Merge branch 'master' of https://github.com/jvoisin/snuffleupagus

12 files changed, 65 insertions, 1 deletions

diff --git a/src/tests/broken_configuration/broken_conf_config_invalid_param.phpt b/src/tests/broken_configuration/broken_conf_config_invalid_param.phpt
index ac85dea..45ccf24 100644
--- a/src/tests/broken_configuration/broken_conf_config_invalid_param.phpt
+++ b/src/tests/broken_configuration/broken_conf_config_invalid_param.phpt
@@ -13,4 +13,10 @@ function foo($blah, $x = null, $y = null) {
 foo("qwe");
 --EXPECTF--
 Warning: [snuffleupagus][0.0.0.0][config][log] It seems that you are filtering on a parameter 'qwe' of the function 'foo', but the parameter does not exists. in %s/tests/broken_configuration/broken_conf_config_invalid_param.php on line %d
+
+Warning: [snuffleupagus][0.0.0.0][config][log]   - 0 parameter's name: 'blah' in %s/tests/broken_configuration/broken_conf_config_invalid_param.php on line %d
+
+Warning: [snuffleupagus][0.0.0.0][config][log]   - 1 parameter's name: 'x' in %s/tests/broken_configuration/broken_conf_config_invalid_param.php on line %d
+
+Warning: [snuffleupagus][0.0.0.0][config][log]   - 2 parameter's name: 'y' in %s/tests/broken_configuration/broken_conf_config_invalid_param.php on line %d
 ok
diff --git a/src/tests/broken_configuration_php8/broken_conf_session_encryption_without_encryption_key.phpt b/src/tests/broken_configuration_php8/broken_conf_session_encryption_without_encryption_key.phpt
index 046dc7d..62ee41e 100644
--- a/src/tests/broken_configuration_php8/broken_conf_session_encryption_without_encryption_key.phpt
+++ b/src/tests/broken_configuration_php8/broken_conf_session_encryption_without_encryption_key.phpt
@@ -6,6 +6,7 @@ Broken configuration - encrypted session without encryption key
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_session_encryption_without_encryption_key.ini
 --FILE--
+--XFAIL--
 --EXPECT--
 
 Fatal error: [snuffleupagus][0.0.0.0][config][log] You're trying to use the session cookie encryption feature on line 2 without having set the `.secret_key` option in`sp.global`: please set it first in Unknown on line 0
diff --git a/src/tests/broken_configuration_php8/broken_conf_session_encryption_without_env_var.phpt b/src/tests/broken_configuration_php8/broken_conf_session_encryption_without_env_var.phpt
index bb0f212..5acc1cd 100644
--- a/src/tests/broken_configuration_php8/broken_conf_session_encryption_without_env_var.phpt
+++ b/src/tests/broken_configuration_php8/broken_conf_session_encryption_without_env_var.phpt
@@ -6,6 +6,7 @@ Broken configuration - encrypted session without env var
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_session_encryption_without_env_var.ini
 --FILE--
+--XFAIL--
 --EXPECT--
 
 Fatal error: [snuffleupagus][0.0.0.0][config][log] You're trying to use the session cookie encryption feature on line 2 without having set the `.cookie_env_var` option in`sp.global`: please set it first in Unknown on line 0
diff --git a/src/tests/deny_writable/deny_writable_execution_simulation.phpt b/src/tests/deny_writable/deny_writable_execution_simulation.phpt
index 30f8cb1..d4b8efc 100644
--- a/src/tests/deny_writable/deny_writable_execution_simulation.phpt
+++ b/src/tests/deny_writable/deny_writable_execution_simulation.phpt
@@ -3,7 +3,7 @@ Readonly execution attempt (simulation mode)
 --SKIPIF--
 <?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 <?php
-if (!extension_loaded("snuffleupagus")) { print "skip" };
+if (!extension_loaded("snuffleupagus")) { print "skip"; };
 
 // root has write privileges on any file
 if (TRUE == function_exists("posix_getuid")) {
diff --git a/src/tests/disable_function/config/disabled_functions.ini b/src/tests/disable_function/config/disabled_functions.ini
index df7013f..0758c98 100644
--- a/src/tests/disable_function/config/disabled_functions.ini
+++ b/src/tests/disable_function/config/disabled_functions.ini
@@ -7,3 +7,4 @@ sp.disable_function.function_r("^var_dump$").drop();
 sp.disable_function.function("sprintf").filename("/wrong file name").drop();
 sp.disable_function.function("sprintf").filename("/wrong file name").drop();
 sp.disable_function.function("eval").drop();
+sp.disable_function.function("shell_exec").param("foo").value("bar").drop();
diff --git a/src/tests/disable_function/config/disabled_functions_chmod.ini b/src/tests/disable_function/config/disabled_functions_chmod.ini
new file mode 100644
index 0000000..e601900
--- /dev/null
+++ b/src/tests/disable_function/config/disabled_functions_chmod.ini
@@ -0,0 +1,4 @@
+# PHP7 and below
+sp.disable_function.function("chmod").param("mode").value("511").drop();
+# PHP8
+sp.disable_function.function("chmod").param("permissions").value("511").drop();
diff --git a/src/tests/disable_function/disabled_functions_chmod.phpt b/src/tests/disable_function/disabled_functions_chmod.phpt
new file mode 100644
index 0000000..28f948d
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_chmod.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Disable functions - chmod
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_chmod.ini
+--FILE--
+<?php
+chmod( 'foo', 0777 );
+?>
+--XFAIL--
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'chmod', because its argument '$mode' content (511) matched a rule in %a/disabled_function_chmod.php on line %d
diff --git a/src/tests/disable_function/disabled_functions_chmod_php8.phpt b/src/tests/disable_function/disabled_functions_chmod_php8.phpt
new file mode 100644
index 0000000..71bb034
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_chmod_php8.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Disable functions - chmod, in php8
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_chmod.ini
+--FILE--
+<?php
+chmod( 'foo', 0777 );
+?>
+--XFAIL--
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'chmod', because its argument '$permissions' content (511) matched a rule in %a/disabled_function_chmod_php8.php on line %d
diff --git a/src/tests/disable_function/disabled_functions_shell_exec_wrong.phpt b/src/tests/disable_function/disabled_functions_shell_exec_wrong.phpt
new file mode 100644
index 0000000..fe8e73a
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_shell_exec_wrong.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Disable functions - shell_exec, with a non-existing command
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions.ini
+--FILE--
+<?php 
+$gs = exec( 'foo' );
+echo "YES";
+?>
+--EXPECTF--
+%snot found
+YES
diff --git a/src/tests/session_encryption/crypt_session_corrupted_session.phpt b/src/tests/session_encryption/crypt_session_corrupted_session.phpt
index a89faf4..a97dbca 100644
--- a/src/tests/session_encryption/crypt_session_corrupted_session.phpt
+++ b/src/tests/session_encryption/crypt_session_corrupted_session.phpt
@@ -2,6 +2,8 @@
 Set a custom session handler
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
+<?php if (PHP_VERSION_ID >= 70400) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/config_crypt_session.ini
 session.save_path = "/tmp"
diff --git a/src/tests/session_encryption/crypt_session_invalid.phpt b/src/tests/session_encryption/crypt_session_invalid.phpt
index 9ec7c50..967d9d1 100644
--- a/src/tests/session_encryption/crypt_session_invalid.phpt
+++ b/src/tests/session_encryption/crypt_session_invalid.phpt
@@ -2,6 +2,8 @@
 SESSION crypt and bad decrypt
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
+<?php if (PHP_VERSION_ID >= 70400) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/config_crypt_session.ini
 --ENV--
diff --git a/src/tests/xxe/disable_xxe_dom_disabled.phpt b/src/tests/xxe/disable_xxe_dom_disabled.phpt
index 493f5a3..a49e094 100644
--- a/src/tests/xxe/disable_xxe_dom_disabled.phpt
+++ b/src/tests/xxe/disable_xxe_dom_disabled.phpt
@@ -44,8 +44,13 @@ printf("without xxe: %s", $dom->getElementsByTagName('testing')->item(0)->nodeVa
 
 ?>
 --EXPECTF-- 
+Warning: [snuffleupagus][0.0.0.0][xxe][log] A call to libxml_disable_entity_loader was tried and nopped in %s/tests/xxe/disable_xxe_dom_disabled.php on line %d
 libxml_disable_entity to true: WARNING, external entity loaded!
+
+Warning: [snuffleupagus][0.0.0.0][xxe][log] A call to libxml_disable_entity_loader was tried and nopped in %s/tests/xxe/disable_xxe_dom_disabled.php on line %d
 libxml_disable_entity to false: WARNING, external entity loaded!
+
+Warning: [snuffleupagus][0.0.0.0][xxe][log] A call to libxml_disable_entity_loader was tried and nopped in %s/tests/xxe/disable_xxe_dom_disabled.php on line %d
 without xxe: foo
 --CLEAN--
 <?php