Add a test for invalid regexp in cookie-related features

This should close #105
author: xXx-caillou-xXx 2018-08-28 14:38:46 +0200
committer: jvoisin 2018-08-28 12:38:46 +0000
commit: 3e6790044e2c2652f190d528b4403fbb3fa6e565 (patch)
tree: bb6bbd78f6fd4266c1b62d24fc5247c0d5a6a41e /src/tests
parent: aa5d6895d0ac8c6ea050a8ea55e2f8a39ddfe365 (diff)
2 files changed, 30 insertions, 0 deletions
diff --git a/src/tests/config/config_encrypted_regexp_cookies_bad_regexp.ini b/src/tests/config/config_encrypted_regexp_cookies_bad_regexp.ini
new file mode 100644
index 0000000..4fe92fd
--- /dev/null
+++ b/src/tests/config/config_encrypted_regexp_cookies_bad_regexp.ini
@@ -0,0 +1,3 @@
+sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.cookie.name_r("^super_co[a-z+$").encrypt();
+sp.auto_cookie_secure.enable();
diff --git a/src/tests/encrypt_regexp_cookies_bad_regexp.phpt b/src/tests/encrypt_regexp_cookies_bad_regexp.phpt
new file mode 100644
index 0000000..b933aba
--- /dev/null
+++ b/src/tests/encrypt_regexp_cookies_bad_regexp.phpt
@@ -0,0 +1,27 @@
+--TEST--
+Cookie decryption in ipv4
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_encrypted_regexp_cookies_bad_regexp.ini
+error_reporting=1
+--COOKIE--
+super_cookie=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP3gV9YJZL/pUeNAjCKFW0U2ywmf1CwHzwd2pWM=;awful_cookie=awful_cookie_value;
+--ENV--
+return <<<EOF
+REMOTE_ADDR=127.0.0.1
+HTTP_USER_AGENT=Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/59.0.3071.109 Chrome/59.0.3071.109 Safari/537.36
+EOF;
+--FILE--
+<?php var_dump($_COOKIE); ?>
+--EXPECT--
+array(2) {
+  ["super_cookie"]=>
+  string(92) "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP3gV9YJZL/pUeNAjCKFW0U2ywmf1CwHzwd2pWM="
+  ["awful_cookie"]=>
+  string(18) "awful_cookie_value"
+}
+Fatal error: [snuffleupagus][config] Failed to compile '^super_co[a-z+$': missing terminating ] for character class on line 2. in Unknown on line 0
+Fatal error: [snuffleupagus][config] '.name_r()' is expecting a valid regexp, and not '"^super_co[a-z+$"' on line 2 in Unknown on line 0
author	xXx-caillou-xXx	2018-08-28 14:38:46 +0200
committer	jvoisin	2018-08-28 12:38:46 +0000
commit	3e6790044e2c2652f190d528b4403fbb3fa6e565 (patch)
tree	bb6bbd78f6fd4266c1b62d24fc5247c0d5a6a41e /src/tests
parent	aa5d6895d0ac8c6ea050a8ea55e2f8a39ddfe365 (diff)

diff --git a/src/tests/config/config_encrypted_regexp_cookies_bad_regexp.ini b/src/tests/config/config_encrypted_regexp_cookies_bad_regexp.ini new file mode 100644 index 0000000..4fe92fd --- /dev/null +++ b/src/tests/config/config_encrypted_regexp_cookies_bad_regexp.ini
@@ -0,0 +1,3 @@
	1	sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
	2	sp.cookie.name_r("^super_co[a-z+$").encrypt();
	3	sp.auto_cookie_secure.enable();


diff --git a/src/tests/encrypt_regexp_cookies_bad_regexp.phpt b/src/tests/encrypt_regexp_cookies_bad_regexp.phpt new file mode 100644 index 0000000..b933aba --- /dev/null +++ b/src/tests/encrypt_regexp_cookies_bad_regexp.phpt
@@ -0,0 +1,27 @@
	1	--TEST--
	2	Cookie decryption in ipv4
	3	--SKIPIF--
	4	<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
	5	--INI--
	6	sp.configuration_file={PWD}/config/config_encrypted_regexp_cookies_bad_regexp.ini
	7	error_reporting=1
	8	--COOKIE--
	9	super_cookie=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP3gV9YJZL/pUeNAjCKFW0U2ywmf1CwHzwd2pWM=;awful_cookie=awful_cookie_value;
	10	--ENV--
	11	return <<<EOF
	12	REMOTE_ADDR=127.0.0.1
	13	HTTP_USER_AGENT=Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/59.0.3071.109 Chrome/59.0.3071.109 Safari/537.36
	14	EOF;
	15	--FILE--
	16	<?php var_dump($_COOKIE); ?>
	17	--EXPECT--
	18	array(2) {
	19	["super_cookie"]=>
	20	string(92) "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP3gV9YJZL/pUeNAjCKFW0U2ywmf1CwHzwd2pWM="
	21	["awful_cookie"]=>
	22	string(18) "awful_cookie_value"
	23	}
	24
	25	Fatal error: [snuffleupagus][config] Failed to compile '^super_co[a-z+$': missing terminating ] for character class on line 2. in Unknown on line 0
	26
	27	Fatal error: [snuffleupagus][config] '.name_r()' is expecting a valid regexp, and not '"^super_co[a-z+$"' on line 2 in Unknown on line 0