Better parsing of the rules

Thanks to this huge commit from @xXx-caillou-xXx, we can now write amazingly flexible rules.
author: xXx-caillou-xXx 2017-12-20 18:09:53 +0100
committer: jvoisin 2017-12-20 18:09:53 +0100
commit: e7f541396715ee2895abcf73044b91ae9b746201 (patch)
tree: ba0e9765e7f14f04b92585df1f3fcd1830ab4b00 /src/tests
parent: 8d6cc4f2b63c3f0dc31fe6cecd34ac023ea1cccb (diff)
72 files changed, 717 insertions, 29 deletions
diff --git a/src/tests/broken_conf_key_value.phpt b/src/tests/broken_conf_key_value.phpt
new file mode 100644
index 0000000..e9ee4a9
--- /dev/null
+++ b/src/tests/broken_conf_key_value.phpt
@@ -0,0 +1,9 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_key_value.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid configuration line: 'sp.disabled_functions.function("system").var("").value("").key("").drop();':`key` and `value` are mutually exclusive on line 1.
diff --git a/src/tests/broken_conf_local_var_1.phpt b/src/tests/broken_conf_local_var_1.phpt
new file mode 100644
index 0000000..a91d275
--- /dev/null
+++ b/src/tests/broken_conf_local_var_1.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_1.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `]` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value ']' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_10.phpt b/src/tests/broken_conf_local_var_10.phpt
new file mode 100644
index 0000000..8a7d9b9
--- /dev/null
+++ b/src/tests/broken_conf_local_var_10.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_10.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `]` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value 'asd[asd]asd' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_11.phpt b/src/tests/broken_conf_local_var_11.phpt
new file mode 100644
index 0000000..1817a3f
--- /dev/null
+++ b/src/tests/broken_conf_local_var_11.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_11.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `::` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value 'asd::' for `param` on line 1.
diff --git a/src/tests/broken_conf_local_var_12.phpt b/src/tests/broken_conf_local_var_12.phpt
new file mode 100644
index 0000000..0b52e2a
--- /dev/null
+++ b/src/tests/broken_conf_local_var_12.phpt
@@ -0,0 +1,9 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_12.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Empty value in `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_13.phpt b/src/tests/broken_conf_local_var_13.phpt
new file mode 100644
index 0000000..ca6be6d
--- /dev/null
+++ b/src/tests/broken_conf_local_var_13.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_13.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `->` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value 'asd->asd' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_14.phpt b/src/tests/broken_conf_local_var_14.phpt
new file mode 100644
index 0000000..cb7e455
--- /dev/null
+++ b/src/tests/broken_conf_local_var_14.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_14.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid var name: $i+valid var name .
+[snuffleupagus][0.0.0.0][config][error] Invalid value '$i+valid var name ' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_2.phpt b/src/tests/broken_conf_local_var_2.phpt
new file mode 100644
index 0000000..b67a492
--- /dev/null
+++ b/src/tests/broken_conf_local_var_2.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_2.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `"` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value '""asd' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_3.phpt b/src/tests/broken_conf_local_var_3.phpt
new file mode 100644
index 0000000..639d2ea
--- /dev/null
+++ b/src/tests/broken_conf_local_var_3.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_3.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `->` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value '$qwe->::' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_4.phpt b/src/tests/broken_conf_local_var_4.phpt
new file mode 100644
index 0000000..e50f9a6
--- /dev/null
+++ b/src/tests/broken_conf_local_var_4.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_4.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `"` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value '"asd"asd[]' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_5.phpt b/src/tests/broken_conf_local_var_5.phpt
new file mode 100644
index 0000000..0c0d59a
--- /dev/null
+++ b/src/tests/broken_conf_local_var_5.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_5.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `'` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value ''asd'asd[]' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_6.phpt b/src/tests/broken_conf_local_var_6.phpt
new file mode 100644
index 0000000..c51de24
--- /dev/null
+++ b/src/tests/broken_conf_local_var_6.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_6.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `'` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value '''asd' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_7.phpt b/src/tests/broken_conf_local_var_7.phpt
new file mode 100644
index 0000000..d3a0fa4
--- /dev/null
+++ b/src/tests/broken_conf_local_var_7.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_7.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `->` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value 'asd-->' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_8.phpt b/src/tests/broken_conf_local_var_8.phpt
new file mode 100644
index 0000000..749a1aa
--- /dev/null
+++ b/src/tests/broken_conf_local_var_8.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_8.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `]` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value 'asd[asd]"asd"' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_9.phpt b/src/tests/broken_conf_local_var_9.phpt
new file mode 100644
index 0000000..6f706db
--- /dev/null
+++ b/src/tests/broken_conf_local_var_9.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_9.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `]` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value 'asd[asd]'asd'' for `var` on line 1.
diff --git a/src/tests/config/broken_conf_key_value.ini b/src/tests/config/broken_conf_key_value.ini
new file mode 100644
index 0000000..a0edaf2
--- /dev/null
+++ b/src/tests/config/broken_conf_key_value.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("").value("").key("").drop();
diff --git a/src/tests/config/broken_conf_local_var_1.ini b/src/tests/config/broken_conf_local_var_1.ini
new file mode 100644
index 0000000..ae5165c
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_1.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("]").drop();
diff --git a/src/tests/config/broken_conf_local_var_10.ini b/src/tests/config/broken_conf_local_var_10.ini
new file mode 100644
index 0000000..93dd07f
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_10.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("asd[asd]asd").drop();
diff --git a/src/tests/config/broken_conf_local_var_11.ini b/src/tests/config/broken_conf_local_var_11.ini
new file mode 100644
index 0000000..028b1bd
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_11.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").param("asd::").drop();
diff --git a/src/tests/config/broken_conf_local_var_12.ini b/src/tests/config/broken_conf_local_var_12.ini
new file mode 100644
index 0000000..a151960
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_12.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("").drop();
diff --git a/src/tests/config/broken_conf_local_var_13.ini b/src/tests/config/broken_conf_local_var_13.ini
new file mode 100644
index 0000000..e7c9778
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_13.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("asd->asd").drop();
diff --git a/src/tests/config/broken_conf_local_var_14.ini b/src/tests/config/broken_conf_local_var_14.ini
new file mode 100644
index 0000000..6c98ec3
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_14.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("$i+valid var name ").drop();
diff --git a/src/tests/config/broken_conf_local_var_2.ini b/src/tests/config/broken_conf_local_var_2.ini
new file mode 100644
index 0000000..145a3b5
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_2.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("\"\"asd").drop();
diff --git a/src/tests/config/broken_conf_local_var_3.ini b/src/tests/config/broken_conf_local_var_3.ini
new file mode 100644
index 0000000..5d89076
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_3.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("\$qwe->::").drop();
diff --git a/src/tests/config/broken_conf_local_var_4.ini b/src/tests/config/broken_conf_local_var_4.ini
new file mode 100644
index 0000000..3ec073b
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_4.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("\"asd\"asd[]").drop();
diff --git a/src/tests/config/broken_conf_local_var_5.ini b/src/tests/config/broken_conf_local_var_5.ini
new file mode 100644
index 0000000..cd350b6
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_5.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("'asd'asd[]").drop();
diff --git a/src/tests/config/broken_conf_local_var_6.ini b/src/tests/config/broken_conf_local_var_6.ini
new file mode 100644
index 0000000..02f4f1a
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_6.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("''asd").drop();
diff --git a/src/tests/config/broken_conf_local_var_7.ini b/src/tests/config/broken_conf_local_var_7.ini
new file mode 100644
index 0000000..abbd223
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_7.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("asd-->").drop();
diff --git a/src/tests/config/broken_conf_local_var_8.ini b/src/tests/config/broken_conf_local_var_8.ini
new file mode 100644
index 0000000..fd18487
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_8.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("asd[asd]\"asd\"").drop();
diff --git a/src/tests/config/broken_conf_local_var_9.ini b/src/tests/config/broken_conf_local_var_9.ini
new file mode 100644
index 0000000..a311b86
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_9.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("asd[asd]\'asd\'").drop();
diff --git a/src/tests/config/config_disabled_functions_local_var_array.ini b/src/tests/config/config_disabled_functions_local_var_array.ini
new file mode 100644
index 0000000..15dd5a1
--- /dev/null
+++ b/src/tests/config/config_disabled_functions_local_var_array.ini
@@ -0,0 +1 @@
+sp.disable_function.function("foo").var("$a[test2][foo]").value("aaa").drop();
diff --git a/src/tests/config/config_disabled_functions_local_var_array_key.ini b/src/tests/config/config_disabled_functions_local_var_array_key.ini
new file mode 100644
index 0000000..75c840d
--- /dev/null
+++ b/src/tests/config/config_disabled_functions_local_var_array_key.ini
@@ -0,0 +1 @@
+sp.disable_function.function("foo").var("$a[test2][foo]").key("aaa").drop();
diff --git a/src/tests/config/config_disabled_functions_name_type.ini b/src/tests/config/config_disabled_functions_name_type.ini
index 25bdf98..c25b92c 100644
--- a/src/tests/config/config_disabled_functions_name_type.ini
+++ b/src/tests/config/config_disabled_functions_name_type.ini
@@ -1 +1 @@
-sp.disable_function.function_r("^strcmp$").param("str1").param_type("array").drop();
+sp.disable_function.function_r("^strcmp$").param("$str1").param_type("array").drop();
diff --git a/src/tests/config/config_disabled_functions_nul_byte.ini b/src/tests/config/config_disabled_functions_nul_byte.ini
index d5eb847..e664cba 100644
--- a/src/tests/config/config_disabled_functions_nul_byte.ini
+++ b/src/tests/config/config_disabled_functions_nul_byte.ini
@@ -1 +1 @@
-sp.disable_function.function("system").param("command").value_r("id").drop();
-\ No newline at end of file
+sp.disable_function.function("system").param("$command").value_r("id").drop();
diff --git a/src/tests/config/config_disabled_functions_param.ini b/src/tests/config/config_disabled_functions_param.ini
index 87f1b3c..dc1c949 100644
--- a/src/tests/config/config_disabled_functions_param.ini
+++ b/src/tests/config/config_disabled_functions_param.ini
@@ -1,6 +1,6 @@
-sp.disable_function.function("system").param("command").value_r("^id$").alias("1").drop();
+sp.disable_function.function("system").param("$command").value_r("^id$").alias("1").drop();
-sp.disable_function.function("array_sum").param("array").value_r("^8$").alias("2").drop();
+sp.disable_function.function("array_sum").param("$array").value_r("^8$").alias("2").drop();
-sp.disable_function.function("shell_exec").param("cmd").value("id").alias("3").drop();
+sp.disable_function.function("shell_exec").param("$cmd").value("id").alias("3").drop();
-sp.disable_function.function("shell_exec").param("cmd").value("bla").alias("4").drop();
+sp.disable_function.function("shell_exec").param("$cmd").value("bla").alias("4").drop();
-sp.disable_function.function("strcmp").param("str1").value("bla").alias("5").drop().simulation();
+sp.disable_function.function("strcmp").param("$str1").value("bla").alias("5").drop().simulation();
-sp.disable_function.function("strncmp").param("str1").value("bla").drop().simulation();
+sp.disable_function.function("strncmp").param("$str1").value("bla").drop().simulation();
diff --git a/src/tests/config/config_disabled_functions_param_allow.ini b/src/tests/config/config_disabled_functions_param_allow.ini
index 8e139e4..27d919a 100644
--- a/src/tests/config/config_disabled_functions_param_allow.ini
+++ b/src/tests/config/config_disabled_functions_param_allow.ini
@@ -1,3 +1,3 @@
-sp.disable_function.function("system").param("command").value("echo win").filename("/test.php").drop();
+sp.disable_function.function("system").param("$command").value("echo win").filename("/test.php").drop();
-sp.disable_function.function("system").param("command").value("echo win").allow();
+sp.disable_function.function("system").param("$command").value("echo win").allow();
 sp.disable_function.function("system").drop();
diff --git a/src/tests/config/config_disabled_functions_param_array.ini b/src/tests/config/config_disabled_functions_param_array.ini
index 0589ad8..6fe0615 100644
--- a/src/tests/config/config_disabled_functions_param_array.ini
+++ b/src/tests/config/config_disabled_functions_param_array.ini
@@ -1,4 +1,7 @@
-sp.disable_function.function("foo").param("arr").value("abcd").alias("1").drop();
+sp.disable_function.function("foo").param("$arr[a]").value("abcd").alias("1").drop();
-sp.disable_function.function("foo").param("arr[bla]").value("abcdef").alias("2").drop();
+sp.disable_function.function("foo").param("$arr[bla]").value("abcdef").alias("2").drop();
-sp.disable_function.function("foo").param("arr[test]").alias("3").drop();
+sp.disable_function.function("foo").param("$arr[test]").alias("3").drop();
-sp.disable_function.function("foo").param("arr[test2][foo][lol]").value("aaa").alias("4").drop();
+sp.disable_function.function("foo").param("$arr[test2][foo]").value("aaa").alias("4").drop();
+sp.disable_function.function("foo").param("$arr[test2][bar]").key("lol").alias("5").drop();
+sp.disable_function.function("foo").param("$arr[test2][bar]").key("123").alias("6").drop();
+sp.disable_function.function("foo").param("$qwe[a]").value("abcd").alias("7").drop();
diff --git a/src/tests/config/config_disabled_functions_param_int.ini b/src/tests/config/config_disabled_functions_param_int.ini
index 1c93c2f..2a7d962 100644
--- a/src/tests/config/config_disabled_functions_param_int.ini
+++ b/src/tests/config/config_disabled_functions_param_int.ini
@@ -1,2 +1,2 @@
-sp.disable_function.function("foobar").param("id").value("42").drop();
+sp.disable_function.function("foobar").param("$id").value("42").drop();
-sp.disable_function.function("foobar").param("id").value_r("^1337").drop();
+sp.disable_function.function("foobar").param("$id").value_r("^1337").drop();
diff --git a/src/tests/config/config_disabled_functions_param_r_array.ini b/src/tests/config/config_disabled_functions_param_r_array.ini
new file mode 100644
index 0000000..fcac71d
--- /dev/null
+++ b/src/tests/config/config_disabled_functions_param_r_array.ini
@@ -0,0 +1,2 @@
+sp.disable_function.function("foo").param_r("arr").value("abcd").alias("1").drop();
+sp.disable_function.function("foo").param_r("arr").key_r("abc").alias("2").drop();
diff --git a/src/tests/config/config_disabled_functions_param_runtime.ini b/src/tests/config/config_disabled_functions_param_runtime.ini
index e7a011f..e9d44a2 100644
--- a/src/tests/config/config_disabled_functions_param_runtime.ini
+++ b/src/tests/config/config_disabled_functions_param_runtime.ini
@@ -1 +1 @@
-sp.disable_function.function("test").param("param").value_r("1337").drop();
+sp.disable_function.function("test").param("$param").value_r("1337").drop();
diff --git a/src/tests/config/disabled_function_local_var.ini b/src/tests/config/disabled_function_local_var.ini
index cba2ae3..3d553c0 100644
--- a/src/tests/config/disabled_function_local_var.ini
+++ b/src/tests/config/disabled_function_local_var.ini
@@ -1,2 +1,10 @@
-sp.disable_function.function("phpinfo").var("b").value("1337").drop();
+sp.disable_function.function("phpinfo").var("$b").value("1337").drop();
-sp.disable_function.function("strlen").var("a").value("1337").drop();
+sp.disable_function.function("strlen").var("$a").value("1337").drop();
+sp.disable_function.function("strlen").var("$a['123']").value("block").drop();
+sp.disable_function.function("strlen").var("$a[$c]->prop").value("block").drop();
+sp.disable_function.function("strlen").var("$a->zxc").value("not a good value").drop();
+sp.disable_function.function("strlen").var("\\asd\\test_object::TEST_VALUE['constant']").value("no good").drop();
+sp.disable_function.function("strlen").var("\\asd\\test_object::TEST_VALUE").value("qwerty").drop();
+sp.disable_function.function("strlen").var("\\qwe\\ASD").value("qwerty").drop();
+sp.disable_function.function("strlen").var("\\qwe\\QWE['123']").value("asdfgh").drop();
+sp.disable_function.function("strlen").var("$qwe").value("block this").drop();
diff --git a/src/tests/config/disabled_function_local_var_2.ini b/src/tests/config/disabled_function_local_var_2.ini
new file mode 100644
index 0000000..e3e9ae6
--- /dev/null
+++ b/src/tests/config/disabled_function_local_var_2.ini
@@ -0,0 +1 @@
+sp.disable_function.function("strlen").var("$b['_GET[obj->nop]'][$b[456][$d->$idk->qwe[\\qwe\\UNE_CONSTANTE]]][$a]->uio").value("valeur de apres").drop();
diff --git a/src/tests/config/disabled_function_local_var_obj.ini b/src/tests/config/disabled_function_local_var_obj.ini
new file mode 100644
index 0000000..df6b617
--- /dev/null
+++ b/src/tests/config/disabled_function_local_var_obj.ini
@@ -0,0 +1,3 @@
+sp.disable_function.function("strlen").var("$test->$test_array").value("value").drop();
+sp.disable_function.function("strlen").var("$arg->$test_array").value("value").drop();
+sp.disable_function.function("strlen").var("$test->$arg").value("nop_object").drop();
diff --git a/src/tests/config/disabled_function_super_global_var.ini b/src/tests/config/disabled_function_super_global_var.ini
index feac314..178a01a 100644
--- a/src/tests/config/disabled_function_super_global_var.ini
+++ b/src/tests/config/disabled_function_super_global_var.ini
@@ -1 +1 @@
-sp.disable_function.function("strlen").var("_GET[bla]").value("test2").drop();
+sp.disable_function.function("strlen").var("$_GET[bla]").value("test2").drop();
diff --git a/src/tests/config/disabled_functions_pos.ini b/src/tests/config/disabled_functions_pos.ini
index e7d12a9..2b4650d 100644
--- a/src/tests/config/disabled_functions_pos.ini
+++ b/src/tests/config/disabled_functions_pos.ini
@@ -1,2 +1,3 @@
 sp.disable_function.function("system").pos("1337").value("id").drop();
 sp.disable_function.function("system").pos("0").value("id").drop();
+sp.disable_function.function("system").pos("1").param_type("ARRAY").alias("1").drop();
diff --git a/src/tests/disabled_function_local_var_10.phpt b/src/tests/disabled_function_local_var_10.phpt
new file mode 100644
index 0000000..538d693
--- /dev/null
+++ b/src/tests/disabled_function_local_var_10.phpt
@@ -0,0 +1,44 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var.ini
+--FILE--
+<?php
+$qwe = Array('123' => Array('qwe'), '456' => Array('no block this'));
+var_dump($qwe);
+strlen("qwe");
+$qwe = Array('123' => Array('qwe'), '456' => Array(Array('block this')));
+var_dump($qwe);
+strlen("qwe");
+?>
+--EXPECTF--
+array(2) {
+  [123]=>
+  array(1) {
+    [0]=>
+    string(3) "qwe"
+  }
+  [456]=>
+  array(1) {
+    [0]=>
+    string(13) "no block this"
+  }
+}
+array(2) {
+  [123]=>
+  array(1) {
+    [0]=>
+    string(3) "qwe"
+  }
+  [456]=>
+  array(1) {
+    [0]=>
+    array(1) {
+      [0]=>
+      string(10) "block this"
+    }
+  }
+}
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_10.php:%d has been disabled.
diff --git a/src/tests/disabled_function_local_var_2.phpt b/src/tests/disabled_function_local_var_2.phpt
new file mode 100644
index 0000000..da0a3d2
--- /dev/null
+++ b/src/tests/disabled_function_local_var_2.phpt
@@ -0,0 +1,46 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var.ini
+--FILE--
+<?php 
+$a = 1338;
+function test(){
+    echo strlen("id") . "\n";
+}
+echo "Value of a: $a\n";
+test();
+$a = Array();
+$a['qwe'] = 'block';
+$a['123'] = 'nop';
+echo "Value of a:\n";
+var_dump($a);
+test();
+$a['123'] = 'block';
+echo "Value of a:\n";
+var_dump($a);
+test();
+?>
+--EXPECTF--
+Value of a: 1338
+2
+Value of a:
+array(2) {
+  ["qwe"]=>
+  string(5) "block"
+  [123]=>
+  string(3) "nop"
+}
+2
+Value of a:
+array(2) {
+  ["qwe"]=>
+  string(5) "block"
+  [123]=>
+  string(5) "block"
+}
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_2.php:%d has been disabled.
diff --git a/src/tests/disabled_function_local_var_3.phpt b/src/tests/disabled_function_local_var_3.phpt
new file mode 100644
index 0000000..d26b636
--- /dev/null
+++ b/src/tests/disabled_function_local_var_3.phpt
@@ -0,0 +1,45 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var.ini
+--FILE--
+<?php 
+function test(){
+    echo strlen("id") . "\n";
+}
+$a = Array();
+$c = '123';
+$a['qwe'] = 'qwe';
+$a['123'] = 'nop';
+echo "Value of a:\n";
+var_dump($a);
+test();
+$a[$c] = (Object)['prop' => 'block'];
+echo "Value of a:\n";
+var_dump($a);
+test();
+?>
+--EXPECTF--
+Value of a:
+array(2) {
+  ["qwe"]=>
+  string(3) "qwe"
+  [123]=>
+  string(3) "nop"
+}
+2
+Value of a:
+array(2) {
+  ["qwe"]=>
+  string(3) "qwe"
+  [123]=>
+  object(stdClass)#1 (1) {
+    ["prop"]=>
+    string(5) "block"
+  }
+}
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_3.php:%d has been disabled.
diff --git a/src/tests/disabled_function_local_var_4.phpt b/src/tests/disabled_function_local_var_4.phpt
new file mode 100644
index 0000000..ae8d713
--- /dev/null
+++ b/src/tests/disabled_function_local_var_4.phpt
@@ -0,0 +1,56 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var_2.ini
+--FILE--
+<?php 
+namespace qwe {
+  const UNE_CONSTANTE = 'constant';
+}
+namespace asd {
+$b = Array();
+$b['_GET[obj->nop]'] = Array();
+$b['_GET[obj->nop]']["qwe"] = Array();
+$b[456] = Array();
+$b[456]['zxc'] = "qwe";
+$b[456]['nop'] = "nop";
+$b['_GET[obj->nop]']["qwe"][321] = "Yeay";
+$b["123"] = "qwe";
+$b["123a"] = "foo";
+$b["asd"] = "zxc";
+$b['_GET[obj->nop]']["qwe"][1337] = (Object)(['uio' => "valeur de apres"]);
+$b['_GET[obj->nop]']["qwe"][1338] = (Object)(['uio' => "valeur de a"]);
+$c = (Object)(['qwe' => Array(\qwe\UNE_CONSTANTE => 'zxc')]);
+$idk = 'test_asd';
+$class_name = 'test_object';
+class test_object {
+  const TEST_VALUE = ['constant' => 'truc'];
+  private $asd = "qwe";
+  public $qwe = 'bar';
+  private $test_asd = '';
+  function __construct($asd) {
+    $this->test_asd = $asd;
+  }
+  function do_a_barell_roll() {
+    var_dump($this->test_asd);
+  }
+}
+$d = new test_object($c);
+$a = 1338;
+function test(){
+  strlen("qwe");
+}
+echo "Valeur: " . $b['_GET[obj->nop]']["qwe"][$a]->uio . "\n";
+test();
+$a = 1337;
+echo "Valeur: " . $b['_GET[obj->nop]']["qwe"][$a]->uio . "\n";
+test();
+}
+?>
+--EXPECTF--
+Valeur: valeur de a
+Valeur: valeur de apres
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_4.php:%d has been disabled.
diff --git a/src/tests/disabled_function_local_var_5.phpt b/src/tests/disabled_function_local_var_5.phpt
new file mode 100644
index 0000000..d82574d
--- /dev/null
+++ b/src/tests/disabled_function_local_var_5.phpt
@@ -0,0 +1,33 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var.ini
+--FILE--
+<?php 
+function test(){
+    echo strlen("id") . "\n";
+}
+$a = Array();
+echo "Value of a:\n";
+var_dump($a);
+test();
+$a = (Object)['zxc' => 'not a good value'];
+echo "Value of a:\n";
+var_dump($a);
+test();
+?>
+--EXPECTF--
+Value of a:
+array(0) {
+}
+2
+Value of a:
+object(stdClass)#1 (1) {
+  ["zxc"]=>
+  string(16) "not a good value"
+}
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_5.php:%d has been disabled.
diff --git a/src/tests/disabled_function_local_var_6.phpt b/src/tests/disabled_function_local_var_6.phpt
new file mode 100644
index 0000000..90c1815
--- /dev/null
+++ b/src/tests/disabled_function_local_var_6.phpt
@@ -0,0 +1,31 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var.ini
+--FILE--
+<?php 
+namespace asd {
+function test(){
+  strlen("qwe");
+}
+echo "Valeur: " . \asd\test_object::TEST_VALUE['constant'] . "\n";
+test();
+class test_object {
+  const TEST_VALUE = ['constant' => 'no good'];
+  private $asd = "qwe";
+  public $qwe = 'bar';
+  private $test_asd = '';
+  function __construct($asd) {
+    $this->test_asd = $asd;
+  }
+  function do_a_barell_roll() {
+    var_dump($this->test_asd);
+  }
+}
+}
+?>
+--EXPECTF--
+Valeur: no good
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_6.php:%d has been disabled.
diff --git a/src/tests/disabled_function_local_var_7.phpt b/src/tests/disabled_function_local_var_7.phpt
new file mode 100644
index 0000000..7ab249a
--- /dev/null
+++ b/src/tests/disabled_function_local_var_7.phpt
@@ -0,0 +1,31 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var.ini
+--FILE--
+<?php
+namespace asd {
+function test(){
+  strlen("qwe");
+}
+echo "Valeur: " . \asd\test_object::TEST_VALUE . "\n";
+test();
+class test_object {
+  const TEST_VALUE = "qwerty";
+  private $asd = "qwe";
+  public $qwe = 'bar';
+  private $test_asd = '';
+  function __construct($asd) {
+    $this->test_asd = $asd;
+  }
+  function do_a_barell_roll() {
+    var_dump($this->test_asd);
+  }
+}
+}
+?>
+--EXPECTF--
+Valeur: qwerty
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_7.php:%d has been disabled.
diff --git a/src/tests/disabled_function_local_var_8.phpt b/src/tests/disabled_function_local_var_8.phpt
new file mode 100644
index 0000000..475b472
--- /dev/null
+++ b/src/tests/disabled_function_local_var_8.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var.ini
+--FILE--
+<?php
+namespace qwe {
+  const ASD = 'qwerty';
+}
+namespace asd {
+  const asd = 'qwe';
+  echo "Valeur: " . \qwe\ASD . "\n";
+  strlen("qwe");
+}
+?>
+--EXPECTF--
+Valeur: qwerty
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_8.php:%d has been disabled.
diff --git a/src/tests/disabled_function_local_var_9.phpt b/src/tests/disabled_function_local_var_9.phpt
new file mode 100644
index 0000000..fb65bc4
--- /dev/null
+++ b/src/tests/disabled_function_local_var_9.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var.ini
+--FILE--
+<?php
+namespace qwe {
+  const QWE = Array('123'=>'asdfgh');
+}
+namespace asd {
+  const asd = 'qwe';
+  echo "Valeur: " . \qwe\QWE[123]. "\n";
+  strlen("qwe");
+}
+?>
+--EXPECTF--
+Valeur: asdfgh
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_9.php:%d has been disabled.
diff --git a/src/tests/disabled_function_local_var_obj.phpt b/src/tests/disabled_function_local_var_obj.phpt
new file mode 100644
index 0000000..868ea4c
--- /dev/null
+++ b/src/tests/disabled_function_local_var_obj.phpt
@@ -0,0 +1,25 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var_obj.ini
+--FILE--
+<?php
+class test_class {
+  public $qwe = 'value';
+  function __construct($arg, $value) {
+    $this->$arg = $value;
+  }
+}
+$test_array = ['qwe'];
+$arg = 'qwe';
+$test = new test_class('qwe', 'qwe');
+echo strlen($test->$arg) . "\n";
+$test = new test_class('qwe', 'nop_object');
+echo strlen($test->$arg) . "\n";
+?>
+--EXPECTF--
+3
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_obj.php:%d has been disabled.
diff --git a/src/tests/disabled_functions_local_var_array.phpt b/src/tests/disabled_functions_local_var_array.phpt
new file mode 100644
index 0000000..2255cbf
--- /dev/null
+++ b/src/tests/disabled_functions_local_var_array.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Disable functions - match on an array value buried in several levels
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_disabled_functions_local_var_array.ini
+--FILE--
+<?php
+function foo($arr) {
+         echo $arr["a"]."\n";
+}
+$a=Array("test2"=>Array("pof"=>"pif", "foo"=>Array("lol"=>"bbb")), "a"=>"cccc");
+foo($a);
+$a=Array("test2"=>Array("foo"=>Array("lol"=>"aaa")), "a"=>"dddd");
+foo($a);
+?>
+--EXPECTF--
+cccc
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_local_var_array.php:3 has been disabled.
diff --git a/src/tests/disabled_functions_local_var_array_key.phpt b/src/tests/disabled_functions_local_var_array_key.phpt
new file mode 100644
index 0000000..4014c05
--- /dev/null
+++ b/src/tests/disabled_functions_local_var_array_key.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Disable functions - match on an array value buried in several levels
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_disabled_functions_local_var_array_key.ini
+--FILE--
+<?php
+function foo($arr) {
+         echo $arr["a"]."\n";
+}
+$a=Array("test2"=>Array("pof"=>"pif", "foo"=>Array("lol"=>"bbb")), "a"=>"cccc");
+foo($a);
+$a=Array("test2"=>Array("foo"=>Array("aaa"=>"ccc")), "a"=>"dddd");
+foo($a);
+?>
+--EXPECTF--
+cccc
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_local_var_array_key.php:3 has been disabled.
diff --git a/src/tests/disabled_functions_name_type.phpt b/src/tests/disabled_functions_name_type.phpt
index c5b24d6..1022238 100644
--- a/src/tests/disabled_functions_name_type.phpt
+++ b/src/tests/disabled_functions_name_type.phpt
@@ -11,4 +11,4 @@ echo strcmp([1,23], "pouet") . "\n";
 ?>
 --EXPECTF--
 0
-[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strcmp' in %a/disabled_functions_name_type.php:%d has been disabled, because its argument 'str1' content (?) matched a rule.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strcmp' in %a/disabled_functions_name_type.php:%d has been disabled, because its argument '$str1' content (ARRAY) matched a rule.
diff --git a/src/tests/disabled_functions_nul_byte.phpt b/src/tests/disabled_functions_nul_byte.phpt
index b4974a9..f03a8e4 100644
--- a/src/tests/disabled_functions_nul_byte.phpt
+++ b/src/tests/disabled_functions_nul_byte.phpt
@@ -11,4 +11,4 @@ system("id");
 ?>
 --EXPECTF--
-[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'system' in %a/tests/disabled_functions_nul_byte.php:2 has been disabled, because its argument 'command' content (0id) matched a rule.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'system' in %a/tests/disabled_functions_nul_byte.php:2 has been disabled, because its argument '$command' content (0id) matched a rule.
diff --git a/src/tests/disabled_functions_param.phpt b/src/tests/disabled_functions_param.phpt
index d9f8767..fe0e244 100644
--- a/src/tests/disabled_functions_param.phpt
+++ b/src/tests/disabled_functions_param.phpt
@@ -15,4 +15,4 @@ strcmp("bla", "ble");
 strncmp("bla", "ble", 2);
 ?>
 --EXPECTF--
-[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'system' in %a/disabled_functions_param.php:2 has been disabled, because its argument 'command' content (id) matched the rule '1'.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'system' in %a/disabled_functions_param.php:2 has been disabled, because its argument '$command' content (id) matched the rule '1'.
diff --git a/src/tests/disabled_functions_param_array.phpt b/src/tests/disabled_functions_param_array.phpt
index 5ca13aa..f023cfc 100644
--- a/src/tests/disabled_functions_param_array.phpt
+++ b/src/tests/disabled_functions_param_array.phpt
@@ -21,4 +21,4 @@ foo($a);
 --EXPECTF--
 test1
 abcde
-[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/disabled_functions_param_array.php:3 has been disabled, because its argument 'arr' content (Array) matched the rule '1'.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/disabled_functions_param_array.php:3 has been disabled, because its argument '$arr' content (abcd) matched the rule '1'.
diff --git a/src/tests/disabled_functions_param_array_deref.phpt b/src/tests/disabled_functions_param_array_deref.phpt
index 556cb06..1e8e31b 100644
--- a/src/tests/disabled_functions_param_array_deref.phpt
+++ b/src/tests/disabled_functions_param_array_deref.phpt
@@ -22,4 +22,4 @@ foo($a);
 --EXPECTF--
 eee
 abcdef
-[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_deref.php:3 has been disabled, because its argument 'arr' content (Array) matched the rule '2'.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_deref.php:3 has been disabled, because its argument '$arr' content (abcdef) matched the rule '2'.
diff --git a/src/tests/disabled_functions_param_array_no_value.phpt b/src/tests/disabled_functions_param_array_no_value.phpt
index 06b9839..ac1b5e0 100644
--- a/src/tests/disabled_functions_param_array_no_value.phpt
+++ b/src/tests/disabled_functions_param_array_no_value.phpt
@@ -19,4 +19,4 @@ foo($a);
 ?>
 --EXPECTF--
 cccc
-[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_no_value.php:3 has been disabled, because its argument 'arr' content (Array) matched the rule '3'.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_no_value.php:3 has been disabled, because its argument '$arr' content (aaa) matched the rule '3'.
diff --git a/src/tests/disabled_functions_param_array_r.phpt b/src/tests/disabled_functions_param_array_r.phpt
new file mode 100644
index 0000000..8bd85ce
--- /dev/null
+++ b/src/tests/disabled_functions_param_array_r.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Disable functions - match on an array using regexp
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_disabled_functions_param_r_array.ini
+--FILE--
+<?php
+function foo($arr) {
+         echo $arr["a"]."\n";
+}
+$a=Array("test2"=>"pof", "pof"=>"pif", "a"=>Array("qwe"=>"bbb"), "a"=>"cccc");
+foo($a);
+$a=Array("a"=>"abcd", "pof"=>"pif", "bar"=>Array("qwe"=>"bbb"), "b"=>"cccc");
+foo($a);
+?>
+--EXPECTF--
+cccc
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_r.php:3 has been disabled, because its argument 'arr' content (ARRAY) matched the rule '1'.
diff --git a/src/tests/disabled_functions_param_array_r_keys.phpt b/src/tests/disabled_functions_param_array_r_keys.phpt
new file mode 100644
index 0000000..e9ef50d
--- /dev/null
+++ b/src/tests/disabled_functions_param_array_r_keys.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Disable functions - match on an array using regexp
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_disabled_functions_param_r_array.ini
+--FILE--
+<?php
+function foo($arr) {
+         echo $arr["a"]."\n";
+}
+$a=Array("test2"=>"pof", "pof"=>"pif", "qwe"=>Array("qwe"=>"bbb"), "a"=>"cccc");
+foo($a);
+$a=Array("a"=>"", "pof"=>"pif", "bar"=>Array("qwe"=>"bbb"), "qweabcqwe"=>"nop");
+foo($a);
+?>
+--EXPECTF--
+cccc
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_r_keys.php:3 has been disabled, because its argument 'arr' content (ARRAY) matched the rule '2'.
diff --git a/src/tests/disabled_functions_param_array_several_levels.phpt b/src/tests/disabled_functions_param_array_several_levels.phpt
index cef6ded..f5665fb 100644
--- a/src/tests/disabled_functions_param_array_several_levels.phpt
+++ b/src/tests/disabled_functions_param_array_several_levels.phpt
@@ -17,4 +17,4 @@ foo($a);
 ?>
 --EXPECTF--
 cccc
-[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_several_levels.php:3 has been disabled, because its argument 'arr' content (Array) matched the rule '4'.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_several_levels.php:3 has been disabled, because its argument '$arr' content (ARRAY) matched the rule '4'.
diff --git a/src/tests/disabled_functions_param_array_several_levels_int.phpt b/src/tests/disabled_functions_param_array_several_levels_int.phpt
new file mode 100644
index 0000000..2e546f4
--- /dev/null
+++ b/src/tests/disabled_functions_param_array_several_levels_int.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Disable functions - match on an array value buried in several levels
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_disabled_functions_param_array.ini
+--FILE--
+<?php
+function foo($arr) {
+         echo $arr["a"]."\n";
+}
+$a=Array("test2"=>Array("pof"=>"pif", "foo"=>Array("lol"=>"bbb")), "a"=>"cccc");
+foo($a);
+$a=Array("test2"=>Array("foo"=>Array("123"=>"aaa")), "a"=>"dddd");
+foo($a);
+?>
+--EXPECTF--
+cccc
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_several_levels_int.php:3 has been disabled, because its argument '$arr' content (ARRAY) matched the rule '4'.
diff --git a/src/tests/disabled_functions_param_array_several_levels_keys.phpt b/src/tests/disabled_functions_param_array_several_levels_keys.phpt
new file mode 100644
index 0000000..1be59fc
--- /dev/null
+++ b/src/tests/disabled_functions_param_array_several_levels_keys.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Disable functions - match on an array value buried in several levels
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_disabled_functions_param_array.ini
+--FILE--
+<?php
+function foo($arr) {
+         echo $arr["a"]."\n";
+}
+$a=Array("test2"=>Array("pof"=>"pif", "bar"=>Array("qwe"=>"bbb")), "a"=>"cccc");
+foo($a);
+$a=Array("test2"=>Array("bar"=>Array("lol"=>"aaa")), "a"=>"dddd");
+foo($a);
+?>
+--EXPECTF--
+cccc
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_several_levels_keys.php:3 has been disabled, because its argument '$arr' content (ARRAY) matched the rule '5'.
diff --git a/src/tests/disabled_functions_param_array_several_levels_keys_int.phpt b/src/tests/disabled_functions_param_array_several_levels_keys_int.phpt
new file mode 100644
index 0000000..acb696f
--- /dev/null
+++ b/src/tests/disabled_functions_param_array_several_levels_keys_int.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Disable functions - match on an array value buried in several levels
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_disabled_functions_param_array.ini
+--FILE--
+<?php
+function foo($arr) {
+         echo $arr["a"]."\n";
+}
+$a=Array("test2"=>Array("pof"=>"pif", "bar"=>Array("qwe"=>"bbb")), "a"=>"cccc");
+foo($a);
+$a=Array("test2"=>Array("bar"=>Array("123"=>"aaa")), "a"=>"dddd");
+foo($a);
+?>
+--EXPECTF--
+cccc
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_several_levels_keys_int.php:3 has been disabled, because its argument '$arr' content (ARRAY) matched the rule '6'.
diff --git a/src/tests/disabled_functions_param_int.phpt b/src/tests/disabled_functions_param_int.phpt
index 0e6a62c..692009a 100644
--- a/src/tests/disabled_functions_param_int.phpt
+++ b/src/tests/disabled_functions_param_int.phpt
@@ -18,4 +18,4 @@ foobar("10");
 ?>
 --EXPECTF--
 1
-[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foobar' in %a/tests/disabled_functions_param_int.php:3 has been disabled, because its argument 'id' content (42) matched a rule.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foobar' in %a/tests/disabled_functions_param_int.php:3 has been disabled, because its argument '$id' content (42) matched a rule.
diff --git a/src/tests/disabled_functions_pos_type.phpt b/src/tests/disabled_functions_pos_type.phpt
new file mode 100644
index 0000000..7556440
--- /dev/null
+++ b/src/tests/disabled_functions_pos_type.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Disable functions - match on argument's position
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_pos.ini
+--FILE--
+<?php
+system([123, 456]);
+?>
+--EXPECTF--
+[snuffleupagus][0.0.0.0][config][error] It seems that you wrote a rule filtering on the 0th argument of the function 'system', but it takes only 2 arguments. Matching on _all_ arguments instead.
+[snuffleupagus][0.0.0.0][config][error] It seems that you wrote a rule filtering on the 1st argument of the function 'system', but it takes only 2 arguments. Matching on _all_ arguments instead.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'system' in %a/disabled_functions_pos_type.php:2 has been disabled, because its argument 'command' content (?) matched the rule '1'.
diff --git a/src/tests/disabled_functions_runtime.phpt b/src/tests/disabled_functions_runtime.phpt
index 1c6a141..1508735 100644
--- a/src/tests/disabled_functions_runtime.phpt
+++ b/src/tests/disabled_functions_runtime.phpt
@@ -23,7 +23,7 @@ test('1338');test('1337');
 ?>
 --EXPECTF--
 1338
-[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'test' in %a has been disabled, because its argument 'param' content (1337) matched a rule.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'test' in %a has been disabled, because its argument '$param' content (1337) matched a rule.
 --CLEAN--
 <?php
 unlink("file_to_include1.php");
author	xXx-caillou-xXx	2017-12-20 18:09:53 +0100
committer	jvoisin	2017-12-20 18:09:53 +0100
commit	e7f541396715ee2895abcf73044b91ae9b746201 (patch)
tree	ba0e9765e7f14f04b92585df1f3fcd1830ab4b00 /src/tests
parent	8d6cc4f2b63c3f0dc31fe6cecd34ac023ea1cccb (diff)