diff options
| author | jvoisin | 2017-11-29 11:36:57 +0100 |
|---|---|---|
| committer | GitHub | 2017-11-29 11:36:57 +0100 |
| commit | 10437787b0e8ede80976de4a1c22775fc1282f36 (patch) | |
| tree | 1ab911ab000989b98449475eda655a797e278049 /src/tests | |
| parent | 8df77884f38e7a7334b56aafe2f441567f175af8 (diff) | |
Implement eval hooking
It's not possible to hook the `eval` builtin like other functions.
Diffstat (limited to 'src/tests')
| -rw-r--r-- | src/tests/config/config_disabled_functions_eval_filename.ini | 1 | ||||
| -rw-r--r-- | src/tests/config/disabled_functions.ini | 1 | ||||
| -rw-r--r-- | src/tests/config/disabled_functions_eval.ini | 1 | ||||
| -rw-r--r-- | src/tests/config/disabled_functions_eval_simulation.ini | 1 | ||||
| -rw-r--r-- | src/tests/deny_writable_execution.phpt | 5 | ||||
| -rw-r--r-- | src/tests/disabled_functions_eval.phpt | 9 | ||||
| -rw-r--r-- | src/tests/disabled_functions_eval_filename.phpt | 14 | ||||
| -rw-r--r-- | src/tests/disabled_functions_eval_simulation.phpt | 15 | ||||
| -rw-r--r-- | src/tests/disabled_functions_require.phpt | 2 | ||||
| -rw-r--r-- | src/tests/disabled_functions_require_simulation.phpt | 2 |
10 files changed, 41 insertions, 10 deletions
diff --git a/src/tests/config/config_disabled_functions_eval_filename.ini b/src/tests/config/config_disabled_functions_eval_filename.ini new file mode 100644 index 0000000..f66cef3 --- /dev/null +++ b/src/tests/config/config_disabled_functions_eval_filename.ini | |||
| @@ -0,0 +1 @@ | |||
| sp.disable_function.function("eval").filename_r("^.*tests/disabled_functions_eval_filename.php$").drop(); | |||
diff --git a/src/tests/config/disabled_functions.ini b/src/tests/config/disabled_functions.ini index 226a107..df7013f 100644 --- a/src/tests/config/disabled_functions.ini +++ b/src/tests/config/disabled_functions.ini | |||
| @@ -5,4 +5,5 @@ sp.disable_function.function("printf").simulation().drop(); | |||
| 5 | sp.disable_function.function("print").disable().drop(); # this is a comment | 5 | sp.disable_function.function("print").disable().drop(); # this is a comment |
| 6 | sp.disable_function.function_r("^var_dump$").drop(); | 6 | sp.disable_function.function_r("^var_dump$").drop(); |
| 7 | sp.disable_function.function("sprintf").filename("/wrong file name").drop(); | 7 | sp.disable_function.function("sprintf").filename("/wrong file name").drop(); |
| 8 | sp.disable_function.function("sprintf").filename("/wrong file name").drop(); | ||
| 8 | sp.disable_function.function("eval").drop(); | 9 | sp.disable_function.function("eval").drop(); |
diff --git a/src/tests/config/disabled_functions_eval.ini b/src/tests/config/disabled_functions_eval.ini new file mode 100644 index 0000000..f761259 --- /dev/null +++ b/src/tests/config/disabled_functions_eval.ini | |||
| @@ -0,0 +1 @@ | |||
| sp.disable_function.function("eval").drop(); | |||
diff --git a/src/tests/config/disabled_functions_eval_simulation.ini b/src/tests/config/disabled_functions_eval_simulation.ini new file mode 100644 index 0000000..f1dc58c --- /dev/null +++ b/src/tests/config/disabled_functions_eval_simulation.ini | |||
| @@ -0,0 +1 @@ | |||
| sp.disable_function.function("eval").drop().simulation(); | |||
diff --git a/src/tests/deny_writable_execution.phpt b/src/tests/deny_writable_execution.phpt index 2870561..c399d35 100644 --- a/src/tests/deny_writable_execution.phpt +++ b/src/tests/deny_writable_execution.phpt | |||
| @@ -32,8 +32,7 @@ include "$dir/non_writable_file.txt"; | |||
| 32 | include "$dir/writable_file.txt"; | 32 | include "$dir/writable_file.txt"; |
| 33 | ?> | 33 | ?> |
| 34 | --EXPECTF-- | 34 | --EXPECTF-- |
| 35 | Code execution within a non-writable file. | 35 | [snuffleupagus][0.0.0.0][readonly_exec][drop] Attempted execution of a writable file (%a/tests/deny_writable_execution.php). |
| 36 | [snuffleupagus][0.0.0.0][readonly_exec][drop] Attempted execution of a writable file (%a/writable_file.txt). | ||
| 37 | --CLEAN-- | 36 | --CLEAN-- |
| 38 | <?php | 37 | <?php |
| 39 | $dir = __DIR__; | 38 | $dir = __DIR__; |
| @@ -41,4 +40,4 @@ chmod("$dir/non_writable_file.txt", 0777); | |||
| 41 | chmod("$dir/writable_file.txt", 0777); | 40 | chmod("$dir/writable_file.txt", 0777); |
| 42 | unlink("$dir/non_writable_file.txt"); | 41 | unlink("$dir/non_writable_file.txt"); |
| 43 | unlink("$dir/writable_file.txt"); | 42 | unlink("$dir/writable_file.txt"); |
| 44 | ?> \ No newline at end of file | 43 | ?> |
diff --git a/src/tests/disabled_functions_eval.phpt b/src/tests/disabled_functions_eval.phpt index 0beaefe..7bd6b4b 100644 --- a/src/tests/disabled_functions_eval.phpt +++ b/src/tests/disabled_functions_eval.phpt | |||
| @@ -3,13 +3,12 @@ Disable functions - eval | |||
| 3 | --SKIPIF-- | 3 | --SKIPIF-- |
| 4 | <?php if (!extension_loaded("snuffleupagus")) die "skip"; ?> | 4 | <?php if (!extension_loaded("snuffleupagus")) die "skip"; ?> |
| 5 | --INI-- | 5 | --INI-- |
| 6 | sp.configuration_file={PWD}/config/disabled_functions.ini | 6 | sp.configuration_file={PWD}/config/disabled_functions_eval.ini |
| 7 | --XFAIL-- | ||
| 8 | --FILE-- | 7 | --FILE-- |
| 9 | <?php | 8 | <?php |
| 10 | $var = 1234; | 9 | $var = 123456789; |
| 11 | eval('$var = 1337;'); | 10 | eval('$var = 1337 + 1337;'); |
| 12 | print("Variable: $var\n"); | 11 | print("Variable: $var\n"); |
| 13 | ?> | 12 | ?> |
| 14 | --EXPECTF-- | 13 | --EXPECTF-- |
| 15 | [snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'eval' in %a/tests/disabled_functions_eval.php:%d has been disabled, because it matched a rule. | 14 | [snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'eval' in %a/tests/disabled_functions_eval.php(%d) : eval()'d code:%d has been disabled. |
diff --git a/src/tests/disabled_functions_eval_filename.phpt b/src/tests/disabled_functions_eval_filename.phpt new file mode 100644 index 0000000..5e64acc --- /dev/null +++ b/src/tests/disabled_functions_eval_filename.phpt | |||
| @@ -0,0 +1,14 @@ | |||
| 1 | --TEST-- | ||
| 2 | Disable functions - eval | ||
| 3 | --SKIPIF-- | ||
| 4 | <?php if (!extension_loaded("snuffleupagus")) die "skip"; ?> | ||
| 5 | --INI-- | ||
| 6 | sp.configuration_file={PWD}/config/config_disabled_functions_eval_filename.ini | ||
| 7 | --FILE-- | ||
| 8 | <?php | ||
| 9 | $var = 123456789; | ||
| 10 | eval('$var = 1337 + 1337;'); | ||
| 11 | print("Variable: $var\n"); | ||
| 12 | ?> | ||
| 13 | --EXPECTF-- | ||
| 14 | [snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'eval' in %a/tests/disabled_functions_eval_filename.php(%d) : eval()'d code:%d has been disabled. | ||
diff --git a/src/tests/disabled_functions_eval_simulation.phpt b/src/tests/disabled_functions_eval_simulation.phpt new file mode 100644 index 0000000..06a006e --- /dev/null +++ b/src/tests/disabled_functions_eval_simulation.phpt | |||
| @@ -0,0 +1,15 @@ | |||
| 1 | --TEST-- | ||
| 2 | Disable functions - eval (simulation) | ||
| 3 | --SKIPIF-- | ||
| 4 | <?php if (!extension_loaded("snuffleupagus")) die "skip"; ?> | ||
| 5 | --INI-- | ||
| 6 | sp.configuration_file={PWD}/config/disabled_functions_eval_simulation.ini | ||
| 7 | --FILE-- | ||
| 8 | <?php | ||
| 9 | $var = 123456789; | ||
| 10 | eval('$var = 1337 + 1337;'); | ||
| 11 | print("Variable: $var\n"); | ||
| 12 | ?> | ||
| 13 | --EXPECTF-- | ||
| 14 | [snuffleupagus][0.0.0.0][disabled_function][simulation] The call to the function 'eval' in %a/tests/disabled_functions_eval_simulation.php(%d) : eval()'d code:%d has been disabled. | ||
| 15 | Variable: 2674 | ||
diff --git a/src/tests/disabled_functions_require.phpt b/src/tests/disabled_functions_require.phpt index f848f8b..cc904f1 100644 --- a/src/tests/disabled_functions_require.phpt +++ b/src/tests/disabled_functions_require.phpt | |||
| @@ -14,7 +14,7 @@ require $dir . '/test.meh'; | |||
| 14 | echo "1337"; | 14 | echo "1337"; |
| 15 | ?> | 15 | ?> |
| 16 | --EXPECTF-- | 16 | --EXPECTF-- |
| 17 | BLA[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'include' in %a/disabled_functions_require.php:%d has been disabled, because its argument 'inclusion path' content (%a/test.meh) matched a rule. | 17 | BLA[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'require' in %a/disabled_functions_require.php:%d has been disabled, because its argument 'inclusion path' content (%a/test.meh) matched a rule. |
| 18 | --CLEAN-- | 18 | --CLEAN-- |
| 19 | <?php | 19 | <?php |
| 20 | $dir = __DIR__; | 20 | $dir = __DIR__; |
diff --git a/src/tests/disabled_functions_require_simulation.phpt b/src/tests/disabled_functions_require_simulation.phpt index 2744c37..bd49268 100644 --- a/src/tests/disabled_functions_require_simulation.phpt +++ b/src/tests/disabled_functions_require_simulation.phpt | |||
| @@ -15,7 +15,7 @@ echo "1337\n"; | |||
| 15 | ?> | 15 | ?> |
| 16 | --EXPECTF-- | 16 | --EXPECTF-- |
| 17 | BLA | 17 | BLA |
| 18 | [snuffleupagus][0.0.0.0][disabled_function][simulation] The call to the function 'include' in %a/disabled_functions_require_simulation.php:%d has been disabled, because its argument 'inclusion path' content (%a/test.sim) matched a rule. | 18 | [snuffleupagus][0.0.0.0][disabled_function][simulation] The call to the function 'require' in %a/disabled_functions_require_simulation.php:%d has been disabled, because its argument 'inclusion path' content (%a/test.sim) matched a rule. |
| 19 | MEH | 19 | MEH |
| 20 | 1337 | 20 | 1337 |
| 21 | --CLEAN-- | 21 | --CLEAN-- |