From 7c208bb39a6440f7fc2d6f0913a7ab3e3249a221 Mon Sep 17 00:00:00 2001
From: Stefan Esser
Date: Thu, 15 May 2014 14:09:27 +0200
Subject: Adding some tests for logging shellscripts

---
 tests/logging/logscript_executable.phpt    | 17 +++++++++++++++++
 tests/logging/logscript_nonexecutable.phpt | 19 +++++++++++++++++++
 tests/logging/logscript_nonexistant.phpt   | 19 +++++++++++++++++++
 3 files changed, 55 insertions(+)
 create mode 100644 tests/logging/logscript_executable.phpt
 create mode 100644 tests/logging/logscript_nonexecutable.phpt
 create mode 100644 tests/logging/logscript_nonexistant.phpt

(limited to 'tests')

diff --git a/tests/logging/logscript_executable.phpt b/tests/logging/logscript_executable.phpt
new file mode 100644
index 0000000..f6d535c
--- /dev/null
+++ b/tests/logging/logscript_executable.phpt
@@ -0,0 +1,17 @@
+--TEST--
+Testing: suhosin.log.script.name=EXECUTABLE
+--SKIPIF--
+<?php include "../skipifnotcli.inc"; ?>
+--INI--
+suhosin.log.sapi=0
+suhosin.log.stdout=0
+suhosin.log.script=255
+suhosin.log.script.name=/bin/echo
+suhosin.log.syslog=0
+suhosin.executor.func.blacklist=max
+--FILE--
+<?php
+	max(1,2);
+?>
+--EXPECTF--
+Warning: max() has been disabled for security reasons in %s on line 2
\ No newline at end of file
diff --git a/tests/logging/logscript_nonexecutable.phpt b/tests/logging/logscript_nonexecutable.phpt
new file mode 100644
index 0000000..c83fd7b
--- /dev/null
+++ b/tests/logging/logscript_nonexecutable.phpt
@@ -0,0 +1,19 @@
+--TEST--
+Testing: suhosin.log.script.name=NON-EXECUTABLE
+--SKIPIF--
+<?php include "../skipifnotcli.inc"; ?>
+--INI--
+suhosin.log.sapi=0
+suhosin.log.stdout=0
+suhosin.log.script=255
+suhosin.log.script.name=/etc/passwd
+suhosin.log.syslog=0
+suhosin.executor.func.blacklist=max
+--FILE--
+<?php
+	max(1,2);
+?>
+--EXPECTF--
+ALERT - logging shell script /etc/passwd is not executable - file dropped (attacker 'REMOTE_ADDR not set', file '%s', line 2)
+
+Warning: max() has been disabled for security reasons in %s on line 2
\ No newline at end of file
diff --git a/tests/logging/logscript_nonexistant.phpt b/tests/logging/logscript_nonexistant.phpt
new file mode 100644
index 0000000..4d501be
--- /dev/null
+++ b/tests/logging/logscript_nonexistant.phpt
@@ -0,0 +1,19 @@
+--TEST--
+Testing: suhosin.log.script.name=NON-EXISTANT
+--SKIPIF--
+<?php include "../skipifnotcli.inc"; ?>
+--INI--
+suhosin.log.sapi=0
+suhosin.log.stdout=0
+suhosin.log.script=255
+suhosin.log.script.name=/php/non-existant-script-really-really-really
+suhosin.log.syslog=0
+suhosin.executor.func.blacklist=max
+--FILE--
+<?php
+	max(1,2);
+?>
+--EXPECTF--
+ALERT - unable to find logging shell script /php/non-existant-script-really-really-really - file dropped (attacker 'REMOTE_ADDR not set', file '%s', line 2)
+
+Warning: max() has been disabled for security reasons in %s on line 2
\ No newline at end of file
-- 
cgit v1.3