2025-10-11 13:48:07 - ========================================== 2025-10-11 13:48:07 - C-Relay Comprehensive Test Suite Runner 2025-10-11 13:48:07 - ========================================== 2025-10-11 13:48:07 - Relay URL: ws://127.0.0.1:8888 2025-10-11 13:48:07 - Log file: test_results_20251011_134807.log 2025-10-11 13:48:07 - Report file: test_report_20251011_134807.html 2025-10-11 13:48:07 - 2025-10-11 13:48:07 - Checking relay status at ws://127.0.0.1:8888... 2025-10-11 13:48:07 - \033[0;32m✓ Relay HTTP endpoint is accessible\033[0m 2025-10-11 13:48:07 - 2025-10-11 13:48:07 - Starting comprehensive test execution... 2025-10-11 13:48:07 - 2025-10-11 13:48:07 - \033[0;34m=== SECURITY TEST SUITES ===\033[0m 2025-10-11 13:48:07 - ========================================== 2025-10-11 13:48:07 - Running Test Suite: SQL Injection Tests 2025-10-11 13:48:07 - Description: Comprehensive SQL injection vulnerability testing 2025-10-11 13:48:07 - ========================================== ========================================== C-Relay SQL Injection Test Suite ========================================== Testing against relay at ws://127.0.0.1:8888 === Basic Connectivity Test === Testing Basic connectivity... PASSED - Valid query works === Authors Filter SQL Injection Tests === Testing Authors filter with payload: '; DROP TABLE events; --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: 1' OR '1'='1... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: 1; SELECT * FROM sqlite_master; --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: ' OR 1=1 --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: admin'--... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: 1' UNION SELECT password FROM users --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: 1' AND SLEEP(5) --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: 1' AND 1=1 WAITFOR DELAY '0:0:5' --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: 1' AND 1=CAST((SELECT version()) AS INT) --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: 1' AND 1=CONVERT(INT, (SELECT @@VERSION)) --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: ' UNION SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: ' UNION SELECT 1,2,3 --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: ' UNION ALL SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: '; SELECT * FROM events; --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: '; DELETE FROM events; --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: '; UPDATE events SET content='hacked' WHERE 1=1; --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: /*... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: */... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: /**/... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: #... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: 0x53514C5F494E4A454354494F4E... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: J1NSTCBJTkpFQ1RJT04gLS0=... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: '))); DROP TABLE events; --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: ')) UNION SELECT NULL; --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: ' AND 1=1 --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: ' AND 1=2 --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: ' AND (SELECT COUNT(*) FROM events) > 0 --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: '; EXEC master..xp_cmdshell 'net user' --... PASSED - SQL injection blocked (rejected with error) Testing Authors filter with payload: '; DECLARE @host varchar(1024); SELECT @host=(SELECT TOP 1 master..sys.fn_varbintohexstr(password_hash) FROM sys.sql_logins WHERE name='sa'); --... PASSED - SQL injection blocked (rejected with error) === IDs Filter SQL Injection Tests === Testing IDs filter with payload: '; DROP TABLE events; --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: 1' OR '1'='1... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: 1; SELECT * FROM sqlite_master; --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: ' OR 1=1 --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: admin'--... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: 1' UNION SELECT password FROM users --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: 1' AND SLEEP(5) --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: 1' AND 1=1 WAITFOR DELAY '0:0:5' --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: 1' AND 1=CAST((SELECT version()) AS INT) --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: 1' AND 1=CONVERT(INT, (SELECT @@VERSION)) --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: ' UNION SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: ' UNION SELECT 1,2,3 --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: ' UNION ALL SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: '; SELECT * FROM events; --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: '; DELETE FROM events; --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: '; UPDATE events SET content='hacked' WHERE 1=1; --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: /*... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: */... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: /**/... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: #... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: 0x53514C5F494E4A454354494F4E... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: J1NSTCBJTkpFQ1RJT04gLS0=... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: '))); DROP TABLE events; --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: ')) UNION SELECT NULL; --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: ' AND 1=1 --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: ' AND 1=2 --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: ' AND (SELECT COUNT(*) FROM events) > 0 --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: '; EXEC master..xp_cmdshell 'net user' --... PASSED - SQL injection blocked (rejected with error) Testing IDs filter with payload: '; DECLARE @host varchar(1024); SELECT @host=(SELECT TOP 1 master..sys.fn_varbintohexstr(password_hash) FROM sys.sql_logins WHERE name='sa'); --... PASSED - SQL injection blocked (rejected with error) === Kinds Filter SQL Injection Tests === Testing Kinds filter with string injection... PASSED - SQL injection blocked (rejected with error) Testing Kinds filter with negative value... PASSED - SQL injection blocked (rejected with error) Testing Kinds filter with very large value... PASSED - SQL injection blocked (rejected with error) === Search Filter SQL Injection Tests === Testing Search filter with payload: '; DROP TABLE events; --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: 1' OR '1'='1... PASSED - SQL injection blocked (query sanitized) Testing Search filter with payload: 1; SELECT * FROM sqlite_master; --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: ' OR 1=1 --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: admin'--... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: 1' UNION SELECT password FROM users --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: 1' AND SLEEP(5) --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: 1' AND 1=1 WAITFOR DELAY '0:0:5' --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: 1' AND 1=CAST((SELECT version()) AS INT) --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: 1' AND 1=CONVERT(INT, (SELECT @@VERSION)) --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: ' UNION SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: ' UNION SELECT 1,2,3 --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: ' UNION ALL SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: '; SELECT * FROM events; --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: '; DELETE FROM events; --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: '; UPDATE events SET content='hacked' WHERE 1=1; --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: /*... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: */... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: /**/... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: #... PASSED - SQL injection blocked (query sanitized) Testing Search filter with payload: 0x53514C5F494E4A454354494F4E... PASSED - SQL injection blocked (query sanitized) Testing Search filter with payload: J1NSTCBJTkpFQ1RJT04gLS0=... PASSED - SQL injection blocked (query sanitized) Testing Search filter with payload: '))); DROP TABLE events; --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: ')) UNION SELECT NULL; --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: ' AND 1=1 --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: ' AND 1=2 --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: ' AND (SELECT COUNT(*) FROM events) > 0 --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: '; EXEC master..xp_cmdshell 'net user' --... PASSED - SQL injection blocked (rejected with error) Testing Search filter with payload: '; DECLARE @host varchar(1024); SELECT @host=(SELECT TOP 1 master..sys.fn_varbintohexstr(password_hash) FROM sys.sql_logins WHERE name='sa'); --... PASSED - SQL injection blocked (rejected with error) === Tag Filter SQL Injection Tests === Testing #e tag filter with payload: '; DROP TABLE events; --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: 1' OR '1'='1... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: 1; SELECT * FROM sqlite_master; --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: ' OR 1=1 --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: admin'--... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: 1' UNION SELECT password FROM users --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: 1' AND SLEEP(5) --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: 1' AND 1=1 WAITFOR DELAY '0:0:5' --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: 1' AND 1=CAST((SELECT version()) AS INT) --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: 1' AND 1=CONVERT(INT, (SELECT @@VERSION)) --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: ' UNION SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: ' UNION SELECT 1,2,3 --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: ' UNION ALL SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: '; SELECT * FROM events; --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: '; DELETE FROM events; --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: '; UPDATE events SET content='hacked' WHERE 1=1; --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: /*... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: */... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: /**/... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: #... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: 0x53514C5F494E4A454354494F4E... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: J1NSTCBJTkpFQ1RJT04gLS0=... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: '))); DROP TABLE events; --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: ')) UNION SELECT NULL; --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: ' AND 1=1 --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: ' AND 1=2 --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: ' AND (SELECT COUNT(*) FROM events) > 0 --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: '; EXEC master..xp_cmdshell 'net user' --... PASSED - SQL injection blocked (query sanitized) Testing #e tag filter with payload: '; DECLARE @host varchar(1024); SELECT @host=(SELECT TOP 1 master..sys.fn_varbintohexstr(password_hash) FROM sys.sql_logins WHERE name='sa'); --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: '; DROP TABLE events; --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: 1' OR '1'='1... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: 1; SELECT * FROM sqlite_master; --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: ' OR 1=1 --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: admin'--... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: 1' UNION SELECT password FROM users --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: 1' AND SLEEP(5) --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: 1' AND 1=1 WAITFOR DELAY '0:0:5' --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: 1' AND 1=CAST((SELECT version()) AS INT) --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: 1' AND 1=CONVERT(INT, (SELECT @@VERSION)) --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: ' UNION SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: ' UNION SELECT 1,2,3 --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: ' UNION ALL SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: '; SELECT * FROM events; --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: '; DELETE FROM events; --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: '; UPDATE events SET content='hacked' WHERE 1=1; --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: /*... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: */... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: /**/... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: #... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: 0x53514C5F494E4A454354494F4E... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: J1NSTCBJTkpFQ1RJT04gLS0=... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: '))); DROP TABLE events; --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: ')) UNION SELECT NULL; --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: ' AND 1=1 --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: ' AND 1=2 --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: ' AND (SELECT COUNT(*) FROM events) > 0 --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: '; EXEC master..xp_cmdshell 'net user' --... PASSED - SQL injection blocked (query sanitized) Testing #p tag filter with payload: '; DECLARE @host varchar(1024); SELECT @host=(SELECT TOP 1 master..sys.fn_varbintohexstr(password_hash) FROM sys.sql_logins WHERE name='sa'); --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: '; DROP TABLE events; --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: 1' OR '1'='1... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: 1; SELECT * FROM sqlite_master; --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: ' OR 1=1 --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: admin'--... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: 1' UNION SELECT password FROM users --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: 1' AND SLEEP(5) --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: 1' AND 1=1 WAITFOR DELAY '0:0:5' --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: 1' AND 1=CAST((SELECT version()) AS INT) --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: 1' AND 1=CONVERT(INT, (SELECT @@VERSION)) --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: ' UNION SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: ' UNION SELECT 1,2,3 --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: ' UNION ALL SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: '; SELECT * FROM events; --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: '; DELETE FROM events; --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: '; UPDATE events SET content='hacked' WHERE 1=1; --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: /*... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: */... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: /**/... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: #... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: 0x53514C5F494E4A454354494F4E... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: J1NSTCBJTkpFQ1RJT04gLS0=... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: '))); DROP TABLE events; --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: ')) UNION SELECT NULL; --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: ' AND 1=1 --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: ' AND 1=2 --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: ' AND (SELECT COUNT(*) FROM events) > 0 --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: '; EXEC master..xp_cmdshell 'net user' --... PASSED - SQL injection blocked (query sanitized) Testing #t tag filter with payload: '; DECLARE @host varchar(1024); SELECT @host=(SELECT TOP 1 master..sys.fn_varbintohexstr(password_hash) FROM sys.sql_logins WHERE name='sa'); --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: '; DROP TABLE events; --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: 1' OR '1'='1... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: 1; SELECT * FROM sqlite_master; --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: ' OR 1=1 --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: admin'--... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: 1' UNION SELECT password FROM users --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: 1' AND SLEEP(5) --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: 1' AND 1=1 WAITFOR DELAY '0:0:5' --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: 1' AND 1=CAST((SELECT version()) AS INT) --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: 1' AND 1=CONVERT(INT, (SELECT @@VERSION)) --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: ' UNION SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: ' UNION SELECT 1,2,3 --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: ' UNION ALL SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: '; SELECT * FROM events; --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: '; DELETE FROM events; --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: '; UPDATE events SET content='hacked' WHERE 1=1; --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: /*... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: */... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: /**/... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: #... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: 0x53514C5F494E4A454354494F4E... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: J1NSTCBJTkpFQ1RJT04gLS0=... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: '))); DROP TABLE events; --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: ')) UNION SELECT NULL; --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: ' AND 1=1 --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: ' AND 1=2 --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: ' AND (SELECT COUNT(*) FROM events) > 0 --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: '; EXEC master..xp_cmdshell 'net user' --... PASSED - SQL injection blocked (query sanitized) Testing #r tag filter with payload: '; DECLARE @host varchar(1024); SELECT @host=(SELECT TOP 1 master..sys.fn_varbintohexstr(password_hash) FROM sys.sql_logins WHERE name='sa'); --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: '; DROP TABLE events; --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: 1' OR '1'='1... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: 1; SELECT * FROM sqlite_master; --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: ' OR 1=1 --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: admin'--... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: 1' UNION SELECT password FROM users --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: 1' AND SLEEP(5) --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: 1' AND 1=1 WAITFOR DELAY '0:0:5' --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: 1' AND 1=CAST((SELECT version()) AS INT) --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: 1' AND 1=CONVERT(INT, (SELECT @@VERSION)) --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: ' UNION SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: ' UNION SELECT 1,2,3 --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: ' UNION ALL SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: '; SELECT * FROM events; --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: '; DELETE FROM events; --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: '; UPDATE events SET content='hacked' WHERE 1=1; --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: /*... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: */... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: /**/... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: #... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: 0x53514C5F494E4A454354494F4E... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: J1NSTCBJTkpFQ1RJT04gLS0=... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: '))); DROP TABLE events; --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: ')) UNION SELECT NULL; --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: ' AND 1=1 --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: ' AND 1=2 --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: ' AND (SELECT COUNT(*) FROM events) > 0 --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: '; EXEC master..xp_cmdshell 'net user' --... PASSED - SQL injection blocked (query sanitized) Testing #d tag filter with payload: '; DECLARE @host varchar(1024); SELECT @host=(SELECT TOP 1 master..sys.fn_varbintohexstr(password_hash) FROM sys.sql_logins WHERE name='sa'); --... PASSED - SQL injection blocked (query sanitized) === Timestamp Filter SQL Injection Tests === Testing Since parameter injection... PASSED - SQL injection blocked (rejected with error) Testing Until parameter injection... PASSED - SQL injection blocked (rejected with error) === Limit Parameter SQL Injection Tests === Testing Limit parameter injection... PASSED - SQL injection blocked (rejected with error) Testing Limit with UNION... PASSED - SQL injection blocked (rejected with error) === Complex Multi-Filter SQL Injection Tests === Testing Multi-filter with authors injection... PASSED - SQL injection blocked (rejected with error) Testing Multi-filter with search injection... PASSED - SQL injection blocked (rejected with error) Testing Multi-filter with tag injection... PASSED - SQL injection blocked (query sanitized) === COUNT Message SQL Injection Tests === Testing COUNT with authors payload: '; DROP TABLE events; --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: '; DROP TABLE events; --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: 1' OR '1'='1... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: 1' OR '1'='1... PASSED - SQL injection blocked (query sanitized) Testing COUNT with authors payload: 1; SELECT * FROM sqlite_master; --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: 1; SELECT * FROM sqlite_master; --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: ' OR 1=1 --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: ' OR 1=1 --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: admin'--... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: admin'--... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: 1' UNION SELECT password FROM users --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: 1' UNION SELECT password FROM users --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: 1' AND SLEEP(5) --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: 1' AND SLEEP(5) --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: 1' AND 1=1 WAITFOR DELAY '0:0:5' --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: 1' AND 1=1 WAITFOR DELAY '0:0:5' --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: 1' AND 1=CAST((SELECT version()) AS INT) --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: 1' AND 1=CAST((SELECT version()) AS INT) --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: 1' AND 1=CONVERT(INT, (SELECT @@VERSION)) --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: 1' AND 1=CONVERT(INT, (SELECT @@VERSION)) --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: ' UNION SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: ' UNION SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: ' UNION SELECT 1,2,3 --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: ' UNION SELECT 1,2,3 --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: ' UNION ALL SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: ' UNION ALL SELECT NULL,NULL,NULL --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: '; SELECT * FROM events; --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: '; SELECT * FROM events; --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: '; DELETE FROM events; --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: '; DELETE FROM events; --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: '; UPDATE events SET content='hacked' WHERE 1=1; --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: '; UPDATE events SET content='hacked' WHERE 1=1; --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: /*... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: /*... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: */... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: */... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: /**/... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: /**/... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: #... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: #... PASSED - SQL injection blocked (query sanitized) Testing COUNT with authors payload: 0x53514C5F494E4A454354494F4E... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: 0x53514C5F494E4A454354494F4E... PASSED - SQL injection blocked (query sanitized) Testing COUNT with authors payload: J1NSTCBJTkpFQ1RJT04gLS0=... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: J1NSTCBJTkpFQ1RJT04gLS0=... PASSED - SQL injection blocked (query sanitized) Testing COUNT with authors payload: '))); DROP TABLE events; --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: '))); DROP TABLE events; --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: ')) UNION SELECT NULL; --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: ')) UNION SELECT NULL; --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: ' AND 1=1 --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: ' AND 1=1 --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: ' AND 1=2 --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: ' AND 1=2 --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: ' AND (SELECT COUNT(*) FROM events) > 0 --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: ' AND (SELECT COUNT(*) FROM events) > 0 --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: '; EXEC master..xp_cmdshell 'net user' --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: '; EXEC master..xp_cmdshell 'net user' --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with authors payload: '; DECLARE @host varchar(1024); SELECT @host=(SELECT TOP 1 master..sys.fn_varbintohexstr(password_hash) FROM sys.sql_logins WHERE name='sa'); --... PASSED - SQL injection blocked (rejected with error) Testing COUNT with search payload: '; DECLARE @host varchar(1024); SELECT @host=(SELECT TOP 1 master..sys.fn_varbintohexstr(password_hash) FROM sys.sql_logins WHERE name='sa'); --... PASSED - SQL injection blocked (rejected with error) === Edge Case SQL Injection Tests === Testing Empty string injection... PASSED - SQL injection blocked (rejected with error) Testing Null byte injection... PASSED - SQL injection blocked (silently rejected) Testing Unicode injection... PASSED - SQL injection blocked (rejected with error) Testing Very long injection payload... PASSED - SQL injection blocked (rejected with error) === Subscription ID SQL Injection Tests === Testing Subscription ID injection... PASSED - SQL injection blocked (rejected with error) Testing Subscription ID with quotes... PASSED - SQL injection blocked (silently rejected) === CLOSE Message SQL Injection Tests === Testing CLOSE with injection... PASSED - SQL injection blocked (rejected with error) === Test Results === Total tests: 318 Passed: 318 Failed: 0 ✓ All SQL injection tests passed! The relay appears to be protected against SQL injection attacks. 2025-10-11 13:48:30 - \033[0;32m✓ SQL Injection Tests PASSED\033[0m (Duration: 23s) 2025-10-11 13:48:30 - ========================================== 2025-10-11 13:48:30 - Running Test Suite: Filter Validation Tests 2025-10-11 13:48:30 - Description: Input validation for REQ and COUNT messages 2025-10-11 13:48:30 - ========================================== === C-Relay Filter Validation Tests === Testing against relay at ws://127.0.0.1:8888 Testing Valid REQ message... PASSED Testing Valid COUNT message... PASSED === Testing Filter Array Validation === Testing Non-object filter... PASSED Testing Too many filters... PASSED === Testing Authors Validation === Testing Invalid author type... PASSED Testing Invalid author hex... PASSED Testing Too many authors... PASSED === Testing IDs Validation === Testing Invalid ID type... PASSED Testing Invalid ID hex... PASSED Testing Too many IDs... PASSED === Testing Kinds Validation === Testing Invalid kind type... PASSED Testing Negative kind... PASSED Testing Too large kind... PASSED Testing Too many kinds... PASSED === Testing Timestamp Validation === Testing Invalid since type... PASSED Testing Negative since... PASSED Testing Invalid until type... PASSED Testing Negative until... PASSED === Testing Limit Validation === Testing Invalid limit type... PASSED Testing Negative limit... PASSED Testing Too large limit... PASSED === Testing Search Validation === Testing Invalid search type... PASSED Testing Search too long... PASSED Testing Search SQL injection... PASSED === Testing Tag Filter Validation === Testing Invalid tag filter type... PASSED Testing Too many tag values... PASSED Testing Tag value too long... PASSED === Testing Rate Limiting === Testing rate limiting with malformed requests... UNCERTAIN - Rate limiting may not have triggered (this could be normal) === Test Results === Total tests: 28 Passed: 28 Failed: 0 All tests passed! 2025-10-11 13:48:35 - \033[0;32m✓ Filter Validation Tests PASSED\033[0m (Duration: 5s) 2025-10-11 13:48:35 - ========================================== 2025-10-11 13:48:35 - Running Test Suite: Subscription Validation Tests 2025-10-11 13:48:35 - Description: Subscription ID and message validation 2025-10-11 13:48:35 - ========================================== Testing subscription ID validation fixes... Testing malformed subscription IDs... Valid ID test: Success Testing CLOSE message validation... CLOSE valid ID test: Success Subscription validation tests completed. 2025-10-11 13:48:36 - \033[0;32m✓ Subscription Validation Tests PASSED\033[0m (Duration: 1s) 2025-10-11 13:48:36 - ========================================== 2025-10-11 13:48:36 - Running Test Suite: Memory Corruption Tests 2025-10-11 13:48:36 - Description: Buffer overflow and memory safety testing 2025-10-11 13:48:36 - ========================================== ========================================== C-Relay Memory Corruption Test Suite ========================================== Testing against relay at ws://127.0.0.1:8888 Note: These tests may cause the relay to crash if vulnerabilities exist === Basic Connectivity Test === Testing Basic connectivity... PASSED - No memory corruption detected === Subscription ID Memory Corruption Tests === Testing Empty subscription ID... UNCERTAIN - Expected error but got normal response Testing Very long subscription ID (1KB)... UNCERTAIN - Expected error but got normal response Testing Very long subscription ID (10KB)... UNCERTAIN - Expected error but got normal response Testing Subscription ID with null bytes... UNCERTAIN - Expected error but got normal response Testing Subscription ID with special chars... UNCERTAIN - Expected error but got normal response Testing Unicode subscription ID... UNCERTAIN - Expected error but got normal response Testing Subscription ID with path traversal... UNCERTAIN - Expected error but got normal response === Filter Array Memory Corruption Tests === Testing Too many filters (50)... UNCERTAIN - Expected error but got normal response === Concurrent Access Memory Tests === Testing Concurrent subscription creation... ["EVENT", "concurrent_1760204917502714788", { "id": "b3a2a79b768c304a8ad315a97319e3c6fd9d521844fc9f1e4228c75c453dd882", "pubkey": "aa4fc8665f5696e33db7e1a572e3b0f5b3d615837b0f362dcb1c8068b098c7b4", "created_at": 1760196143, "kind": 30001, "content": "Updated addressable event", "sig": "795671a831de31fbbdd6282585529f274f61bb6e8c974e597560d70989355f24c8ecfe70caf043e8fbc24ce65d9b0d562297c682af958cfcdd2ee137dd9bccb4", "tags": [["d", "test-article"], ["type", "addressable"], ["updated", "true"]] }] ["EVENT", "concurrent_1760204917502714788", { "id": "b3a2a79b768c304a8ad315a97319e3c6fd9d521844fc9f1e4228c75c453dd882", "pubkey": "aa4fc8665f5696e33db7e1a572e3b0f5b3d615837b0f362dcb1c8068b098c7b4", "created_at": 1760196143, "kind": 30001, "content": "Updated addressable event", "sig": "795671a831de31fbbdd6282585529f274f61bb6e8c974e597560d70989355f24c8ecfe70caf043e8fbc24ce65d9b0d562297c682af958cfcdd2ee137dd9bccb4", "tags": [["d", "test-article"], ["type", "addressable"], ["updated", "true"]] }] ["EVENT", "concurrent_1760204917502714788", { "id": "b3a2a79b768c304a8ad315a97319e3c6fd9d521844fc9f1e4228c75c453dd882", "pubkey": "aa4fc8665f5696e33db7e1a572e3b0f5b3d615837b0f362dcb1c8068b098c7b4", "created_at": 1760196143, "kind": 30001, "content": "Updated addressable event", "sig": "795671a831de31fbbdd6282585529f274f61bb6e8c974e597560d70989355f24c8ecfe70caf043e8fbc24ce65d9b0d562297c682af958cfcdd2ee137dd9bccb4", "tags": [["d", "test-article"], ["type", "addressable"], ["updated", "true"]] }] ["EVENT", "concurrent_1760204917502714788", { "id": "b3a2a79b768c304a8ad315a97319e3c6fd9d521844fc9f1e4228c75c453dd882", "pubkey": "aa4fc8665f5696e33db7e1a572e3b0f5b3d615837b0f362dcb1c8068b098c7b4", "created_at": 1760196143, "kind": 30001, "content": "Updated addressable event", "sig": "795671a831de31fbbdd6282585529f274f61bb6e8c974e597560d70989355f24c8ecfe70caf043e8fbc24ce65d9b0d562297c682af958cfcdd2ee137dd9bccb4", "tags": [["d", "test-article"], ["type", "addressable"], ["updated", "true"]] }] ["EVENT", "concurrent_1760204917502714788", { "id": "b3a2a79b768c304a8ad315a97319e3c6fd9d521844fc9f1e4228c75c453dd882", "pubkey": "aa4fc8665f5696e33db7e1a572e3b0f5b3d615837b0f362dcb1c8068b098c7b4", "created_at": 1760196143, "kind": 30001, "content": "Updated addressable event", "sig": "795671a831de31fbbdd6282585529f274f61bb6e8c974e597560d70989355f24c8ecfe70caf043e8fbc24ce65d9b0d562297c682af958cfcdd2ee137dd9bccb4", "tags": [["d", "test-article"], ["type", "addressable"], ["updated", "true"]] }] ["EVENT", "concurrent_1760204917502714788", { "id": "b3a2a79b768c304a8ad315a97319e3c6fd9d521844fc9f1e4228c75c453dd882", "pubkey": "aa4fc8665f5696e33db7e1a572e3b0f5b3d615837b0f362dcb1c8068b098c7b4", "created_at": 1760196143, "kind": 30001, "content": "Updated addressable event", "sig": "795671a831de31fbbdd6282585529f274f61bb6e8c974e597560d70989355f24c8ecfe70caf043e8fbc24ce65d9b0d562297c682af958cfcdd2ee137dd9bccb4", "tags": [["d", "test-article"], ["type", "addressable"], ["updated", "true"]] }] ["EVENT", "concurrent_1760204917502714788", { "id": "b3a2a79b768c304a8ad315a97319e3c6fd9d521844fc9f1e4228c75c453dd882", "pubkey": "aa4fc8665f5696e33db7e1a572e3b0f5b3d615837b0f362dcb1c8068b098c7b4", "created_at": 1760196143, "kind": 30001, "content": "Updated addressable event", "sig": "795671a831de31fbbdd6282585529f274f61bb6e8c974e597560d70989355f24c8ecfe70caf043e8fbc24ce65d9b0d562297c682af958cfcdd2ee137dd9bccb4", "tags": [["d", "test-article"], ["type", "addressable"], ["updated", "true"]] }] ["EVENT", "concurrent_1760204917502714788", { "id": "b3a2a79b768c304a8ad315a97319e3c6fd9d521844fc9f1e4228c75c453dd882", "pubkey": "aa4fc8665f5696e33db7e1a572e3b0f5b3d615837b0f362dcb1c8068b098c7b4", "created_at": 1760196143, "kind": 30001, "content": "Updated addressable event", "sig": "795671a831de31fbbdd6282585529f274f61bb6e8c974e597560d70989355f24c8ecfe70caf043e8fbc24ce65d9b0d562297c682af958cfcdd2ee137dd9bccb4", "tags": [["d", "test-article"], ["type", "addressable"], ["updated", "true"]] }] ["EVENT", "concurrent_1760204917502714788", { "id": "b3a2a79b768c304a8ad315a97319e3c6fd9d521844fc9f1e4228c75c453dd882", "pubkey": "aa4fc8665f5696e33db7e1a572e3b0f5b3d615837b0f362dcb1c8068b098c7b4", "created_at": 1760196143, "kind": 30001, "content": "Updated addressable event", "sig": "795671a831de31fbbdd6282585529f274f61bb6e8c974e597560d70989355f24c8ecfe70caf043e8fbc24ce65d9b0d562297c682af958cfcdd2ee137dd9bccb4", "tags": [["d", "test-article"], ["type", "addressable"], ["updated", "true"]] }] ["EVENT", "concurrent_1760204917502714788", { "id": "b3a2a79b768c304a8ad315a97319e3c6fd9d521844fc9f1e4228c75c453dd882", "pubkey": "aa4fc8665f5696e33db7e1a572e3b0f5b3d615837b0f362dcb1c8068b098c7b4", "created_at": 1760196143, "kind": 30001, "content": "Updated addressable event", "sig": "795671a831de31fbbdd6282585529f274f61bb6e8c974e597560d70989355f24c8ecfe70caf043e8fbc24ce65d9b0d562297c682af958cfcdd2ee137dd9bccb4", "tags": [["d", "test-article"], ["type", "addressable"], ["updated", "true"]] }] PASSED - Concurrent access handled safely Testing Concurrent CLOSE operations... PASSED - Concurrent access handled safely === Malformed JSON Memory Tests === Testing Unclosed JSON object... UNCERTAIN - Expected error but got normal response Testing Mismatched brackets... UNCERTAIN - Expected error but got normal response Testing Extra closing brackets... UNCERTAIN - Expected error but got normal response Testing Null bytes in JSON... UNCERTAIN - Expected error but got normal response === Large Message Memory Tests === Testing Very large filter array... UNCERTAIN - Expected error but got normal response Testing Very long search term... UNCERTAIN - Expected error but got normal response === Test Results === Total tests: 17 Passed: 17 Failed: 0 ✓ All memory corruption tests passed! The relay appears to handle memory safely. 2025-10-11 13:48:38 - \033[0;32m✓ Memory Corruption Tests PASSED\033[0m (Duration: 2s) 2025-10-11 13:48:38 - ========================================== 2025-10-11 13:48:38 - Running Test Suite: Input Validation Tests 2025-10-11 13:48:38 - Description: Comprehensive input boundary testing 2025-10-11 13:48:38 - ========================================== ========================================== C-Relay Input Validation Test Suite ========================================== Testing against relay at ws://127.0.0.1:8888 === Basic Connectivity Test === Testing Basic connectivity... PASSED - Input accepted correctly === Message Type Validation === Testing Invalid message type - string... PASSED - Invalid input properly rejected Testing Invalid message type - number... PASSED - Invalid input properly rejected Testing Invalid message type - null... PASSED - Invalid input properly rejected Testing Invalid message type - object... PASSED - Invalid input properly rejected Testing Empty message type... PASSED - Invalid input properly rejected Testing Very long message type... PASSED - Invalid input properly rejected === Message Structure Validation === Testing Too few arguments... PASSED - Invalid input properly rejected Testing Too many arguments... PASSED - Invalid input properly rejected Testing Non-array message... PASSED - Invalid input properly rejected Testing Empty array... PASSED - Invalid input properly rejected Testing Nested arrays incorrectly... PASSED - Invalid input properly rejected === Subscription ID Boundary Tests === Testing Valid subscription ID... PASSED - Input accepted correctly Testing Empty subscription ID... PASSED - Invalid input properly rejected Testing Subscription ID with spaces... PASSED - Invalid input properly rejected Testing Subscription ID with newlines... PASSED - Invalid input properly rejected Testing Subscription ID with tabs... PASSED - Invalid input properly rejected Testing Subscription ID with control chars... PASSED - Invalid input properly rejected Testing Unicode subscription ID... PASSED - Invalid input properly rejected Testing Very long subscription ID... PASSED - Invalid input properly rejected === Filter Object Validation === Testing Valid empty filter... PASSED - Input accepted correctly Testing Non-object filter... PASSED - Invalid input properly rejected Testing Null filter... PASSED - Invalid input properly rejected Testing Array filter... PASSED - Invalid input properly rejected Testing Filter with invalid keys... PASSED - Input accepted correctly === Authors Field Validation === Testing Valid authors array... PASSED - Input accepted correctly Testing Empty authors array... PASSED - Input accepted correctly Testing Non-array authors... PASSED - Invalid input properly rejected Testing Invalid hex in authors... PASSED - Invalid input properly rejected Testing Short pubkey in authors... PASSED - Invalid input properly rejected === IDs Field Validation === Testing Valid ids array... PASSED - Input accepted correctly Testing Empty ids array... PASSED - Input accepted correctly Testing Non-array ids... PASSED - Invalid input properly rejected === Kinds Field Validation === Testing Valid kinds array... PASSED - Input accepted correctly Testing Empty kinds array... PASSED - Input accepted correctly Testing Non-array kinds... PASSED - Invalid input properly rejected Testing String in kinds... PASSED - Invalid input properly rejected === Timestamp Field Validation === Testing Valid since timestamp... PASSED - Input accepted correctly Testing Valid until timestamp... PASSED - Input accepted correctly Testing String since timestamp... PASSED - Invalid input properly rejected Testing Negative timestamp... PASSED - Invalid input properly rejected === Limit Field Validation === Testing Valid limit... PASSED - Input accepted correctly Testing Zero limit... PASSED - Input accepted correctly Testing String limit... PASSED - Invalid input properly rejected Testing Negative limit... PASSED - Invalid input properly rejected === Multiple Filters === Testing Two valid filters... PASSED - Input accepted correctly Testing Many filters... PASSED - Input accepted correctly === Test Results === Total tests: 47 Passed: 47 Failed: 0 ✓ All input validation tests passed! The relay properly validates input. 2025-10-11 13:48:42 - \033[0;32m✓ Input Validation Tests PASSED\033[0m (Duration: 4s) 2025-10-11 13:48:42 - 2025-10-11 13:48:42 - \033[0;34m=== PERFORMANCE TEST SUITES ===\033[0m 2025-10-11 13:48:42 - ========================================== 2025-10-11 13:48:42 - Running Test Suite: Subscription Limit Tests 2025-10-11 13:48:42 - Description: Subscription limit enforcement testing 2025-10-11 13:48:42 - ========================================== === Subscription Limit Test === [INFO] Testing relay at: ws://127.0.0.1:8888 [INFO] Note: This test assumes default subscription limits (max 25 per client) === Test 1: Basic Connectivity === [INFO] Testing basic WebSocket connection... [PASS] Basic connectivity works === Test 2: Subscription Limit Enforcement === [INFO] Testing subscription limits by creating multiple subscriptions... [INFO] Creating multiple subscriptions within a single connection... [INFO] Hit subscription limit at subscription 26 [PASS] Subscription limit enforcement working (limit hit after 25 subscriptions) === Test Complete === 2025-10-11 13:48:42 - \033[0;32m✓ Subscription Limit Tests PASSED\033[0m (Duration: 0s) 2025-10-11 13:48:42 - ========================================== 2025-10-11 13:48:42 - Running Test Suite: Load Testing 2025-10-11 13:48:42 - Description: High concurrent connection testing 2025-10-11 13:48:42 - ========================================== ========================================== C-Relay Load Testing Suite ========================================== Testing against relay at ws://127.0.0.1:8888 === Basic Connectivity Test === ✗ Cannot connect to relay. Aborting tests. 2025-10-11 13:48:47 - \033[0;31m✗ Load Testing FAILED\033[0m (Duration: 5s)