diff options
| author | Ben Fuhrmannek | 2014-07-14 13:08:16 +0200 |
|---|---|---|
| committer | Ben Fuhrmannek | 2014-07-14 13:08:16 +0200 |
| commit | 81435af6f665c73e46562cf1489aaa3f0435b615 (patch) | |
| tree | 55bff05b6b568d1e25bbb9559bcec6fb3c8b31d6 /tests | |
| parent | 1dc59e48642c98e34320f1a31c120fbf290fd509 (diff) | |
| parent | 6bb8cdbbd56c09a6864b40ce21f9a87abd942305 (diff) | |
Merge branch 'filter'
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/filter/suhosin_upload_disallow_binary_utf8.phpt | 44 | ||||
| -rw-r--r-- | tests/filter/suhosin_upload_disallow_binary_utf8fail.phpt | 45 | ||||
| -rw-r--r-- | tests/filter/suhosin_upload_remove_binary.phpt | bin | 0 -> 796 bytes | |||
| -rw-r--r-- | tests/filter/suhosin_upload_remove_binary_utf8.phpt | 32 | ||||
| -rw-r--r-- | tests/filter/suhosin_upload_remove_binary_utf8fail.phpt | 32 |
5 files changed, 153 insertions, 0 deletions
diff --git a/tests/filter/suhosin_upload_disallow_binary_utf8.phpt b/tests/filter/suhosin_upload_disallow_binary_utf8.phpt new file mode 100644 index 0000000..557a8d5 --- /dev/null +++ b/tests/filter/suhosin_upload_disallow_binary_utf8.phpt | |||
| @@ -0,0 +1,44 @@ | |||
| 1 | --TEST-- | ||
| 2 | Testing: suhosin.upload.disallow_binary=On with UTF-8 | ||
| 3 | --INI-- | ||
| 4 | suhosin.log.syslog=0 | ||
| 5 | suhosin.log.sapi=0 | ||
| 6 | suhosin.log.stdout=255 | ||
| 7 | suhosin.log.script=0 | ||
| 8 | file_uploads=1 | ||
| 9 | suhosin.upload.disallow_binary=On | ||
| 10 | suhosin.upload.allow_utf8=On | ||
| 11 | max_file_uploads=40 | ||
| 12 | suhosin.upload.max_uploads=40 | ||
| 13 | --SKIPIF-- | ||
| 14 | <?php include('skipif.inc'); ?> | ||
| 15 | --COOKIE-- | ||
| 16 | --GET-- | ||
| 17 | --POST_RAW-- | ||
| 18 | Content-Type: multipart/form-data; boundary=bound | ||
| 19 | --bound | ||
| 20 | Content-Disposition: form-data; name="test"; filename="test" | ||
| 21 | |||
| 22 | Spaß am Gerät! | ||
| 23 | |||
| 24 | --bound-- | ||
| 25 | --FILE-- | ||
| 26 | <?php | ||
| 27 | var_dump($_FILES); | ||
| 28 | ?> | ||
| 29 | --EXPECTF-- | ||
| 30 | array(1) { | ||
| 31 | ["test"]=> | ||
| 32 | array(5) { | ||
| 33 | ["name"]=> | ||
| 34 | string(4) "test" | ||
| 35 | ["type"]=> | ||
| 36 | string(0) "" | ||
| 37 | ["tmp_name"]=> | ||
| 38 | string(%d) "%s" | ||
| 39 | ["error"]=> | ||
| 40 | int(0) | ||
| 41 | ["size"]=> | ||
| 42 | int(17) | ||
| 43 | } | ||
| 44 | } | ||
diff --git a/tests/filter/suhosin_upload_disallow_binary_utf8fail.phpt b/tests/filter/suhosin_upload_disallow_binary_utf8fail.phpt new file mode 100644 index 0000000..413d25a --- /dev/null +++ b/tests/filter/suhosin_upload_disallow_binary_utf8fail.phpt | |||
| @@ -0,0 +1,45 @@ | |||
| 1 | --TEST-- | ||
| 2 | Testing: suhosin.upload.disallow_binary=On with UTF-8 and allow_utf8=Off | ||
| 3 | --INI-- | ||
| 4 | suhosin.log.syslog=0 | ||
| 5 | suhosin.log.sapi=0 | ||
| 6 | suhosin.log.stdout=255 | ||
| 7 | suhosin.log.script=0 | ||
| 8 | file_uploads=1 | ||
| 9 | suhosin.upload.disallow_binary=On | ||
| 10 | suhosin.upload.allow_utf8=Off | ||
| 11 | max_file_uploads=40 | ||
| 12 | suhosin.upload.max_uploads=40 | ||
| 13 | --SKIPIF-- | ||
| 14 | <?php include('skipif.inc'); ?> | ||
| 15 | --COOKIE-- | ||
| 16 | --GET-- | ||
| 17 | --POST_RAW-- | ||
| 18 | Content-Type: multipart/form-data; boundary=bound | ||
| 19 | --bound | ||
| 20 | Content-Disposition: form-data; name="test"; filename="test" | ||
| 21 | |||
| 22 | Spaß am Gerät! | ||
| 23 | |||
| 24 | --bound-- | ||
| 25 | --FILE-- | ||
| 26 | <?php | ||
| 27 | var_dump($_FILES); | ||
| 28 | ?> | ||
| 29 | --EXPECTF-- | ||
| 30 | array(1) { | ||
| 31 | ["test"]=> | ||
| 32 | array(5) { | ||
| 33 | ["name"]=> | ||
| 34 | string(4) "test" | ||
| 35 | ["type"]=> | ||
| 36 | string(0) "" | ||
| 37 | ["tmp_name"]=> | ||
| 38 | string(0) "" | ||
| 39 | ["error"]=> | ||
| 40 | int(8) | ||
| 41 | ["size"]=> | ||
| 42 | int(0) | ||
| 43 | } | ||
| 44 | } | ||
| 45 | ALERT - uploaded file contains binary data - file dropped (attacker 'REMOTE_ADDR not set', file '%s') | ||
diff --git a/tests/filter/suhosin_upload_remove_binary.phpt b/tests/filter/suhosin_upload_remove_binary.phpt new file mode 100644 index 0000000..f4337d9 --- /dev/null +++ b/tests/filter/suhosin_upload_remove_binary.phpt | |||
| Binary files differ | |||
diff --git a/tests/filter/suhosin_upload_remove_binary_utf8.phpt b/tests/filter/suhosin_upload_remove_binary_utf8.phpt new file mode 100644 index 0000000..6fbd240 --- /dev/null +++ b/tests/filter/suhosin_upload_remove_binary_utf8.phpt | |||
| @@ -0,0 +1,32 @@ | |||
| 1 | --TEST-- | ||
| 2 | Testing: suhosin.upload.remove_binary=On with UTF-8 | ||
| 3 | --INI-- | ||
| 4 | suhosin.log.syslog=0 | ||
| 5 | suhosin.log.sapi=0 | ||
| 6 | suhosin.log.stdout=255 | ||
| 7 | suhosin.log.script=0 | ||
| 8 | file_uploads=1 | ||
| 9 | suhosin.upload.disallow_binary=Off | ||
| 10 | suhosin.upload.remove_binary=On | ||
| 11 | suhosin.upload.allow_utf8=On | ||
| 12 | max_file_uploads=40 | ||
| 13 | suhosin.upload.max_uploads=40 | ||
| 14 | --SKIPIF-- | ||
| 15 | <?php include('skipif.inc'); ?> | ||
| 16 | --COOKIE-- | ||
| 17 | --GET-- | ||
| 18 | --POST_RAW-- | ||
| 19 | Content-Type: multipart/form-data; boundary=bound | ||
| 20 | --bound | ||
| 21 | Content-Disposition: form-data; name="test"; filename="test" | ||
| 22 | |||
| 23 | Spaß am Gerät! | ||
| 24 | |||
| 25 | --bound-- | ||
| 26 | --FILE-- | ||
| 27 | <?php | ||
| 28 | var_dump(file_get_contents($_FILES['test']['tmp_name'])); | ||
| 29 | ?> | ||
| 30 | --EXPECTF-- | ||
| 31 | string(17) "Spaß am Gerät! | ||
| 32 | " \ No newline at end of file | ||
diff --git a/tests/filter/suhosin_upload_remove_binary_utf8fail.phpt b/tests/filter/suhosin_upload_remove_binary_utf8fail.phpt new file mode 100644 index 0000000..5c31115 --- /dev/null +++ b/tests/filter/suhosin_upload_remove_binary_utf8fail.phpt | |||
| @@ -0,0 +1,32 @@ | |||
| 1 | --TEST-- | ||
| 2 | Testing: suhosin.upload.remove_binary=On with UTF-8 and allow_utf8=Off | ||
| 3 | --INI-- | ||
| 4 | suhosin.log.syslog=0 | ||
| 5 | suhosin.log.sapi=0 | ||
| 6 | suhosin.log.stdout=255 | ||
| 7 | suhosin.log.script=0 | ||
| 8 | file_uploads=1 | ||
| 9 | suhosin.upload.disallow_binary=Off | ||
| 10 | suhosin.upload.remove_binary=On | ||
| 11 | suhosin.upload.allow_utf8=Off | ||
| 12 | max_file_uploads=40 | ||
| 13 | suhosin.upload.max_uploads=40 | ||
| 14 | --SKIPIF-- | ||
| 15 | <?php include('skipif.inc'); ?> | ||
| 16 | --COOKIE-- | ||
| 17 | --GET-- | ||
| 18 | --POST_RAW-- | ||
| 19 | Content-Type: multipart/form-data; boundary=bound | ||
| 20 | --bound | ||
| 21 | Content-Disposition: form-data; name="test"; filename="test" | ||
| 22 | |||
| 23 | Spaß am Gerät! | ||
| 24 | |||
| 25 | --bound-- | ||
| 26 | --FILE-- | ||
| 27 | <?php | ||
| 28 | var_dump(file_get_contents($_FILES['test']['tmp_name'])); | ||
| 29 | ?> | ||
| 30 | --EXPECTF-- | ||
| 31 | string(13) "Spa am Gert! | ||
| 32 | " \ No newline at end of file | ||