diff options
| author | Ben Fuhrmannek | 2016-03-04 14:50:51 +0100 |
|---|---|---|
| committer | Ben Fuhrmannek | 2016-03-04 14:50:51 +0100 |
| commit | f15b5aa308a46d555ecc09c075db8728a0895c23 (patch) | |
| tree | 9c67754998d93aa922176c557df85b07fe9d857f /tests/executor/eval_blacklist_printf.phpt | |
| parent | c46f6fdffade1aa4f544adc871650d3e1e360454 (diff) | |
test cases for eval+func black/whitelist
Diffstat (limited to 'tests/executor/eval_blacklist_printf.phpt')
| -rw-r--r-- | tests/executor/eval_blacklist_printf.phpt | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/tests/executor/eval_blacklist_printf.phpt b/tests/executor/eval_blacklist_printf.phpt new file mode 100644 index 0000000..b66d457 --- /dev/null +++ b/tests/executor/eval_blacklist_printf.phpt | |||
| @@ -0,0 +1,16 @@ | |||
| 1 | --TEST-- | ||
| 2 | Testing: suhosin.executor.eval.blacklist=printf via call_user_func | ||
| 3 | --SKIPIF-- | ||
| 4 | <?php include "../skipifnotcli.inc"; ?> | ||
| 5 | --INI-- | ||
| 6 | suhosin.log.sapi=64 | ||
| 7 | suhosin.executor.disable_eval=0 | ||
| 8 | suhosin.executor.eval.blacklist=printf | ||
| 9 | --FILE-- | ||
| 10 | <?php | ||
| 11 | eval('call_user_func("printf", "hello\n");'); | ||
| 12 | ?> | ||
| 13 | --EXPECTF-- | ||
| 14 | ALERT - eval'd function blacklisted: printf() (attacker 'REMOTE_ADDR not set', file '%s : eval()'d code', line 1) | ||
| 15 | |||
| 16 | Warning: printf() has been disabled for security reasons in %s : eval()'d code on line 1 | ||