7 files changed, 148 insertions, 0 deletions
diff --git a/src/tests/harden_rand/config/config_rand_harden_disabled.ini b/src/tests/harden_rand/config/config_rand_harden_disabled.ini
new file mode 100644
index 0000000..b9cd227
--- /dev/null
+++ b/src/tests/harden_rand/config/config_rand_harden_disabled.ini
@@ -0,0 +1 @@
+sp.harden_random.disable();              
diff --git a/src/tests/harden_rand/config/harden_rand.ini b/src/tests/harden_rand/config/harden_rand.ini
new file mode 100644
index 0000000..89e19be
--- /dev/null
+++ b/src/tests/harden_rand/config/harden_rand.ini
@@ -0,0 +1 @@
+sp.harden_random.enable();
diff --git a/src/tests/harden_rand/disable_handen_rand.phpt b/src/tests/harden_rand/disable_handen_rand.phpt
new file mode 100644
index 0000000..70e1382
--- /dev/null
+++ b/src/tests/harden_rand/disable_handen_rand.phpt
@@ -0,0 +1,22 @@
+--TEST--
+Harden rand
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_rand_harden_disabled.ini
+--FILE--
+<?php 
+srand(0);
+$a =  rand(0,100)."\n";
+srand(0);
+$b = rand(0,100)."\n";
+srand(0);
+$c = rand(0,100)."\n";
+if ($a == $b && $a == $c) {
+    echo "win";
+} else {
+    echo "lose";
+}
+?>
+--EXPECT--
+win
diff --git a/src/tests/harden_rand/harden_mt_rand.phpt b/src/tests/harden_rand/harden_mt_rand.phpt
new file mode 100644
index 0000000..da1ac16
--- /dev/null
+++ b/src/tests/harden_rand/harden_mt_rand.phpt
@@ -0,0 +1,22 @@
+--TEST--
+Harden mt_rand
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/harden_rand.ini
+--FILE--
+<?php 
+mt_srand(0);
+$a = mt_rand(0,100)."\n";
+$b = mt_rand(0,100)."\n";
+mt_srand(0);
+$c = mt_rand(0,100)."\n";
+$d = mt_rand(0,100)."\n";
+if ($a == $c && $b == $d)
+    echo "a:$a, b:$b, c:$c, d:$d\n";
+else
+        echo 'win';
+?>
+--EXPECT--
+win
diff --git a/src/tests/harden_rand/harden_mt_rand_range.phpt b/src/tests/harden_rand/harden_mt_rand_range.phpt
new file mode 100644
index 0000000..0d5a5bf
--- /dev/null
+++ b/src/tests/harden_rand/harden_mt_rand_range.phpt
@@ -0,0 +1,16 @@
+--TEST--
+Harden mt_rand range
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/harden_rand.ini
+--FILE--
+<?php 
+for ($i=0; $i <=100; $i++) {
+  if (mt_rand(0,1) > 1) {
+    echo "Failed\n";
+  }
+}
+?>
+--EXPECT--
diff --git a/src/tests/harden_rand/harden_rand.phpt b/src/tests/harden_rand/harden_rand.phpt
new file mode 100644
index 0000000..336f5a7
--- /dev/null
+++ b/src/tests/harden_rand/harden_rand.phpt
@@ -0,0 +1,24 @@
+--TEST--
+Harden rand
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/harden_rand.ini
+--FILE--
+<?php 
+srand(0);
+$a = rand(0,1000)."\n";
+$b = rand(0,1000)."\n";
+srand(0);
+$c = rand(0,1000)."\n";
+$d = rand(0,1000)."\n";
+rand(100,0)."\n";
+if ($a == $c && $b == $d)
+    echo "a:$a, b:$b, c:$c, d:$d\n";
+else
+        echo 'win';
+?>
+--EXPECT--
+win
diff --git a/src/tests/harden_rand/harden_rand_noargs.phpt b/src/tests/harden_rand/harden_rand_noargs.phpt
new file mode 100644
index 0000000..dc7d832
--- /dev/null
+++ b/src/tests/harden_rand/harden_rand_noargs.phpt
@@ -0,0 +1,62 @@
+--TEST--
+Harden rand without any arguments
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/harden_rand.ini
+We should fix this
+--FILE--
+<?php 
+rand();
+mt_rand();
+rand(1);
+mt_rand(1);
+rand(1, 2);
+mt_rand(1, 2);
+rand(2, 1);
+mt_rand(2, 1);
+rand(2, 1, 0);
+mt_rand(2, 1, 0);
+rand("test", 1);
+mt_rand("test", 1);
+rand(1, "test");
+mt_rand(1, "test");
+rand(1, 2, "test");
+mt_rand(1, 2, "test");
+echo "Everything is fine\n";
+echo "Absolutely everything\n";
+echo 'Even with single quotes';
+?>
+--EXPECTF--
+Warning: rand() expects exactly 2 parameters, 1 given in %s/harden_rand_noargs.php on line %d
+Warning: mt_rand() expects exactly 2 parameters, 1 given in %s/harden_rand_noargs.php on line %d
+Warning: mt_rand(): max(1) is smaller than min(2) in %s/harden_rand_noargs.php on line %d
+Warning: rand() expects exactly 2 parameters, 3 given in %s/harden_rand_noargs.php on line %d
+Warning: mt_rand() expects exactly 2 parameters, 3 given in %s/harden_rand_noargs.php on line %d
+Warning: rand() expects parameter 1 to be in%s, string given in %s/harden_rand_noargs.php on line %d
+Warning: mt_rand() expects parameter 1 to be in%s, string given in %s/harden_rand_noargs.php on line %d
+Warning: rand() expects parameter 2 to be in%s, string given in %s/harden_rand_noargs.php on line %d
+Warning: mt_rand() expects parameter 2 to be in%s, string given in %s/harden_rand_noargs.php on line %d
+Warning: rand() expects exactly 2 parameters, 3 given in %s/harden_rand_noargs.php on line %d
+Warning: mt_rand() expects exactly 2 parameters, 3 given in %s/harden_rand_noargs.php on line %d
+Everything is fine
+Absolutely everything
+Even with single quotes

diff --git a/src/tests/harden_rand/config/config_rand_harden_disabled.ini b/src/tests/harden_rand/config/config_rand_harden_disabled.ini new file mode 100644 index 0000000..b9cd227 --- /dev/null +++ b/src/tests/harden_rand/config/config_rand_harden_disabled.ini
@@ -0,0 +1 @@
		sp.harden_random.disable();


diff --git a/src/tests/harden_rand/config/harden_rand.ini b/src/tests/harden_rand/config/harden_rand.ini new file mode 100644 index 0000000..89e19be --- /dev/null +++ b/src/tests/harden_rand/config/harden_rand.ini
@@ -0,0 +1 @@
		sp.harden_random.enable();


diff --git a/src/tests/harden_rand/disable_handen_rand.phpt b/src/tests/harden_rand/disable_handen_rand.phpt new file mode 100644 index 0000000..70e1382 --- /dev/null +++ b/src/tests/harden_rand/disable_handen_rand.phpt
@@ -0,0 +1,22 @@
	1	--TEST--
	2	Harden rand
	3	--SKIPIF--
	4	<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
	5	--INI--
	6	sp.configuration_file={PWD}/config/config_rand_harden_disabled.ini
	7	--FILE--
	8	<?php
	9	srand(0);
	10	$a = rand(0,100)."\n";
	11	srand(0);
	12	$b = rand(0,100)."\n";
	13	srand(0);
	14	$c = rand(0,100)."\n";
	15	if ($a == $b && $a == $c) {
	16	echo "win";
	17	} else {
	18	echo "lose";
	19	}
	20	?>
	21	--EXPECT--
	22	win


diff --git a/src/tests/harden_rand/harden_mt_rand.phpt b/src/tests/harden_rand/harden_mt_rand.phpt new file mode 100644 index 0000000..da1ac16 --- /dev/null +++ b/src/tests/harden_rand/harden_mt_rand.phpt
@@ -0,0 +1,22 @@
	1	--TEST--
	2	Harden mt_rand
	3	--SKIPIF--
	4	<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
	5	--INI--
	6	sp.configuration_file={PWD}/config/harden_rand.ini
	7	--FILE--
	8	<?php
	9	mt_srand(0);
	10	$a = mt_rand(0,100)."\n";
	11	$b = mt_rand(0,100)."\n";
	12	mt_srand(0);
	13	$c = mt_rand(0,100)."\n";
	14	$d = mt_rand(0,100)."\n";
	15
	16	if ($a == $c && $b == $d)
	17	echo "a:$a, b:$b, c:$c, d:$d\n";
	18	else
	19	echo 'win';
	20	?>
	21	--EXPECT--
	22	win


diff --git a/src/tests/harden_rand/harden_mt_rand_range.phpt b/src/tests/harden_rand/harden_mt_rand_range.phpt new file mode 100644 index 0000000..0d5a5bf --- /dev/null +++ b/src/tests/harden_rand/harden_mt_rand_range.phpt
@@ -0,0 +1,16 @@
	1	--TEST--
	2	Harden mt_rand range
	3	--SKIPIF--
	4	<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
	5	--INI--
	6	sp.configuration_file={PWD}/config/harden_rand.ini
	7	--FILE--
	8	<?php
	9	for ($i=0; $i <=100; $i++) {
	10	if (mt_rand(0,1) > 1) {
	11	echo "Failed\n";
	12	}
	13	}
	14
	15	?>
	16	--EXPECT--


diff --git a/src/tests/harden_rand/harden_rand.phpt b/src/tests/harden_rand/harden_rand.phpt new file mode 100644 index 0000000..336f5a7 --- /dev/null +++ b/src/tests/harden_rand/harden_rand.phpt
@@ -0,0 +1,24 @@
	1	--TEST--
	2	Harden rand
	3	--SKIPIF--
	4	<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
	5	--INI--
	6	sp.configuration_file={PWD}/config/harden_rand.ini
	7	--FILE--
	8	<?php
	9	srand(0);
	10	$a = rand(0,1000)."\n";
	11	$b = rand(0,1000)."\n";
	12	srand(0);
	13	$c = rand(0,1000)."\n";
	14	$d = rand(0,1000)."\n";
	15
	16	rand(100,0)."\n";
	17
	18	if ($a == $c && $b == $d)
	19	echo "a:$a, b:$b, c:$c, d:$d\n";
	20	else
	21	echo 'win';
	22	?>
	23	--EXPECT--
	24	win


diff --git a/src/tests/harden_rand/harden_rand_noargs.phpt b/src/tests/harden_rand/harden_rand_noargs.phpt new file mode 100644 index 0000000..dc7d832 --- /dev/null +++ b/src/tests/harden_rand/harden_rand_noargs.phpt
@@ -0,0 +1,62 @@
	1	--TEST--
	2	Harden rand without any arguments
	3	--SKIPIF--
	4	<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
	5	--INI--
	6	sp.configuration_file={PWD}/config/harden_rand.ini
	7	We should fix this
	8	--FILE--
	9	<?php
	10	rand();
	11	mt_rand();
	12
	13	rand(1);
	14	mt_rand(1);
	15
	16	rand(1, 2);
	17	mt_rand(1, 2);
	18
	19	rand(2, 1);
	20	mt_rand(2, 1);
	21
	22	rand(2, 1, 0);
	23	mt_rand(2, 1, 0);
	24
	25	rand("test", 1);
	26	mt_rand("test", 1);
	27
	28	rand(1, "test");
	29	mt_rand(1, "test");
	30
	31	rand(1, 2, "test");
	32	mt_rand(1, 2, "test");
	33
	34	echo "Everything is fine\n";
	35	echo "Absolutely everything\n";
	36	echo 'Even with single quotes';
	37	?>
	38	--EXPECTF--
	39	Warning: rand() expects exactly 2 parameters, 1 given in %s/harden_rand_noargs.php on line %d
	40
	41	Warning: mt_rand() expects exactly 2 parameters, 1 given in %s/harden_rand_noargs.php on line %d
	42
	43	Warning: mt_rand(): max(1) is smaller than min(2) in %s/harden_rand_noargs.php on line %d
	44
	45	Warning: rand() expects exactly 2 parameters, 3 given in %s/harden_rand_noargs.php on line %d
	46
	47	Warning: mt_rand() expects exactly 2 parameters, 3 given in %s/harden_rand_noargs.php on line %d
	48
	49	Warning: rand() expects parameter 1 to be in%s, string given in %s/harden_rand_noargs.php on line %d
	50
	51	Warning: mt_rand() expects parameter 1 to be in%s, string given in %s/harden_rand_noargs.php on line %d
	52
	53	Warning: rand() expects parameter 2 to be in%s, string given in %s/harden_rand_noargs.php on line %d
	54
	55	Warning: mt_rand() expects parameter 2 to be in%s, string given in %s/harden_rand_noargs.php on line %d
	56
	57	Warning: rand() expects exactly 2 parameters, 3 given in %s/harden_rand_noargs.php on line %d
	58
	59	Warning: mt_rand() expects exactly 2 parameters, 3 given in %s/harden_rand_noargs.php on line %d
	60	Everything is fine
	61	Absolutely everything
	62	Even with single quotes