diff options
| author | jvoisin | 2018-01-10 17:38:24 +0100 |
|---|---|---|
| committer | jvoisin | 2018-01-10 17:38:24 +0100 |
| commit | 6f21bff1d40326f69bc3b75b1b83b03623180365 (patch) | |
| tree | 09cc459ca549693d69f35098046d8ad64f3cde91 /src/tests | |
| parent | 773c9b94c6978ccd41c5a46f0d03448fd0c039a7 (diff) | |
Rework the priority of bl/wl in eval
Diffstat (limited to 'src/tests')
| -rw-r--r-- | src/tests/config/eval_whitelist_blacklist.ini | 2 | ||||
| -rw-r--r-- | src/tests/eval_backlist_whitelist.phpt | 10 | ||||
| -rw-r--r-- | src/tests/eval_whitelist.phpt | 27 |
3 files changed, 32 insertions, 7 deletions
diff --git a/src/tests/config/eval_whitelist_blacklist.ini b/src/tests/config/eval_whitelist_blacklist.ini new file mode 100644 index 0000000..a916004 --- /dev/null +++ b/src/tests/config/eval_whitelist_blacklist.ini | |||
| @@ -0,0 +1,2 @@ | |||
| 1 | sp.eval_blacklist.list("my_fun,cos"); | ||
| 2 | sp.eval_whitelist.list("my_fun"); | ||
diff --git a/src/tests/eval_backlist_whitelist.phpt b/src/tests/eval_backlist_whitelist.phpt index 1611288..9b0bb55 100644 --- a/src/tests/eval_backlist_whitelist.phpt +++ b/src/tests/eval_backlist_whitelist.phpt | |||
| @@ -3,25 +3,21 @@ Eval whitelist | |||
| 3 | --SKIPIF-- | 3 | --SKIPIF-- |
| 4 | <?php if (!extension_loaded("snuffleupagus")) die "skip"; ?> | 4 | <?php if (!extension_loaded("snuffleupagus")) die "skip"; ?> |
| 5 | --INI-- | 5 | --INI-- |
| 6 | sp.configuration_file={PWD}/config/eval_whitelist.ini | 6 | sp.configuration_file={PWD}/config/eval_whitelist_blacklist.ini |
| 7 | --FILE-- | 7 | --FILE-- |
| 8 | <?php | 8 | <?php |
| 9 | function my_fun($p) { | 9 | function my_fun($p) { |
| 10 | return "my_fun: $p"; | 10 | return "my_fun: $p"; |
| 11 | } | 11 | } |
| 12 | 12 | ||
| 13 | function my_other_fun($p) { | ||
| 14 | return "my_other_fun: $p"; | ||
| 15 | } | ||
| 16 | |||
| 17 | $a = my_fun("1337 1337 1337"); | 13 | $a = my_fun("1337 1337 1337"); |
| 18 | echo "Outside of eval: $a\n"; | 14 | echo "Outside of eval: $a\n"; |
| 19 | eval('$a = my_fun("1234");'); | 15 | eval('$a = my_fun("1234");'); |
| 20 | echo "After allowed eval: $a\n"; | 16 | echo "After allowed eval: $a\n"; |
| 21 | eval('$a = my_other_fun("1234");'); | 17 | eval('$a = cos(1234);'); |
| 22 | echo "After eval: $a\n"; | 18 | echo "After eval: $a\n"; |
| 23 | ?> | 19 | ?> |
| 24 | --EXPECTF-- | 20 | --EXPECTF-- |
| 25 | Outside of eval: my_fun: 1337 1337 1337 | 21 | Outside of eval: my_fun: 1337 1337 1337 |
| 26 | After allowed eval: my_fun: 1234 | 22 | After allowed eval: my_fun: 1234 |
| 27 | [snuffleupagus][0.0.0.0][Eval_whitelist][drop] The function 'my_other_fun' isn't in the eval whitelist, dropping its call. | 23 | [snuffleupagus][0.0.0.0][Eval_whitelist][drop] The function 'cos' isn't in the eval whitelist, dropping its call. |
diff --git a/src/tests/eval_whitelist.phpt b/src/tests/eval_whitelist.phpt new file mode 100644 index 0000000..1611288 --- /dev/null +++ b/src/tests/eval_whitelist.phpt | |||
| @@ -0,0 +1,27 @@ | |||
| 1 | --TEST-- | ||
| 2 | Eval whitelist | ||
| 3 | --SKIPIF-- | ||
| 4 | <?php if (!extension_loaded("snuffleupagus")) die "skip"; ?> | ||
| 5 | --INI-- | ||
| 6 | sp.configuration_file={PWD}/config/eval_whitelist.ini | ||
| 7 | --FILE-- | ||
| 8 | <?php | ||
| 9 | function my_fun($p) { | ||
| 10 | return "my_fun: $p"; | ||
| 11 | } | ||
| 12 | |||
| 13 | function my_other_fun($p) { | ||
| 14 | return "my_other_fun: $p"; | ||
| 15 | } | ||
| 16 | |||
| 17 | $a = my_fun("1337 1337 1337"); | ||
| 18 | echo "Outside of eval: $a\n"; | ||
| 19 | eval('$a = my_fun("1234");'); | ||
| 20 | echo "After allowed eval: $a\n"; | ||
| 21 | eval('$a = my_other_fun("1234");'); | ||
| 22 | echo "After eval: $a\n"; | ||
| 23 | ?> | ||
| 24 | --EXPECTF-- | ||
| 25 | Outside of eval: my_fun: 1337 1337 1337 | ||
| 26 | After allowed eval: my_fun: 1234 | ||
| 27 | [snuffleupagus][0.0.0.0][Eval_whitelist][drop] The function 'my_other_fun' isn't in the eval whitelist, dropping its call. | ||