Commit test cases for the function blacklist/whitelist problems

6 files changed, 94 insertions, 0 deletions

diff --git a/tests/executor/function_blacklist.phpt b/tests/executor/function_blacklist.phpt
new file mode 100644
index 0000000..d3df2ed
--- /dev/null
+++ b/tests/executor/function_blacklist.phpt
@@ -0,0 +1,17 @@
+--TEST--
+Testing: suhosin.executor.func.blacklist=max
+--SKIPIF--
+<?php include "../skipifnotcli.inc"; ?>
+--INI--
+suhosin.log.sapi=64
+suhosin.executor.func.blacklist=max
+--FILE--
+<?php
+        abs(1);
+        max(1,2);
+        abs(1);
+?>
+--EXPECTF--
+ALERT - function within blacklist called: max() (attacker 'REMOTE_ADDR not set', file '%s', line 3)
+
+Warning: max() has been disabled for security reasons in %s on line 3
diff --git a/tests/executor/function_blacklist_printf.phpt b/tests/executor/function_blacklist_printf.phpt
new file mode 100644
index 0000000..66591ba
--- /dev/null
+++ b/tests/executor/function_blacklist_printf.phpt
@@ -0,0 +1,15 @@
+--TEST--
+Testing: suhosin.executor.func.blacklist=printf
+--SKIPIF--
+<?php include "../skipifnotcli.inc"; ?>
+--INI--
+suhosin.log.sapi=64
+suhosin.executor.func.blacklist=printf
+--FILE--
+<?php
+        call_user_func("printf", "hello\n");
+?>
+--EXPECTF--
+ALERT - function within blacklist called: printf() (attacker 'REMOTE_ADDR not set', file '%s', line 2)
+
+Warning: printf() has been disabled for security reasons in %s on line 2
diff --git a/tests/executor/function_whilelist.phpt b/tests/executor/function_whilelist.phpt
new file mode 100644
index 0000000..9017ab4
--- /dev/null
+++ b/tests/executor/function_whilelist.phpt
@@ -0,0 +1,17 @@
+--TEST--
+Testing: suhosin.executor.func.whitelist=abs
+--SKIPIF--
+<?php include "../skipifnotcli.inc"; ?>
+--INI--
+suhosin.log.sapi=64
+suhosin.executor.func.whitelist=abs
+--FILE--
+<?php
+        abs(1);
+        max(1,2);
+        abs(1);
+?>
+--EXPECTF--
+ALERT - function outside of whitelist called: max() (attacker 'REMOTE_ADDR not set', file '%s', line 3)
+
+Warning: max() has been disabled for security reasons in %s on line 3
diff --git a/tests/executor/function_whilelist_absmax.phpt b/tests/executor/function_whilelist_absmax.phpt
new file mode 100644
index 0000000..f240e69
--- /dev/null
+++ b/tests/executor/function_whilelist_absmax.phpt
@@ -0,0 +1,15 @@
+--TEST--
+Testing: suhosin.executor.func.whitelist=abs,max
+--SKIPIF--
+<?php include "../skipifnotcli.inc"; ?>
+--INI--
+suhosin.log.sapi=64
+suhosin.executor.func.whitelist=abs,max
+--FILE--
+<?php
+        abs(1);
+        max(1,2);
+        abs(1);
+?>
+--EXPECTF--
+
diff --git a/tests/executor/function_whilelist_call_user_func.phpt b/tests/executor/function_whilelist_call_user_func.phpt
new file mode 100644
index 0000000..a54010f
--- /dev/null
+++ b/tests/executor/function_whilelist_call_user_func.phpt
@@ -0,0 +1,15 @@
+--TEST--
+Testing: suhosin.executor.func.whitelist=call_user_func
+--SKIPIF--
+<?php include "../skipifnotcli.inc"; ?>
+--INI--
+suhosin.log.sapi=64
+suhosin.executor.func.whitelist=call_user_func
+--FILE--
+<?php
+        call_user_func("printf", "hello\n");
+?>
+--EXPECTF--
+ALERT - function outside of whitelist called: printf() (attacker 'REMOTE_ADDR not set', file '%s', line 2)
+
+Warning: printf() has been disabled for security reasons in %s on line 2
diff --git a/tests/executor/function_whilelist_maxabs.phpt b/tests/executor/function_whilelist_maxabs.phpt
new file mode 100644
index 0000000..88a356e
--- /dev/null
+++ b/tests/executor/function_whilelist_maxabs.phpt
@@ -0,0 +1,15 @@
+--TEST--
+Testing: suhosin.executor.func.whitelist=max,abs
+--SKIPIF--
+<?php include "../skipifnotcli.inc"; ?>
+--INI--
+suhosin.log.sapi=64
+suhosin.executor.func.whitelist=max,abs
+--FILE--
+<?php
+        abs(1);
+        max(1,2);
+        abs(1);
+?>
+--EXPECTF--
+