From fad439447481b10ebea43133ad67952d255491e9 Mon Sep 17 00:00:00 2001 From: Iain Bullard Date: Tue, 24 Apr 2018 17:51:49 +0100 Subject: [PATCH] SQS add missing validation to ReceiveMessage (#1595) * SQS receive_message - enforce bounds on MaxNumberOfMessages as AWS does * SQS receive_message - enforce bounds on WaitTimeSeconds as AWS does --- moto/sqs/responses.py | 16 ++++++++++++++ tests/test_sqs/test_sqs.py | 44 ++++++++++++++++++++++++++------------ 2 files changed, 46 insertions(+), 14 deletions(-) diff --git a/moto/sqs/responses.py b/moto/sqs/responses.py index adf3e7a6e..c489d7118 100644 --- a/moto/sqs/responses.py +++ b/moto/sqs/responses.py @@ -325,11 +325,27 @@ class SQSResponse(BaseResponse): except TypeError: message_count = DEFAULT_RECEIVED_MESSAGES + if message_count < 1 or message_count > 10: + return self._error( + "InvalidParameterValue", + "An error occurred (InvalidParameterValue) when calling " + "the ReceiveMessage operation: Value %s for parameter " + "MaxNumberOfMessages is invalid. Reason: must be between " + "1 and 10, if provided." % message_count) + try: wait_time = int(self.querystring.get("WaitTimeSeconds")[0]) except TypeError: wait_time = queue.receive_message_wait_time_seconds + if wait_time < 0 or wait_time > 20: + return self._error( + "InvalidParameterValue", + "An error occurred (InvalidParameterValue) when calling " + "the ReceiveMessage operation: Value %s for parameter " + "WaitTimeSeconds is invalid. Reason: must be <= 0 and " + ">= 20 if provided." % wait_time) + try: visibility_timeout = self._get_validated_visibility_timeout() except TypeError: diff --git a/tests/test_sqs/test_sqs.py b/tests/test_sqs/test_sqs.py index c5ad39eb0..1280fed80 100644 --- a/tests/test_sqs/test_sqs.py +++ b/tests/test_sqs/test_sqs.py @@ -378,6 +378,36 @@ def test_send_receive_message_timestamps(): int.when.called_with(approximate_first_receive_timestamp).shouldnt.throw(ValueError) +@mock_sqs +def test_max_number_of_messages_invalid_param(): + sqs = boto3.resource('sqs', region_name='us-east-1') + queue = sqs.create_queue(QueueName='test-queue') + + with assert_raises(ClientError): + queue.receive_messages(MaxNumberOfMessages=11) + + with assert_raises(ClientError): + queue.receive_messages(MaxNumberOfMessages=0) + + # no error but also no messages returned + queue.receive_messages(MaxNumberOfMessages=1, WaitTimeSeconds=0) + + +@mock_sqs +def test_wait_time_seconds_invalid_param(): + sqs = boto3.resource('sqs', region_name='us-east-1') + queue = sqs.create_queue(QueueName='test-queue') + + with assert_raises(ClientError): + queue.receive_messages(WaitTimeSeconds=-1) + + with assert_raises(ClientError): + queue.receive_messages(WaitTimeSeconds=21) + + # no error but also no messages returned + queue.receive_messages(WaitTimeSeconds=0) + + @mock_sqs def test_receive_messages_with_wait_seconds_timeout_of_zero(): """ @@ -393,20 +423,6 @@ def test_receive_messages_with_wait_seconds_timeout_of_zero(): messages.should.equal([]) -@mock_sqs -def test_receive_messages_with_wait_seconds_timeout_of_negative_one(): - """ - test that zero messages is returned with a wait_seconds_timeout of negative 1 - :return: - """ - - sqs = boto3.resource('sqs', region_name='us-east-1') - queue = sqs.create_queue(QueueName="blah") - - messages = queue.receive_messages(WaitTimeSeconds=-1) - messages.should.equal([]) - - @mock_sqs_deprecated def test_send_message_with_xml_characters(): conn = boto.connect_sqs('the_key', 'the_secret')