1 files changed, 67 insertions, 0 deletions
diff --git a/src/tests/dump_deny_writable_execution.phpt b/src/tests/dump_deny_writable_execution.phpt
new file mode 100644
index 0000000..c6dd6cd
--- /dev/null
+++ b/src/tests/dump_deny_writable_execution.phpt
@@ -0,0 +1,67 @@
+--TEST--
+Readonly execution attempt (simulation mode)
+--SKIPIF--
+<?php
+if (!extension_loaded("snuffleupagus")) print "skip";
+// root has write privileges on any file
+if (TRUE == function_exists("posix_getuid")) {
+        if (0 == posix_getuid()) {
+                print "skip";
+        }
+} elseif (TRUE == function_exists("shell_exec")) {
+        if ("root" == trim(shell_exec("whoami"))) {
+                print "skip";
+        }
+}
+?>
+--POST--
+post_a=data_post_a_readonly&post_b=data_post_b_readonly
+--GET--
+get_a=data_get_a_readonly&get_b=data_get_b_readonly
+--COOKIE--
+cookie_a=data_cookie_a_readonly&cookie_b=data_cookie_b_readonly
+--INI--
+sp.configuration_file={PWD}/config/dump_deny_writable_execution.ini
+--FILE--
+<?php 
+@mkdir("/tmp/dump_result/");
+foreach (glob("/tmp/dump_result/sp_dump.*") as $dump) {
+    @unlink($dump);
+}
+$dir = __DIR__;
+// just in case
+@unlink("$dir/non_writable_file.txt");
+@unlink("$dir/writable_file.txt");
+file_put_contents("$dir/writable_file.txt", '<?php echo "Code execution within a writable file.\n";');
+file_put_contents("$dir/non_writable_file.txt", '<?php echo "Code execution within a non-writable file.\n";');
+chmod("$dir/writable_file.txt", 0777);
+chmod("$dir/non_writable_file.txt", 0400);
+include "$dir/writable_file.txt";
+include "$dir/non_writable_file.txt";
+$filename = glob('/tmp/dump_result/sp_dump.*')[0];
+$res = file($filename);
+if ($res[2] != "GET:get_a='data_get_a_readonly' get_b='data_get_b_readonly' \n") {
+    echo "1\n";
+} elseif ($res[3] != "POST:post_a='data_post_a_readonly' post_b='data_post_b_readonly' \n") {
+    echo "2\n";
+} elseif ($res[4] != "COOKIE:cookie_a='data_cookie_a_readonly&cookie_b=data_cookie_b_readonly' \n") {
+    echo "3\n";
+} else {
+        echo "WIN\n";
+}
+?>
+--EXPECTF--
+%a
+WIN
+--CLEAN--
+<?php
+$dir = __DIR__;
+chmod("$dir/non_writable_file.txt", 0777);
+chmod("$dir/writable_file.txt", 0777);
+unlink("$dir/non_writable_file.txt");
+unlink("$dir/writable_file.txt");
+?>

diff --git a/src/tests/dump_deny_writable_execution.phpt b/src/tests/dump_deny_writable_execution.phpt new file mode 100644 index 0000000..c6dd6cd --- /dev/null +++ b/src/tests/dump_deny_writable_execution.phpt
@@ -0,0 +1,67 @@
	1	--TEST--
	2	Readonly execution attempt (simulation mode)
	3	--SKIPIF--
	4	<?php
	5	if (!extension_loaded("snuffleupagus")) print "skip";
	6
	7	// root has write privileges on any file
	8	if (TRUE == function_exists("posix_getuid")) {
	9	if (0 == posix_getuid()) {
	10	print "skip";
	11	}
	12	} elseif (TRUE == function_exists("shell_exec")) {
	13	if ("root" == trim(shell_exec("whoami"))) {
	14	print "skip";
	15	}
	16	}
	17	?>
	18	--POST--
	19	post_a=data_post_a_readonly&post_b=data_post_b_readonly
	20	--GET--
	21	get_a=data_get_a_readonly&get_b=data_get_b_readonly
	22	--COOKIE--
	23	cookie_a=data_cookie_a_readonly&cookie_b=data_cookie_b_readonly
	24	--INI--
	25	sp.configuration_file={PWD}/config/dump_deny_writable_execution.ini
	26	--FILE--
	27	<?php
	28	@mkdir("/tmp/dump_result/");
	29	foreach (glob("/tmp/dump_result/sp_dump.*") as $dump) {
	30	@unlink($dump);
	31	}
	32	$dir = __DIR__;
	33
	34	// just in case
	35	@unlink("$dir/non_writable_file.txt");
	36	@unlink("$dir/writable_file.txt");
	37
	38	file_put_contents("$dir/writable_file.txt", '<?php echo "Code execution within a writable file.\n";');
	39	file_put_contents("$dir/non_writable_file.txt", '<?php echo "Code execution within a non-writable file.\n";');
	40	chmod("$dir/writable_file.txt", 0777);
	41	chmod("$dir/non_writable_file.txt", 0400);
	42	include "$dir/writable_file.txt";
	43	include "$dir/non_writable_file.txt";
	44
	45	$filename = glob('/tmp/dump_result/sp_dump.*')[0];
	46	$res = file($filename);
	47	if ($res[2] != "GET:get_a='data_get_a_readonly' get_b='data_get_b_readonly' \n") {
	48	echo "1\n";
	49	} elseif ($res[3] != "POST:post_a='data_post_a_readonly' post_b='data_post_b_readonly' \n") {
	50	echo "2\n";
	51	} elseif ($res[4] != "COOKIE:cookie_a='data_cookie_a_readonly&cookie_b=data_cookie_b_readonly' \n") {
	52	echo "3\n";
	53	} else {
	54	echo "WIN\n";
	55	}
	56	?>
	57	--EXPECTF--
	58	%a
	59	WIN
	60	--CLEAN--
	61	<?php
	62	$dir = __DIR__;
	63	chmod("$dir/non_writable_file.txt", 0777);
	64	chmod("$dir/writable_file.txt", 0777);
	65	unlink("$dir/non_writable_file.txt");
	66	unlink("$dir/writable_file.txt");
	67	?>