Tests for suhosin.executor.include.allow_writable_files

author: Stefan Esser 2014-02-16 10:15:45 +0100
committer: Stefan Esser 2014-02-16 10:15:45 +0100
commit: 2bf085a8d27a5b9a05a0164fcc0c1ea41e78c601 (patch)
tree: c6a0fe86a534c73e161d3dcc4d5772d1a9a24282 /tests
parent: b14abbdf791ee28a540b1a047e697777e589e675 (diff)
2 files changed, 60 insertions, 0 deletions
diff --git a/tests/include/include_allow_writable_files_off.phpt b/tests/include/include_allow_writable_files_off.phpt
new file mode 100644
index 0000000..3fb9e89
--- /dev/null
+++ b/tests/include/include_allow_writable_files_off.phpt
@@ -0,0 +1,31 @@
+--TEST--
+Testing suhosin.executor.include.allow_writable_files=Off
+--DESCRIPTION--
+Because the test file itself is writable the whole test case is not executed!!!
+--SKIPIF--
+<?php include "../skipifcli.inc"; ?>
+--INI--
+suhosin.log.syslog=0
+suhosin.log.sapi=255
+suhosin.log.script=0
+suhosin.log.phpscript=0
+suhosin.executor.include.whitelist=
+suhosin.executor.include.blacklist=
+suhosin.executor.include.allow_writable_files=Off
+--FILE--
+<?php
+/* Because the test file itself is writable the whole test case is not executed!!! */
+$filename1 = tempnam(sys_get_temp_dir(), "suhosintestf1");
+$filename2 = tempnam(sys_get_temp_dir(), "suhosintestf2");
+file_put_contents($filename1, "<?php echo \"AAAA\\n\";");
+file_put_contents($filename2, "<?php echo \"BBBB\\n\";");
+chmod($filename1, 0400);
+chmod($filename2, 0600);
+include $filename1;
+include $filename2;
+chmod($filename1, 0600);
+unlink($filename1);
+unlink($filename2);
+?>
+--EXPECTF--
+ALERT - Include filename ('%s') is writable by PHP process (attacker 'REMOTE_ADDR not set', file '%s')
diff --git a/tests/include/include_allow_writable_files_on.phpt b/tests/include/include_allow_writable_files_on.phpt
new file mode 100644
index 0000000..8770699
--- /dev/null
+++ b/tests/include/include_allow_writable_files_on.phpt
@@ -0,0 +1,29 @@
+--TEST--
+Testing suhosin.executor.include.allow_writable_files=On
+--SKIPIF--
+<?php include "../skipifcli.inc"; ?>
+--INI--
+suhosin.log.syslog=0
+suhosin.log.sapi=255
+suhosin.log.script=0
+suhosin.log.phpscript=0
+suhosin.executor.include.whitelist=
+suhosin.executor.include.blacklist=
+suhosin.executor.include.allow_writable_files=On
+--FILE--
+<?php
+$filename1 = tempnam(sys_get_temp_dir(), "suhosintestf1");
+$filename2 = tempnam(sys_get_temp_dir(), "suhosintestf2");
+file_put_contents($filename1, "<?php echo \"AAAA\\n\";");
+file_put_contents($filename2, "<?php echo \"BBBB\\n\";");
+chmod($filename1, 0400);
+chmod($filename2, 0600);
+include $filename1;
+include $filename2;
+chmod($filename1, 0600);
+unlink($filename1);
+unlink($filename2);
+?>
+--EXPECTF--
+AAAA
+BBBB
author	Stefan Esser	2014-02-16 10:15:45 +0100
committer	Stefan Esser	2014-02-16 10:15:45 +0100
commit	2bf085a8d27a5b9a05a0164fcc0c1ea41e78c601 (patch)
tree	c6a0fe86a534c73e161d3dcc4d5772d1a9a24282 /tests
parent	b14abbdf791ee28a540b1a047e697777e589e675 (diff)

diff --git a/tests/include/include_allow_writable_files_off.phpt b/tests/include/include_allow_writable_files_off.phpt new file mode 100644 index 0000000..3fb9e89 --- /dev/null +++ b/tests/include/include_allow_writable_files_off.phpt
@@ -0,0 +1,31 @@
	1	--TEST--
	2	Testing suhosin.executor.include.allow_writable_files=Off
	3	--DESCRIPTION--
	4	Because the test file itself is writable the whole test case is not executed!!!
	5	--SKIPIF--
	6	<?php include "../skipifcli.inc"; ?>
	7	--INI--
	8	suhosin.log.syslog=0
	9	suhosin.log.sapi=255
	10	suhosin.log.script=0
	11	suhosin.log.phpscript=0
	12	suhosin.executor.include.whitelist=
	13	suhosin.executor.include.blacklist=
	14	suhosin.executor.include.allow_writable_files=Off
	15	--FILE--
	16	<?php
	17	/* Because the test file itself is writable the whole test case is not executed!!! */
	18	$filename1 = tempnam(sys_get_temp_dir(), "suhosintestf1");
	19	$filename2 = tempnam(sys_get_temp_dir(), "suhosintestf2");
	20	file_put_contents($filename1, "<?php echo \"AAAA\\n\";");
	21	file_put_contents($filename2, "<?php echo \"BBBB\\n\";");
	22	chmod($filename1, 0400);
	23	chmod($filename2, 0600);
	24	include $filename1;
	25	include $filename2;
	26	chmod($filename1, 0600);
	27	unlink($filename1);
	28	unlink($filename2);
	29	?>
	30	--EXPECTF--
	31	ALERT - Include filename ('%s') is writable by PHP process (attacker 'REMOTE_ADDR not set', file '%s')


diff --git a/tests/include/include_allow_writable_files_on.phpt b/tests/include/include_allow_writable_files_on.phpt new file mode 100644 index 0000000..8770699 --- /dev/null +++ b/tests/include/include_allow_writable_files_on.phpt
@@ -0,0 +1,29 @@
	1	--TEST--
	2	Testing suhosin.executor.include.allow_writable_files=On
	3	--SKIPIF--
	4	<?php include "../skipifcli.inc"; ?>
	5	--INI--
	6	suhosin.log.syslog=0
	7	suhosin.log.sapi=255
	8	suhosin.log.script=0
	9	suhosin.log.phpscript=0
	10	suhosin.executor.include.whitelist=
	11	suhosin.executor.include.blacklist=
	12	suhosin.executor.include.allow_writable_files=On
	13	--FILE--
	14	<?php
	15	$filename1 = tempnam(sys_get_temp_dir(), "suhosintestf1");
	16	$filename2 = tempnam(sys_get_temp_dir(), "suhosintestf2");
	17	file_put_contents($filename1, "<?php echo \"AAAA\\n\";");
	18	file_put_contents($filename2, "<?php echo \"BBBB\\n\";");
	19	chmod($filename1, 0400);
	20	chmod($filename2, 0600);
	21	include $filename1;
	22	include $filename2;
	23	chmod($filename1, 0600);
	24	unlink($filename1);
	25	unlink($filename2);
	26	?>
	27	--EXPECTF--
	28	AAAA
	29	BBBB