Reorganize the testsuite

Splitting the testsuite in several components makes it easier to manage and comprehend. This was also needed some some tests aren't passing on Alpine Linux, but we still want to run as many of them as we can on this platform.
author: jvoisin 2019-01-14 19:29:25 +0000
committer: GitHub 2019-01-14 19:29:25 +0000
commit: e79f7e3bd992c7f0915ef9afe7afb6d79740527a (patch)
tree: f881c25694eb00da2331a9ab280ec1c24a5662ab /src/tests/deny_writable
parent: c943db586ac46b686b49bdf61d8473e39dd93000 (diff)
8 files changed, 196 insertions, 0 deletions
diff --git a/src/tests/deny_writable/config/config_disable_writable.ini b/src/tests/deny_writable/config/config_disable_writable.ini
new file mode 100644
index 0000000..9f90601
--- /dev/null
+++ b/src/tests/deny_writable/config/config_disable_writable.ini
@@ -0,0 +1 @@
+  sp.readonly_exec.enable();
diff --git a/src/tests/deny_writable/config/config_disable_writable_disabled.ini b/src/tests/deny_writable/config/config_disable_writable_disabled.ini
new file mode 100644
index 0000000..6a33437
--- /dev/null
+++ b/src/tests/deny_writable/config/config_disable_writable_disabled.ini
@@ -0,0 +1 @@
+  sp.readonly_exec.disable();
diff --git a/src/tests/deny_writable/config/config_disable_writable_simulation.ini b/src/tests/deny_writable/config/config_disable_writable_simulation.ini
new file mode 100644
index 0000000..52a43ba
--- /dev/null
+++ b/src/tests/deny_writable/config/config_disable_writable_simulation.ini
@@ -0,0 +1 @@
+  sp.readonly_exec.enable().simulation();
diff --git a/src/tests/deny_writable/config/dump_deny_writable_execution.ini b/src/tests/deny_writable/config/dump_deny_writable_execution.ini
new file mode 100644
index 0000000..c49f893
--- /dev/null
+++ b/src/tests/deny_writable/config/dump_deny_writable_execution.ini
@@ -0,0 +1 @@
+sp.readonly_exec.enable().simulation().dump("/tmp/dump_result/");
diff --git a/src/tests/deny_writable/deny_writable_execution.phpt b/src/tests/deny_writable/deny_writable_execution.phpt
new file mode 100644
index 0000000..916328e
--- /dev/null
+++ b/src/tests/deny_writable/deny_writable_execution.phpt
@@ -0,0 +1,43 @@
+--TEST--
+Readonly execution attempt
+--SKIPIF--
+<?php
+if (!extension_loaded("snuffleupagus")) print "skip";
+$filename = __DIR__ . '/test.txt';
+@unlink($filename);
+file_put_contents($filename, 'a');
+chmod($filename, 0400);
+if (is_writable($filename)) print "skip";
+@unlink($filename);
+ ?>
+--INI--
+sp.configuration_file={PWD}/config/config_disable_writable.ini
+--FILE--
+<?php 
+$dir = __DIR__;
+// just in case
+@unlink("$dir/non_writable_file.txt");
+@unlink("$dir/writable_file.txt");
+file_put_contents("$dir/non_writable_file.txt", '<?php echo "Code execution within a non-writable file.\n";');
+file_put_contents("$dir/writable_file.txt", '<?php echo "Code execution within a writable file.\n";');
+chmod("$dir/non_writable_file.txt", 0400);
+chmod("$dir/writable_file.txt", 0777);
+include "$dir/non_writable_file.txt";
+include "$dir/writable_file.txt";
+?>
+--CLEAN--
+<?php
+$dir = __DIR__;
+chmod("$dir/non_writable_file.txt", 0777);
+chmod("$dir/writable_file.txt", 0777);
+unlink("$dir/non_writable_file.txt");
+unlink("$dir/writable_file.txt");
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][readonly_exec] Attempted execution of a writable file (%a/deny_writable_execution.php). in %a/deny_writable_execution.php on line 2
diff --git a/src/tests/deny_writable/deny_writable_execution_disabled.phpt b/src/tests/deny_writable/deny_writable_execution_disabled.phpt
new file mode 100644
index 0000000..dd01f01
--- /dev/null
+++ b/src/tests/deny_writable/deny_writable_execution_disabled.phpt
@@ -0,0 +1,32 @@
+--TEST--
+Readonly execution attempt
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_disable_writable_disabled.ini
+--FILE--
+<?php 
+$dir = __DIR__;
+// just in case
+@unlink("$dir/non_writable_file.txt");
+@unlink("$dir/writable_file.txt");
+file_put_contents("$dir/writable_file.txt", '<?php echo "Code execution within a writable file.\n";');
+file_put_contents("$dir/non_writable_file.txt", '<?php echo "Code execution within a non-writable file.\n";');
+chmod("$dir/writable_file.txt", 0777);
+chmod("$dir/non_writable_file.txt", 0400);
+include "$dir/writable_file.txt";
+include "$dir/non_writable_file.txt";
+?>
+--EXPECT--
+Code execution within a writable file.
+Code execution within a non-writable file.
+--CLEAN--
+<?php
+$dir = __DIR__;
+chmod("$dir/non_writable_file.txt", 0777);
+chmod("$dir/writable_file.txt", 0777);
+unlink("$dir/non_writable_file.txt");
+unlink("$dir/writable_file.txt");
+?>
diff --git a/src/tests/deny_writable/deny_writable_execution_simulation.phpt b/src/tests/deny_writable/deny_writable_execution_simulation.phpt
new file mode 100644
index 0000000..7fc0c63
--- /dev/null
+++ b/src/tests/deny_writable/deny_writable_execution_simulation.phpt
@@ -0,0 +1,50 @@
+--TEST--
+Readonly execution attempt (simulation mode)
+--SKIPIF--
+<?php
+if (!extension_loaded("snuffleupagus")) print "skip";
+// root has write privileges on any file
+if (TRUE == function_exists("posix_getuid")) {
+        if (0 == posix_getuid()) {
+                print "skip";
+        }
+} elseif (TRUE == function_exists("shell_exec")) {
+        if ("root" == trim(shell_exec("whoami"))) {
+                print "skip";
+        }
+}
+ ?>
+--INI--
+sp.configuration_file={PWD}/config/config_disable_writable_simulation.ini
+--FILE--
+<?php 
+$dir = __DIR__;
+// just in case
+@unlink("$dir/non_writable_file.txt");
+@unlink("$dir/writable_file.txt");
+file_put_contents("$dir/writable_file.txt", '<?php echo "Code execution within a writable file.\n";');
+file_put_contents("$dir/non_writable_file.txt", '<?php echo "Code execution within a non-writable file.\n";');
+chmod("$dir/writable_file.txt", 0777);
+chmod("$dir/non_writable_file.txt", 0400);
+include "$dir/writable_file.txt";
+include "$dir/non_writable_file.txt";
+?>
+--CLEAN--
+<?php
+$dir = __DIR__;
+chmod("$dir/non_writable_file.txt", 0777);
+chmod("$dir/writable_file.txt", 0777);
+unlink("$dir/non_writable_file.txt");
+unlink("$dir/writable_file.txt");
+?>
+--EXPECTF--
+Warning: [snuffleupagus][readonly_exec] Attempted execution of a writable file (%a/deny_writable_execution_simulation.php). in %a/deny_writable_execution_simulation.php on line 2
+Warning: [snuffleupagus][readonly_exec] Attempted execution of a writable file (%a/writable_file.txt). in %a/deny_writable_execution_simulation.php on line 12
+Warning: [snuffleupagus][readonly_exec] Attempted execution of a writable file (%a/writable_file.txt). in %a/writable_file.txt on line 1
+Code execution within a writable file.
+Code execution within a non-writable file.
diff --git a/src/tests/deny_writable/dump_deny_writable_execution.phpt b/src/tests/deny_writable/dump_deny_writable_execution.phpt
new file mode 100644
index 0000000..c6dd6cd
--- /dev/null
+++ b/src/tests/deny_writable/dump_deny_writable_execution.phpt
@@ -0,0 +1,67 @@
+--TEST--
+Readonly execution attempt (simulation mode)
+--SKIPIF--
+<?php
+if (!extension_loaded("snuffleupagus")) print "skip";
+// root has write privileges on any file
+if (TRUE == function_exists("posix_getuid")) {
+        if (0 == posix_getuid()) {
+                print "skip";
+        }
+} elseif (TRUE == function_exists("shell_exec")) {
+        if ("root" == trim(shell_exec("whoami"))) {
+                print "skip";
+        }
+}
+?>
+--POST--
+post_a=data_post_a_readonly&post_b=data_post_b_readonly
+--GET--
+get_a=data_get_a_readonly&get_b=data_get_b_readonly
+--COOKIE--
+cookie_a=data_cookie_a_readonly&cookie_b=data_cookie_b_readonly
+--INI--
+sp.configuration_file={PWD}/config/dump_deny_writable_execution.ini
+--FILE--
+<?php 
+@mkdir("/tmp/dump_result/");
+foreach (glob("/tmp/dump_result/sp_dump.*") as $dump) {
+    @unlink($dump);
+}
+$dir = __DIR__;
+// just in case
+@unlink("$dir/non_writable_file.txt");
+@unlink("$dir/writable_file.txt");
+file_put_contents("$dir/writable_file.txt", '<?php echo "Code execution within a writable file.\n";');
+file_put_contents("$dir/non_writable_file.txt", '<?php echo "Code execution within a non-writable file.\n";');
+chmod("$dir/writable_file.txt", 0777);
+chmod("$dir/non_writable_file.txt", 0400);
+include "$dir/writable_file.txt";
+include "$dir/non_writable_file.txt";
+$filename = glob('/tmp/dump_result/sp_dump.*')[0];
+$res = file($filename);
+if ($res[2] != "GET:get_a='data_get_a_readonly' get_b='data_get_b_readonly' \n") {
+    echo "1\n";
+} elseif ($res[3] != "POST:post_a='data_post_a_readonly' post_b='data_post_b_readonly' \n") {
+    echo "2\n";
+} elseif ($res[4] != "COOKIE:cookie_a='data_cookie_a_readonly&cookie_b=data_cookie_b_readonly' \n") {
+    echo "3\n";
+} else {
+        echo "WIN\n";
+}
+?>
+--EXPECTF--
+%a
+WIN
+--CLEAN--
+<?php
+$dir = __DIR__;
+chmod("$dir/non_writable_file.txt", 0777);
+chmod("$dir/writable_file.txt", 0777);
+unlink("$dir/non_writable_file.txt");
+unlink("$dir/writable_file.txt");
+?>
author	jvoisin	2019-01-14 19:29:25 +0000
committer	GitHub	2019-01-14 19:29:25 +0000
commit	e79f7e3bd992c7f0915ef9afe7afb6d79740527a (patch)
tree	f881c25694eb00da2331a9ab280ec1c24a5662ab /src/tests/deny_writable
parent	c943db586ac46b686b49bdf61d8473e39dd93000 (diff)

diff --git a/src/tests/deny_writable/config/config_disable_writable.ini b/src/tests/deny_writable/config/config_disable_writable.ini new file mode 100644 index 0000000..9f90601 --- /dev/null +++ b/src/tests/deny_writable/config/config_disable_writable.ini
@@ -0,0 +1 @@
		sp.readonly_exec.enable();


diff --git a/src/tests/deny_writable/config/config_disable_writable_disabled.ini b/src/tests/deny_writable/config/config_disable_writable_disabled.ini new file mode 100644 index 0000000..6a33437 --- /dev/null +++ b/src/tests/deny_writable/config/config_disable_writable_disabled.ini
@@ -0,0 +1 @@
		sp.readonly_exec.disable();


diff --git a/src/tests/deny_writable/config/config_disable_writable_simulation.ini b/src/tests/deny_writable/config/config_disable_writable_simulation.ini new file mode 100644 index 0000000..52a43ba --- /dev/null +++ b/src/tests/deny_writable/config/config_disable_writable_simulation.ini
@@ -0,0 +1 @@
		sp.readonly_exec.enable().simulation();


diff --git a/src/tests/deny_writable/config/dump_deny_writable_execution.ini b/src/tests/deny_writable/config/dump_deny_writable_execution.ini new file mode 100644 index 0000000..c49f893 --- /dev/null +++ b/src/tests/deny_writable/config/dump_deny_writable_execution.ini
@@ -0,0 +1 @@
		sp.readonly_exec.enable().simulation().dump("/tmp/dump_result/");


diff --git a/src/tests/deny_writable/deny_writable_execution.phpt b/src/tests/deny_writable/deny_writable_execution.phpt new file mode 100644 index 0000000..916328e --- /dev/null +++ b/src/tests/deny_writable/deny_writable_execution.phpt
@@ -0,0 +1,43 @@
	1	--TEST--
	2	Readonly execution attempt
	3	--SKIPIF--
	4	<?php
	5	if (!extension_loaded("snuffleupagus")) print "skip";
	6
	7	$filename = __DIR__ . '/test.txt';
	8
	9	@unlink($filename);
	10
	11	file_put_contents($filename, 'a');
	12	chmod($filename, 0400);
	13
	14	if (is_writable($filename)) print "skip";
	15	@unlink($filename);
	16	?>
	17	--INI--
	18	sp.configuration_file={PWD}/config/config_disable_writable.ini
	19	--FILE--
	20	<?php
	21	$dir = __DIR__;
	22
	23	// just in case
	24	@unlink("$dir/non_writable_file.txt");
	25	@unlink("$dir/writable_file.txt");
	26
	27	file_put_contents("$dir/non_writable_file.txt", '<?php echo "Code execution within a non-writable file.\n";');
	28	file_put_contents("$dir/writable_file.txt", '<?php echo "Code execution within a writable file.\n";');
	29	chmod("$dir/non_writable_file.txt", 0400);
	30	chmod("$dir/writable_file.txt", 0777);
	31	include "$dir/non_writable_file.txt";
	32	include "$dir/writable_file.txt";
	33	?>
	34	--CLEAN--
	35	<?php
	36	$dir = __DIR__;
	37	chmod("$dir/non_writable_file.txt", 0777);
	38	chmod("$dir/writable_file.txt", 0777);
	39	unlink("$dir/non_writable_file.txt");
	40	unlink("$dir/writable_file.txt");
	41	?>
	42	--EXPECTF--
	43	Fatal error: [snuffleupagus][readonly_exec] Attempted execution of a writable file (%a/deny_writable_execution.php). in %a/deny_writable_execution.php on line 2


diff --git a/src/tests/deny_writable/deny_writable_execution_disabled.phpt b/src/tests/deny_writable/deny_writable_execution_disabled.phpt new file mode 100644 index 0000000..dd01f01 --- /dev/null +++ b/src/tests/deny_writable/deny_writable_execution_disabled.phpt
@@ -0,0 +1,32 @@
	1	--TEST--
	2	Readonly execution attempt
	3	--SKIPIF--
	4	<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
	5	--INI--
	6	sp.configuration_file={PWD}/config/config_disable_writable_disabled.ini
	7	--FILE--
	8	<?php
	9	$dir = __DIR__;
	10
	11	// just in case
	12	@unlink("$dir/non_writable_file.txt");
	13	@unlink("$dir/writable_file.txt");
	14
	15	file_put_contents("$dir/writable_file.txt", '<?php echo "Code execution within a writable file.\n";');
	16	file_put_contents("$dir/non_writable_file.txt", '<?php echo "Code execution within a non-writable file.\n";');
	17	chmod("$dir/writable_file.txt", 0777);
	18	chmod("$dir/non_writable_file.txt", 0400);
	19	include "$dir/writable_file.txt";
	20	include "$dir/non_writable_file.txt";
	21	?>
	22	--EXPECT--
	23	Code execution within a writable file.
	24	Code execution within a non-writable file.
	25	--CLEAN--
	26	<?php
	27	$dir = __DIR__;
	28	chmod("$dir/non_writable_file.txt", 0777);
	29	chmod("$dir/writable_file.txt", 0777);
	30	unlink("$dir/non_writable_file.txt");
	31	unlink("$dir/writable_file.txt");
	32	?>


diff --git a/src/tests/deny_writable/deny_writable_execution_simulation.phpt b/src/tests/deny_writable/deny_writable_execution_simulation.phpt new file mode 100644 index 0000000..7fc0c63 --- /dev/null +++ b/src/tests/deny_writable/deny_writable_execution_simulation.phpt
@@ -0,0 +1,50 @@
	1	--TEST--
	2	Readonly execution attempt (simulation mode)
	3	--SKIPIF--
	4	<?php
	5	if (!extension_loaded("snuffleupagus")) print "skip";
	6
	7	// root has write privileges on any file
	8	if (TRUE == function_exists("posix_getuid")) {
	9	if (0 == posix_getuid()) {
	10	print "skip";
	11	}
	12	} elseif (TRUE == function_exists("shell_exec")) {
	13	if ("root" == trim(shell_exec("whoami"))) {
	14	print "skip";
	15	}
	16	}
	17	?>
	18	--INI--
	19	sp.configuration_file={PWD}/config/config_disable_writable_simulation.ini
	20	--FILE--
	21	<?php
	22	$dir = __DIR__;
	23
	24	// just in case
	25	@unlink("$dir/non_writable_file.txt");
	26	@unlink("$dir/writable_file.txt");
	27
	28	file_put_contents("$dir/writable_file.txt", '<?php echo "Code execution within a writable file.\n";');
	29	file_put_contents("$dir/non_writable_file.txt", '<?php echo "Code execution within a non-writable file.\n";');
	30	chmod("$dir/writable_file.txt", 0777);
	31	chmod("$dir/non_writable_file.txt", 0400);
	32	include "$dir/writable_file.txt";
	33	include "$dir/non_writable_file.txt";
	34	?>
	35	--CLEAN--
	36	<?php
	37	$dir = __DIR__;
	38	chmod("$dir/non_writable_file.txt", 0777);
	39	chmod("$dir/writable_file.txt", 0777);
	40	unlink("$dir/non_writable_file.txt");
	41	unlink("$dir/writable_file.txt");
	42	?>
	43	--EXPECTF--
	44	Warning: [snuffleupagus][readonly_exec] Attempted execution of a writable file (%a/deny_writable_execution_simulation.php). in %a/deny_writable_execution_simulation.php on line 2
	45
	46	Warning: [snuffleupagus][readonly_exec] Attempted execution of a writable file (%a/writable_file.txt). in %a/deny_writable_execution_simulation.php on line 12
	47
	48	Warning: [snuffleupagus][readonly_exec] Attempted execution of a writable file (%a/writable_file.txt). in %a/writable_file.txt on line 1
	49	Code execution within a writable file.
	50	Code execution within a non-writable file.


diff --git a/src/tests/deny_writable/dump_deny_writable_execution.phpt b/src/tests/deny_writable/dump_deny_writable_execution.phpt new file mode 100644 index 0000000..c6dd6cd --- /dev/null +++ b/src/tests/deny_writable/dump_deny_writable_execution.phpt
@@ -0,0 +1,67 @@
	1	--TEST--
	2	Readonly execution attempt (simulation mode)
	3	--SKIPIF--
	4	<?php
	5	if (!extension_loaded("snuffleupagus")) print "skip";
	6
	7	// root has write privileges on any file
	8	if (TRUE == function_exists("posix_getuid")) {
	9	if (0 == posix_getuid()) {
	10	print "skip";
	11	}
	12	} elseif (TRUE == function_exists("shell_exec")) {
	13	if ("root" == trim(shell_exec("whoami"))) {
	14	print "skip";
	15	}
	16	}
	17	?>
	18	--POST--
	19	post_a=data_post_a_readonly&post_b=data_post_b_readonly
	20	--GET--
	21	get_a=data_get_a_readonly&get_b=data_get_b_readonly
	22	--COOKIE--
	23	cookie_a=data_cookie_a_readonly&cookie_b=data_cookie_b_readonly
	24	--INI--
	25	sp.configuration_file={PWD}/config/dump_deny_writable_execution.ini
	26	--FILE--
	27	<?php
	28	@mkdir("/tmp/dump_result/");
	29	foreach (glob("/tmp/dump_result/sp_dump.*") as $dump) {
	30	@unlink($dump);
	31	}
	32	$dir = __DIR__;
	33
	34	// just in case
	35	@unlink("$dir/non_writable_file.txt");
	36	@unlink("$dir/writable_file.txt");
	37
	38	file_put_contents("$dir/writable_file.txt", '<?php echo "Code execution within a writable file.\n";');
	39	file_put_contents("$dir/non_writable_file.txt", '<?php echo "Code execution within a non-writable file.\n";');
	40	chmod("$dir/writable_file.txt", 0777);
	41	chmod("$dir/non_writable_file.txt", 0400);
	42	include "$dir/writable_file.txt";
	43	include "$dir/non_writable_file.txt";
	44
	45	$filename = glob('/tmp/dump_result/sp_dump.*')[0];
	46	$res = file($filename);
	47	if ($res[2] != "GET:get_a='data_get_a_readonly' get_b='data_get_b_readonly' \n") {
	48	echo "1\n";
	49	} elseif ($res[3] != "POST:post_a='data_post_a_readonly' post_b='data_post_b_readonly' \n") {
	50	echo "2\n";
	51	} elseif ($res[4] != "COOKIE:cookie_a='data_cookie_a_readonly&cookie_b=data_cookie_b_readonly' \n") {
	52	echo "3\n";
	53	} else {
	54	echo "WIN\n";
	55	}
	56	?>
	57	--EXPECTF--
	58	%a
	59	WIN
	60	--CLEAN--
	61	<?php
	62	$dir = __DIR__;
	63	chmod("$dir/non_writable_file.txt", 0777);
	64	chmod("$dir/writable_file.txt", 0777);
	65	unlink("$dir/non_writable_file.txt");
	66	unlink("$dir/writable_file.txt");
	67	?>