2 = hashlib.md5(input_content_2).hexdigest() + input_content_sha256_2 = hashlib.sha256(input_content_2).hexdigest() input_mem_map_size_2 = \ consts.CONTENT_HEADER_TOTAL_BYTES + input_content_size_2 input_mem_map_2 = \ @@ -476,20 +476,20 @@ async def test_multiple_input_output_blobs(self): json_response = json.loads(response_bytes) func_received_content_size_1 = json_response['input_content_size_1'] - func_received_content_md5_1 = json_response['input_content_md5_1'] + func_received_content_sha256_1 = json_response['input_content_sha256_1'] func_received_content_size_2 = json_response['input_content_size_2'] - func_received_content_md5_2 = json_response['input_content_md5_2'] + func_received_content_sha256_2 = json_response['input_content_sha256_2'] func_created_content_size_1 = json_response['output_content_size_1'] func_created_content_size_2 = json_response['output_content_size_2'] - func_created_content_md5_1 = json_response['output_content_md5_1'] - func_created_content_md5_2 = json_response['output_content_md5_2'] + func_created_content_sha256_1 = json_response['output_content_sha256_1'] + func_created_content_sha256_2 = json_response['output_content_sha256_2'] # Check the function response to ensure that it read the complete - # input that we provided and the md5 matches + # input that we provided and the sha256 matches self.assertEqual(input_content_size_1, func_received_content_size_1) - self.assertEqual(input_content_md5_1, func_received_content_md5_1) + self.assertEqual(input_content_sha256_1, func_received_content_sha256_1) self.assertEqual(input_content_size_2, func_received_content_size_2) - self.assertEqual(input_content_md5_2, func_received_content_md5_2) + self.assertEqual(input_content_sha256_2, func_received_content_sha256_2) # Verify if the worker produced two output blobs which were written # in shared memory @@ -503,7 +503,7 @@ async def test_multiple_input_output_blobs(self): shmem_1 = output_binding_1.rpc_shared_memory self._verify_function_output(shmem_1, func_created_content_size_1, - func_created_content_md5_1) + func_created_content_sha256_1) # Output 2 output_binding_2 = output_data[1] @@ -512,7 +512,7 @@ async def test_multiple_input_output_blobs(self): shmem_2 = output_binding_2.rpc_shared_memory self._verify_function_output(shmem_2, func_created_content_size_2, - func_created_content_md5_2) + func_created_content_sha256_2) async def _test_binary_blob_read_function(self, func_name): """ @@ -528,7 +528,7 @@ async def _test_binary_blob_read_function(self, func_name): mem_map_name = self.get_new_mem_map_name() content_size = consts.MIN_BYTES_FOR_SHARED_MEM_TRANSFER + 10 content = self.get_random_bytes(content_size) - content_md5 = hashlib.md5(content).hexdigest() + content_sha256 = hashlib.sha256(content).hexdigest() mem_map_size = consts.CONTENT_HEADER_TOTAL_BYTES + content_size mem_map = self.file_accessor.create_mem_map(mem_map_name, mem_map_size) @@ -571,18 +571,18 @@ async def _test_binary_blob_read_function(self, func_name): response_bytes = response_msg.response.return_value.http.body.bytes json_response = json.loads(response_bytes) func_received_content_size = json_response['content_size'] - func_received_content_md5 = json_response['content_md5'] + func_received_content_sha256 = json_response['content_sha256'] # Check the function response to ensure that it read the complete - # input that we provided and the md5 matches + # input that we provided and the sha256 matches self.assertEqual(content_size, func_received_content_size) - self.assertEqual(content_md5, func_received_content_md5) + self.assertEqual(content_sha256, func_received_content_sha256) def _verify_function_output( self, shmem: protos.RpcSharedMemory, expected_size: int, - expected_md5: str): + expected_sha256: str): """ Verify if the output produced by the worker is what we expect it to be based on the size and MD5 digest. @@ -615,6 +615,6 @@ def _verify_function_output( # Verify if we were able to read the correct output that the # function has produced - output_read_content_md5 = hashlib.md5(output_read_content).hexdigest() - self.assertEqual(expected_md5, output_read_content_md5) + output_read_content_sha256 = hashlib.sha256(output_read_content).hexdigest() + self.assertEqual(expected_sha256, output_read_content_sha256) self.assertEqual(len(output_read_content), expected_size) diff --git a/tests/unittests/test_third_party_http_functions.py b/tests/unittests/test_third_party_http_functions.py index ba1e44f2..8d97af67 100644 --- a/tests/unittests/test_third_party_http_functions.py +++ b/tests/unittests/test_third_party_http_functions.py @@ -5,6 +5,8 @@ import pathlib import re import typing +import urllib.parse + from unittest.mock import patch from tests.utils import testutils @@ -131,14 +133,15 @@ def test_raw_body_bytes(self): image_file = parent_dir / 'unittests/resources/functions.png' with open(image_file, 'rb') as image: img = image.read() - img_len = len(img) + sanitized_image = urllib.parse.quote(img) + sanitized_img_len = len(sanitized_image) r = self.webhost.request('POST', 'raw_body_bytes', data=img, no_prefix=True) received_body_len = int(r.headers['body-len']) - self.assertEqual(received_body_len, img_len) + self.assertEqual(received_body_len, sanitized_img_len) - body = r.content + body = urllib.parse.unquote_to_bytes(r.content) try: received_img_file = parent_dir / 'received_img.png' with open(received_img_file, 'wb') as received_img: diff --git a/tests/unittests/third_party_http_functions/stein/asgi_function/function_app.py b/tests/unittests/third_party_http_functions/stein/asgi_function/function_app.py index 3248f25f..ab7e060d 100644 --- a/tests/unittests/third_party_http_functions/stein/asgi_function/function_app.py +++ b/tests/unittests/third_party_http_functions/stein/asgi_function/function_app.py @@ -1,7 +1,9 @@ import asyncio import logging +import re import sys from urllib.request import urlopen +import urllib.parse import azure.functions as func from fastapi import FastAPI, Request, Response @@ -131,7 +133,9 @@ async def print_logging(message: str = "", flush: str = 'false', @fast_app.post("/raw_body_bytes") async def raw_body_bytes(request: Request): raw_body = await request.body() - return Response(content=raw_body, headers={'body-len': str(len(raw_body))}) + sanitized_body = urllib.parse.quote(raw_body) + return Response(content=sanitized_body, + headers={'body-len': str(len(sanitized_body))}) @fast_app.get("/return_http_no_body") @@ -146,10 +150,17 @@ async def return_http(request: Request): @fast_app.get("/return_http_redirect") async def return_http_redirect(request: Request, code: str = ''): + allowed_url_pattern = r"^http://.+" + location = 'return_http?code={}'.format(code) + redirect_url = f"http://{request.url.components[1]}/{location}" + if re.match(allowed_url_pattern, redirect_url): + # Redirect URL is in the expected format + return RedirectResponse(status_code=302, + url=redirect_url) + # Redirect URL was not in the expected format return RedirectResponse(status_code=302, - url=f"http://{request.url.components[1]}/" - f"{location}") + url='/') @fast_app.get("/unhandled_error") diff --git a/tests/unittests/third_party_http_functions/stein/wsgi_function/function_app.py b/tests/unittests/third_party_http_functions/stein/wsgi_function/function_app.py index 7605b4b1..5f1ec8e0 100644 --- a/tests/unittests/third_party_http_functions/stein/wsgi_function/function_app.py +++ b/tests/unittests/third_party_http_functions/stein/wsgi_function/function_app.py @@ -1,6 +1,7 @@ import logging import sys from urllib.request import urlopen +import urllib.parse import azure.functions as func from flask import Flask, Response, redirect, request, url_for @@ -61,7 +62,8 @@ def print_logging(): def raw_body_bytes(): body = request.get_data() - return Response(body, headers={'body-len': str(len(body))}) + sanitized_body = urllib.parse.quote(body) + return Response(sanitized_body, headers={'body-len': str(len(sanitized_body))}) @flask_app.get("/return_http_no_body")