Some function_exist() tests for whitelist/blacklist usage

3 files changed, 64 insertions, 0 deletions

diff --git a/tests/executor/function_blacklist_printf_function_exists.phpt b/tests/executor/function_blacklist_printf_function_exists.phpt
new file mode 100644
index 0000000..2fe9d33
--- /dev/null
+++ b/tests/executor/function_blacklist_printf_function_exists.phpt
@@ -0,0 +1,22 @@
+--TEST--
+Testing: suhosin.executor.func.blacklist=printf with function_exists()
+--SKIPIF--
+<?php include "../skipifnotcli.inc"; ?>
+--INI--
+suhosin.log.sapi=64
+suhosin.executor.func.blacklist=printf,max
+--FILE--
+<?php
+        var_dump(function_exists("abs"));
+        var_dump(function_exists("max"));
+        var_dump(function_exists("ord"));
+        var_dump(function_exists("printf"));
+        var_dump(function_exists("chr"));
+?>
+--EXPECTF--
+bool(true)
+bool(false)
+bool(true)
+bool(false)
+bool(true)
+
diff --git a/tests/executor/function_whitelist_function_exists.phpt b/tests/executor/function_whitelist_function_exists.phpt
new file mode 100644
index 0000000..bc515ab
--- /dev/null
+++ b/tests/executor/function_whitelist_function_exists.phpt
@@ -0,0 +1,22 @@
+--TEST--
+Testing: suhosin.executor.func.whitelist with function_exists()
+--SKIPIF--
+<?php include "../skipifnotcli.inc"; ?>
+--INI--
+suhosin.log.sapi=64
+suhosin.executor.func.whitelist=printf,max,function_exists,var_dump
+--FILE--
+<?php
+        var_dump(function_exists("abs"));
+        var_dump(function_exists("max"));
+        var_dump(function_exists("ord"));
+        var_dump(function_exists("printf"));
+        var_dump(function_exists("chr"));
+?>
+--EXPECTF--
+bool(false)
+bool(true)
+bool(false)
+bool(true)
+bool(false)
+
diff --git a/tests/executor/function_whitelist_without_function_exists.phpt b/tests/executor/function_whitelist_without_function_exists.phpt
new file mode 100644
index 0000000..b0c8528
--- /dev/null
+++ b/tests/executor/function_whitelist_without_function_exists.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Testing: suhosin.executor.func.whitelist without function_exists()
+--SKIPIF--
+<?php include "../skipifnotcli.inc"; ?>
+--INI--
+suhosin.log.sapi=64
+suhosin.executor.func.whitelist=printf,max,var_dump
+--FILE--
+<?php
+        var_dump(function_exists("abs"));
+        var_dump(function_exists("max"));
+        var_dump(function_exists("ord"));
+        var_dump(function_exists("printf"));
+        var_dump(function_exists("chr"));
+?>
+--EXPECTF--
+ALERT - function outside of whitelist called: function_exists() (attacker 'REMOTE_ADDR not set', file '%s', line 2)
+
+Warning: function_exists() has been disabled for security reasons in %s on line 2
+