Some function_exist() tests for whitelist/blacklist usage

author: Stefan Esser 2014-02-12 14:48:35 +0100
committer: Stefan Esser 2014-02-12 14:48:35 +0100
commit: c01b85444dba83b3ed9d381619eaf1032c3fd098 (patch)
tree: 02624c792a26467c8c031d3c6428836d1e4412af /tests/executor
parent: c20f47262ba9d180ae6ab7f7b608cd51a22c265d (diff)
3 files changed, 64 insertions, 0 deletions
diff --git a/tests/executor/function_blacklist_printf_function_exists.phpt b/tests/executor/function_blacklist_printf_function_exists.phpt
new file mode 100644
index 0000000..2fe9d33
--- /dev/null
+++ b/tests/executor/function_blacklist_printf_function_exists.phpt
@@ -0,0 +1,22 @@
+--TEST--
+Testing: suhosin.executor.func.blacklist=printf with function_exists()
+--SKIPIF--
+<?php include "../skipifnotcli.inc"; ?>
+--INI--
+suhosin.log.sapi=64
+suhosin.executor.func.blacklist=printf,max
+--FILE--
+<?php
+        var_dump(function_exists("abs"));
+        var_dump(function_exists("max"));
+        var_dump(function_exists("ord"));
+        var_dump(function_exists("printf"));
+        var_dump(function_exists("chr"));
+?>
+--EXPECTF--
+bool(true)
+bool(false)
+bool(true)
+bool(false)
+bool(true)
diff --git a/tests/executor/function_whitelist_function_exists.phpt b/tests/executor/function_whitelist_function_exists.phpt
new file mode 100644
index 0000000..bc515ab
--- /dev/null
+++ b/tests/executor/function_whitelist_function_exists.phpt
@@ -0,0 +1,22 @@
+--TEST--
+Testing: suhosin.executor.func.whitelist with function_exists()
+--SKIPIF--
+<?php include "../skipifnotcli.inc"; ?>
+--INI--
+suhosin.log.sapi=64
+suhosin.executor.func.whitelist=printf,max,function_exists,var_dump
+--FILE--
+<?php
+        var_dump(function_exists("abs"));
+        var_dump(function_exists("max"));
+        var_dump(function_exists("ord"));
+        var_dump(function_exists("printf"));
+        var_dump(function_exists("chr"));
+?>
+--EXPECTF--
+bool(false)
+bool(true)
+bool(false)
+bool(true)
+bool(false)
diff --git a/tests/executor/function_whitelist_without_function_exists.phpt b/tests/executor/function_whitelist_without_function_exists.phpt
new file mode 100644
index 0000000..b0c8528
--- /dev/null
+++ b/tests/executor/function_whitelist_without_function_exists.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Testing: suhosin.executor.func.whitelist without function_exists()
+--SKIPIF--
+<?php include "../skipifnotcli.inc"; ?>
+--INI--
+suhosin.log.sapi=64
+suhosin.executor.func.whitelist=printf,max,var_dump
+--FILE--
+<?php
+        var_dump(function_exists("abs"));
+        var_dump(function_exists("max"));
+        var_dump(function_exists("ord"));
+        var_dump(function_exists("printf"));
+        var_dump(function_exists("chr"));
+?>
+--EXPECTF--
+ALERT - function outside of whitelist called: function_exists() (attacker 'REMOTE_ADDR not set', file '%s', line 2)
+Warning: function_exists() has been disabled for security reasons in %s on line 2
author	Stefan Esser	2014-02-12 14:48:35 +0100
committer	Stefan Esser	2014-02-12 14:48:35 +0100
commit	c01b85444dba83b3ed9d381619eaf1032c3fd098 (patch)
tree	02624c792a26467c8c031d3c6428836d1e4412af /tests/executor
parent	c20f47262ba9d180ae6ab7f7b608cd51a22c265d (diff)

diff --git a/tests/executor/function_blacklist_printf_function_exists.phpt b/tests/executor/function_blacklist_printf_function_exists.phpt new file mode 100644 index 0000000..2fe9d33 --- /dev/null +++ b/tests/executor/function_blacklist_printf_function_exists.phpt
@@ -0,0 +1,22 @@
	1	--TEST--
	2	Testing: suhosin.executor.func.blacklist=printf with function_exists()
	3	--SKIPIF--
	4	<?php include "../skipifnotcli.inc"; ?>
	5	--INI--
	6	suhosin.log.sapi=64
	7	suhosin.executor.func.blacklist=printf,max
	8	--FILE--
	9	<?php
	10	var_dump(function_exists("abs"));
	11	var_dump(function_exists("max"));
	12	var_dump(function_exists("ord"));
	13	var_dump(function_exists("printf"));
	14	var_dump(function_exists("chr"));
	15	?>
	16	--EXPECTF--
	17	bool(true)
	18	bool(false)
	19	bool(true)
	20	bool(false)
	21	bool(true)
	22


diff --git a/tests/executor/function_whitelist_function_exists.phpt b/tests/executor/function_whitelist_function_exists.phpt new file mode 100644 index 0000000..bc515ab --- /dev/null +++ b/tests/executor/function_whitelist_function_exists.phpt
@@ -0,0 +1,22 @@
	1	--TEST--
	2	Testing: suhosin.executor.func.whitelist with function_exists()
	3	--SKIPIF--
	4	<?php include "../skipifnotcli.inc"; ?>
	5	--INI--
	6	suhosin.log.sapi=64
	7	suhosin.executor.func.whitelist=printf,max,function_exists,var_dump
	8	--FILE--
	9	<?php
	10	var_dump(function_exists("abs"));
	11	var_dump(function_exists("max"));
	12	var_dump(function_exists("ord"));
	13	var_dump(function_exists("printf"));
	14	var_dump(function_exists("chr"));
	15	?>
	16	--EXPECTF--
	17	bool(false)
	18	bool(true)
	19	bool(false)
	20	bool(true)
	21	bool(false)
	22


diff --git a/tests/executor/function_whitelist_without_function_exists.phpt b/tests/executor/function_whitelist_without_function_exists.phpt new file mode 100644 index 0000000..b0c8528 --- /dev/null +++ b/tests/executor/function_whitelist_without_function_exists.phpt
@@ -0,0 +1,20 @@
	1	--TEST--
	2	Testing: suhosin.executor.func.whitelist without function_exists()
	3	--SKIPIF--
	4	<?php include "../skipifnotcli.inc"; ?>
	5	--INI--
	6	suhosin.log.sapi=64
	7	suhosin.executor.func.whitelist=printf,max,var_dump
	8	--FILE--
	9	<?php
	10	var_dump(function_exists("abs"));
	11	var_dump(function_exists("max"));
	12	var_dump(function_exists("ord"));
	13	var_dump(function_exists("printf"));
	14	var_dump(function_exists("chr"));
	15	?>
	16	--EXPECTF--
	17	ALERT - function outside of whitelist called: function_exists() (attacker 'REMOTE_ADDR not set', file '%s', line 2)
	18
	19	Warning: function_exists() has been disabled for security reasons in %s on line 2
	20