From 032718b7cb93c4143877e355e9bcb6935d8cedcf Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Mon, 28 Dec 2020 20:45:33 +0100
Subject: Add tests for broken configuration on php8

---
 .../config/borken_conf_enable_disable.ini                        | 1 +
 .../config/borken_conf_upload_validation.ini                     | 1 +
 src/tests/broken_configuration_php8/config/broken_conf.ini       | 1 +
 src/tests/broken_configuration_php8/config/broken_conf2.ini      | 1 +
 .../config/broken_conf_cookie_action.ini                         | 1 +
 .../broken_conf_cookie_encryption_without_encryption_key.ini     | 2 ++
 .../config/broken_conf_cookie_encryption_without_env_var.ini     | 2 ++
 .../config/broken_conf_cookie_name_and_regexp.ini                | 2 ++
 .../config/broken_conf_cookie_samesite.ini                       | 1 +
 src/tests/broken_configuration_php8/config/broken_conf_eval.ini  | 1 +
 .../config/broken_conf_expecting_bool.ini                        | 5 +++++
 .../config/broken_conf_invalid_cidr.ini                          | 1 +
 .../config/broken_conf_invalid_cidr6.ini                         | 1 +
 .../config/broken_conf_invalid_cidr6_no_slash.ini                | 1 +
 .../config/broken_conf_invalid_cidr6_too_big.ini                 | 1 +
 .../config/broken_conf_invalid_cidr_value.ini                    | 1 +
 .../config/broken_conf_invalid_filename.ini                      | 1 +
 .../config/broken_conf_invalid_log_media.ini                     | 1 +
 .../config/broken_conf_invalid_type.ini                          | 1 +
 .../broken_configuration_php8/config/broken_conf_key_value.ini   | 1 +
 .../config/broken_conf_line_empty_string.ini                     | 1 +
 .../config/broken_conf_line_no_closing.ini                       | 1 +
 .../broken_configuration_php8/config/broken_conf_local_var_1.ini | 1 +
 .../config/broken_conf_local_var_10.ini                          | 1 +
 .../config/broken_conf_local_var_11.ini                          | 1 +
 .../config/broken_conf_local_var_12.ini                          | 1 +
 .../config/broken_conf_local_var_13.ini                          | 1 +
 .../config/broken_conf_local_var_14.ini                          | 1 +
 .../config/broken_conf_local_var_15.ini                          | 1 +
 .../config/broken_conf_local_var_16.ini                          | 1 +
 .../broken_configuration_php8/config/broken_conf_local_var_2.ini | 1 +
 .../broken_configuration_php8/config/broken_conf_local_var_3.ini | 1 +
 .../broken_configuration_php8/config/broken_conf_local_var_4.ini | 1 +
 .../broken_configuration_php8/config/broken_conf_local_var_5.ini | 1 +
 .../broken_configuration_php8/config/broken_conf_local_var_6.ini | 1 +
 .../broken_configuration_php8/config/broken_conf_local_var_7.ini | 1 +
 .../broken_configuration_php8/config/broken_conf_local_var_8.ini | 1 +
 .../broken_configuration_php8/config/broken_conf_local_var_9.ini | 1 +
 .../config/broken_conf_lots_of_quotes.ini                        | 1 +
 .../config/broken_conf_missing_script.ini                        | 1 +
 .../config/broken_conf_mutually_exclusive.ini                    | 1 +
 .../config/broken_conf_mutually_exclusive10.ini                  | 1 +
 .../config/broken_conf_mutually_exclusive11.ini                  | 1 +
 .../config/broken_conf_mutually_exclusive12.ini                  | 1 +
 .../config/broken_conf_mutually_exclusive2.ini                   | 1 +
 .../config/broken_conf_mutually_exclusive3.ini                   | 1 +
 .../config/broken_conf_mutually_exclusive4.ini                   | 1 +
 .../config/broken_conf_mutually_exclusive5.ini                   | 1 +
 .../config/broken_conf_mutually_exclusive6.ini                   | 1 +
 .../config/broken_conf_mutually_exclusive7.ini                   | 1 +
 .../config/broken_conf_mutually_exclusive8.ini                   | 1 +
 .../config/broken_conf_mutually_exclusive9.ini                   | 1 +
 .../config/broken_conf_nonexisting_script.ini                    | 1 +
 .../broken_configuration_php8/config/broken_conf_quotes.ini      | 3 +++
 .../config/broken_conf_readonly_exec.ini                         | 1 +
 .../config/broken_conf_session_encryption.ini                    | 1 +
 .../broken_conf_session_encryption_without_encryption_key.ini    | 2 ++
 .../config/broken_conf_session_encryption_without_env_var.ini    | 2 ++
 .../broken_configuration_php8/config/broken_conf_to_few_args.ini | 1 +
 .../broken_configuration_php8/config/broken_conf_unserialize.ini | 1 +
 .../config/broken_conf_weird_keyword.ini                         | 1 +
 .../config/broken_conf_wrapper_whitelist.ini                     | 1 +
 .../config/broken_conf_wrong_quotes.ini                          | 1 +
 .../broken_configuration_php8/config/broken_conf_wrong_type.ini  | 5 +++++
 .../broken_configuration_php8/config/broken_config_regexp.ini    | 1 +
 .../config/broken_config_regexp_no_closing_paren.ini             | 1 +
 src/tests/broken_configuration_php8/config/broken_regexp.ini     | 1 +
 .../config/config_broken_conf_truncated.ini                      | 1 +
 .../config/config_encrypted_cookies_noname.ini                   | 3 +++
 .../config/config_encrypted_regexp_cookies_bad_regexp.ini        | 3 +++
 .../config/config_unmatching_brackets.ini                        | 1 +
 .../broken_configuration_php8/config/disabled_functions_cidr.ini | 9 +++++++++
 72 files changed, 99 insertions(+)
 create mode 100644 src/tests/broken_configuration_php8/config/borken_conf_enable_disable.ini
 create mode 100644 src/tests/broken_configuration_php8/config/borken_conf_upload_validation.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf2.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_cookie_action.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_cookie_encryption_without_encryption_key.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_cookie_encryption_without_env_var.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_cookie_name_and_regexp.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_cookie_samesite.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_eval.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_expecting_bool.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6_no_slash.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6_too_big.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr_value.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_invalid_filename.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_invalid_log_media.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_invalid_type.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_key_value.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_line_empty_string.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_line_no_closing.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_local_var_1.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_local_var_10.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_local_var_11.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_local_var_12.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_local_var_13.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_local_var_14.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_local_var_15.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_local_var_16.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_local_var_2.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_local_var_3.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_local_var_4.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_local_var_5.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_local_var_6.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_local_var_7.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_local_var_8.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_local_var_9.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_lots_of_quotes.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_missing_script.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive10.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive11.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive12.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive2.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive3.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive4.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive5.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive6.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive7.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive8.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive9.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_nonexisting_script.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_quotes.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_readonly_exec.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_session_encryption.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_session_encryption_without_encryption_key.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_session_encryption_without_env_var.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_to_few_args.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_unserialize.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_weird_keyword.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_wrapper_whitelist.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_wrong_quotes.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_conf_wrong_type.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_config_regexp.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_config_regexp_no_closing_paren.ini
 create mode 100644 src/tests/broken_configuration_php8/config/broken_regexp.ini
 create mode 100644 src/tests/broken_configuration_php8/config/config_broken_conf_truncated.ini
 create mode 100644 src/tests/broken_configuration_php8/config/config_encrypted_cookies_noname.ini
 create mode 100644 src/tests/broken_configuration_php8/config/config_encrypted_regexp_cookies_bad_regexp.ini
 create mode 100644 src/tests/broken_configuration_php8/config/config_unmatching_brackets.ini
 create mode 100644 src/tests/broken_configuration_php8/config/disabled_functions_cidr.ini

(limited to 'src/tests/broken_configuration_php8/config')

diff --git a/src/tests/broken_configuration_php8/config/borken_conf_enable_disable.ini b/src/tests/broken_configuration_php8/config/borken_conf_enable_disable.ini
new file mode 100644
index 0000000..4e95294
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/borken_conf_enable_disable.ini
@@ -0,0 +1 @@
+sp.global_strict.disable().enable();
diff --git a/src/tests/broken_configuration_php8/config/borken_conf_upload_validation.ini b/src/tests/broken_configuration_php8/config/borken_conf_upload_validation.ini
new file mode 100644
index 0000000..7c94185
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/borken_conf_upload_validation.ini
@@ -0,0 +1 @@
+sp.upload_validation.script(
diff --git a/src/tests/broken_configuration_php8/config/broken_conf.ini b/src/tests/broken_configuration_php8/config/broken_conf.ini
new file mode 100644
index 0000000..0595320
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf.ini
@@ -0,0 +1 @@
+this is a broken line
diff --git a/src/tests/broken_configuration_php8/config/broken_conf2.ini b/src/tests/broken_configuration_php8/config/broken_conf2.ini
new file mode 100644
index 0000000..fdb6b8f
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf2.ini
@@ -0,0 +1 @@
+sp.wrong
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_cookie_action.ini b/src/tests/broken_configuration_php8/config/broken_conf_cookie_action.ini
new file mode 100644
index 0000000..5f07c28
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_cookie_action.ini
@@ -0,0 +1 @@
+sp.cookie.name("my_cookie_name");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_cookie_encryption_without_encryption_key.ini b/src/tests/broken_configuration_php8/config/broken_conf_cookie_encryption_without_encryption_key.ini
new file mode 100644
index 0000000..a100bd8
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_cookie_encryption_without_encryption_key.ini
@@ -0,0 +1,2 @@
+sp.global.cookie_env_var("MY_SUPER_ENV_VAR_YAY");
+sp.cookie.name("my_cookie_name").encrypt();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_cookie_encryption_without_env_var.ini b/src/tests/broken_configuration_php8/config/broken_conf_cookie_encryption_without_env_var.ini
new file mode 100644
index 0000000..54cb101
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_cookie_encryption_without_env_var.ini
@@ -0,0 +1,2 @@
+sp.global.secret_key("super secret encryption key");
+sp.cookie.name("my_cookie_name").encrypt();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_cookie_name_and_regexp.ini b/src/tests/broken_configuration_php8/config/broken_conf_cookie_name_and_regexp.ini
new file mode 100644
index 0000000..503889b
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_cookie_name_and_regexp.ini
@@ -0,0 +1,2 @@
+sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.cookie.name("my_cookie_name").name_r("my_cookie_regexp").encrypt();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_cookie_samesite.ini b/src/tests/broken_configuration_php8/config/broken_conf_cookie_samesite.ini
new file mode 100644
index 0000000..acc4aa0
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_cookie_samesite.ini
@@ -0,0 +1 @@
+sp.cookie.name("my_cookie_name").samesite("nop");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_eval.ini b/src/tests/broken_configuration_php8/config/broken_conf_eval.ini
new file mode 100644
index 0000000..80ef7e5
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_eval.ini
@@ -0,0 +1 @@
+sp.eval_blacklist.list("cos,sin
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_expecting_bool.ini b/src/tests/broken_configuration_php8/config/broken_conf_expecting_bool.ini
new file mode 100644
index 0000000..51c28b2
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_expecting_bool.ini
@@ -0,0 +1,5 @@
+    # this is an example of broken conf
+
+
+     ; this is another comment
+sp.harden_random.enable(1337);
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr.ini b/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr.ini
new file mode 100644
index 0000000..b1929c1
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").drop().cidr("127.0.0.1/42");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6.ini b/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6.ini
new file mode 100644
index 0000000..5e91faf
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").drop().cidr("2001:0db8:0000:0000:0000:ff00:0042:8329/ZZZ");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6_no_slash.ini b/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6_no_slash.ini
new file mode 100644
index 0000000..067209f
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6_no_slash.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").drop().cidr("2001:0db8:0000:0000:0000:ff00:0042:8329");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6_too_big.ini b/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6_too_big.ini
new file mode 100644
index 0000000..f82b18b
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6_too_big.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").drop().cidr("2001:0db8:0000:0000:0000:ff00:0042:8329/13337");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr_value.ini b/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr_value.ini
new file mode 100644
index 0000000..06a56bd
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr_value.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").drop().cidr("
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_invalid_filename.ini b/src/tests/broken_configuration_php8/config/broken_conf_invalid_filename.ini
new file mode 100644
index 0000000..1be3b51
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_invalid_filename.ini
@@ -0,0 +1 @@
+sp.disable_function.function("sprintf").filename("wrong file name").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_invalid_log_media.ini b/src/tests/broken_configuration_php8/config/broken_conf_invalid_log_media.ini
new file mode 100644
index 0000000..9e7cea0
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_invalid_log_media.ini
@@ -0,0 +1 @@
+sp.log_media("pouet");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_invalid_type.ini b/src/tests/broken_configuration_php8/config/broken_conf_invalid_type.ini
new file mode 100644
index 0000000..c52994e
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_invalid_type.ini
@@ -0,0 +1 @@
+sp.disable_function.function("strpos").ret_type("totally_wrong"_type")
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_key_value.ini b/src/tests/broken_configuration_php8/config/broken_conf_key_value.ini
new file mode 100644
index 0000000..a0edaf2
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_key_value.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("").value("").key("").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_line_empty_string.ini b/src/tests/broken_configuration_php8/config/broken_conf_line_empty_string.ini
new file mode 100644
index 0000000..dfa5520
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_line_empty_string.ini
@@ -0,0 +1 @@
+sp.cookie.name(
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_line_no_closing.ini b/src/tests/broken_configuration_php8/config/broken_conf_line_no_closing.ini
new file mode 100644
index 0000000..6a8c922
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_line_no_closing.ini
@@ -0,0 +1 @@
+sp.cookie.name("123"
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_1.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_1.ini
new file mode 100644
index 0000000..ae5165c
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_local_var_1.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("]").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_10.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_10.ini
new file mode 100644
index 0000000..93dd07f
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_local_var_10.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("asd[asd]asd").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_11.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_11.ini
new file mode 100644
index 0000000..028b1bd
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_local_var_11.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").param("asd::").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_12.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_12.ini
new file mode 100644
index 0000000..a151960
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_local_var_12.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_13.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_13.ini
new file mode 100644
index 0000000..e7c9778
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_local_var_13.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("asd->asd").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_14.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_14.ini
new file mode 100644
index 0000000..6c98ec3
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_local_var_14.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("$i+valid var name ").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_15.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_15.ini
new file mode 100644
index 0000000..a8dc5a4
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_local_var_15.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("$i$$!@#->qwe").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_16.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_16.ini
new file mode 100644
index 0000000..550719b
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_local_var_16.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("\"").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_2.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_2.ini
new file mode 100644
index 0000000..145a3b5
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_local_var_2.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("\"\"asd").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_3.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_3.ini
new file mode 100644
index 0000000..5d89076
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_local_var_3.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("\$qwe->::").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_4.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_4.ini
new file mode 100644
index 0000000..3ec073b
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_local_var_4.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("\"asd\"asd[]").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_5.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_5.ini
new file mode 100644
index 0000000..cd350b6
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_local_var_5.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("'asd'asd[]").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_6.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_6.ini
new file mode 100644
index 0000000..02f4f1a
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_local_var_6.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("''asd").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_7.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_7.ini
new file mode 100644
index 0000000..abbd223
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_local_var_7.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("asd-->").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_8.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_8.ini
new file mode 100644
index 0000000..fd18487
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_local_var_8.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("asd[asd]\"asd\"").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_9.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_9.ini
new file mode 100644
index 0000000..a311b86
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_local_var_9.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("asd[asd]\'asd\'").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_lots_of_quotes.ini b/src/tests/broken_configuration_php8/config/broken_conf_lots_of_quotes.ini
new file mode 100644
index 0000000..189a10d
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_lots_of_quotes.ini
@@ -0,0 +1 @@
+sp.cookie.name("this\"is a weird\"\"\"cookie\"name"");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_missing_script.ini b/src/tests/broken_configuration_php8/config/broken_conf_missing_script.ini
new file mode 100644
index 0000000..a46f590
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_missing_script.ini
@@ -0,0 +1 @@
+sp.upload_validation.enable();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive.ini
new file mode 100644
index 0000000..7ea483f
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").param("id").value("42").value_r("^id$").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive10.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive10.ini
new file mode 100644
index 0000000..da8426e
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive10.ini
@@ -0,0 +1 @@
+sp.readonly_exec.enable().disable();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive11.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive11.ini
new file mode 100644
index 0000000..cab163f
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive11.ini
@@ -0,0 +1 @@
+sp.disable_function.function("strcmp").drop().ret("hip").var("hop");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive12.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive12.ini
new file mode 100644
index 0000000..fe140db
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive12.ini
@@ -0,0 +1 @@
+sp.disable_function.function("strcmp").drop().ret("hip").value("hop");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive2.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive2.ini
new file mode 100644
index 0000000..3ff3ca7
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive2.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").function_r("system").param("id").value("42").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive3.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive3.ini
new file mode 100644
index 0000000..f4f7604
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive3.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").param("id").value("42").filename_r("^id$").filename("pouet.txt").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive4.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive4.ini
new file mode 100644
index 0000000..c38a727
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive4.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").param("id").value("42").param_r("^id$").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive5.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive5.ini
new file mode 100644
index 0000000..254b2a3
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive5.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").ret("0").drop().ret_r("^0$");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive6.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive6.ini
new file mode 100644
index 0000000..7c6712c
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive6.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").param("id").value("42").ret_r("^0$").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive7.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive7.ini
new file mode 100644
index 0000000..feb3486
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive7.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").ret("0").drop().allow();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive8.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive8.ini
new file mode 100644
index 0000000..c9c9ea2
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive8.ini
@@ -0,0 +1 @@
+sp.disable_function.ret("0").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive9.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive9.ini
new file mode 100644
index 0000000..7bf6a62
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive9.ini
@@ -0,0 +1 @@
+sp.unserialize_hmac.enable().disable();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_nonexisting_script.ini b/src/tests/broken_configuration_php8/config/broken_conf_nonexisting_script.ini
new file mode 100644
index 0000000..8327438
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_nonexisting_script.ini
@@ -0,0 +1 @@
+sp.upload_validation.enable().script("./non_existing_script.sh");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_quotes.ini b/src/tests/broken_configuration_php8/config/broken_conf_quotes.ini
new file mode 100644
index 0000000..eac8739
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_quotes.ini
@@ -0,0 +1,3 @@
+sp.disable_function.function("system").filename("/static_pages/index.php").var("_SERVER[PHP_SELF").value_r("\"").drop().alias("XSS");
+sp.disable_function.filename("include/imageobject_im.class.php").function("exec").var("CONFIG[im_options]).value_r("[^a-z0-9]").drop();
+
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_readonly_exec.ini b/src/tests/broken_configuration_php8/config/broken_conf_readonly_exec.ini
new file mode 100644
index 0000000..9e11313
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_readonly_exec.ini
@@ -0,0 +1 @@
+sp.readonly_exec.enable(1234);
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_session_encryption.ini b/src/tests/broken_configuration_php8/config/broken_conf_session_encryption.ini
new file mode 100644
index 0000000..66b7956
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_session_encryption.ini
@@ -0,0 +1 @@
+sp.session.encrypt(invalid value :/);
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_session_encryption_without_encryption_key.ini b/src/tests/broken_configuration_php8/config/broken_conf_session_encryption_without_encryption_key.ini
new file mode 100644
index 0000000..2b6f674
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_session_encryption_without_encryption_key.ini
@@ -0,0 +1,2 @@
+sp.global.cookie_env_var("MY_SUPER_ENV_VAR_YAY");
+sp.session.encrypt();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_session_encryption_without_env_var.ini b/src/tests/broken_configuration_php8/config/broken_conf_session_encryption_without_env_var.ini
new file mode 100644
index 0000000..43caf4a
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_session_encryption_without_env_var.ini
@@ -0,0 +1,2 @@
+sp.global.secret_key("super secret key, shhhh");
+sp.session.encrypt();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_to_few_args.ini b/src/tests/broken_configuration_php8/config/broken_conf_to_few_args.ini
new file mode 100644
index 0000000..89e19be
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_to_few_args.ini
@@ -0,0 +1 @@
+sp.harden_random.enable();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_unserialize.ini b/src/tests/broken_configuration_php8/config/broken_conf_unserialize.ini
new file mode 100644
index 0000000..9cdc9a6
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_unserialize.ini
@@ -0,0 +1 @@
+sp.unserialize_hmac.enable(1234);
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_weird_keyword.ini b/src/tests/broken_configuration_php8/config/broken_conf_weird_keyword.ini
new file mode 100644
index 0000000..bf5e7f5
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_weird_keyword.ini
@@ -0,0 +1 @@
+sp.harden_random.enable().not_a_valid_keyword("test");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_wrapper_whitelist.ini b/src/tests/broken_configuration_php8/config/broken_conf_wrapper_whitelist.ini
new file mode 100644
index 0000000..b8e08a8
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_wrapper_whitelist.ini
@@ -0,0 +1 @@
+sp.wrappers_whitelist.invalid_param();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_wrong_quotes.ini b/src/tests/broken_configuration_php8/config/broken_conf_wrong_quotes.ini
new file mode 100644
index 0000000..ff41f93
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_wrong_quotes.ini
@@ -0,0 +1 @@
+sp.cookie.name("\)
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_wrong_type.ini b/src/tests/broken_configuration_php8/config/broken_conf_wrong_type.ini
new file mode 100644
index 0000000..b2943db
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_conf_wrong_type.ini
@@ -0,0 +1,5 @@
+sp.disable_function.function("strpos").ret_type("undef").drop().alias("Return value is undef");
+sp.disable_function.function("strpos").ret_type("null").drop().alias("Return value is null");
+sp.disable_function.function("strpos").ret_type("object").drop().alias("Return value is object");
+sp.disable_function.function("strpos").ret_type("reference").drop().alias("Return value is reference");
+sp.disable_function.function("strpos").ret_type("totally_wrong_type").drop().alias("Return value is FALSE");
diff --git a/src/tests/broken_configuration_php8/config/broken_config_regexp.ini b/src/tests/broken_configuration_php8/config/broken_config_regexp.ini
new file mode 100644
index 0000000..62bed11
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_config_regexp.ini
@@ -0,0 +1 @@
+sp.disable_function.function_r("^system$").filename_r("*.").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_config_regexp_no_closing_paren.ini b/src/tests/broken_configuration_php8/config/broken_config_regexp_no_closing_paren.ini
new file mode 100644
index 0000000..93e150b
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_config_regexp_no_closing_paren.ini
@@ -0,0 +1 @@
+sp.disable_function.function_r("^system$").drop().filename_r("*."
diff --git a/src/tests/broken_configuration_php8/config/broken_regexp.ini b/src/tests/broken_configuration_php8/config/broken_regexp.ini
new file mode 100644
index 0000000..8e4bf69
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/broken_regexp.ini
@@ -0,0 +1 @@
+sp.disable_function.function("AwesomeClass::method3").param("a").drop().value_r("^$[");
diff --git a/src/tests/broken_configuration_php8/config/config_broken_conf_truncated.ini b/src/tests/broken_configuration_php8/config/config_broken_conf_truncated.ini
new file mode 100644
index 0000000..bf05dfb
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/config_broken_conf_truncated.ini
@@ -0,0 +1 @@
+sp.disable_function.function("").param(no quote, omg!
diff --git a/src/tests/broken_configuration_php8/config/config_encrypted_cookies_noname.ini b/src/tests/broken_configuration_php8/config/config_encrypted_cookies_noname.ini
new file mode 100644
index 0000000..048e404
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/config_encrypted_cookies_noname.ini
@@ -0,0 +1,3 @@
+sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.cookie.name("").encrypt();
+sp.auto_cookie_secure.enable();
diff --git a/src/tests/broken_configuration_php8/config/config_encrypted_regexp_cookies_bad_regexp.ini b/src/tests/broken_configuration_php8/config/config_encrypted_regexp_cookies_bad_regexp.ini
new file mode 100644
index 0000000..4fe92fd
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/config_encrypted_regexp_cookies_bad_regexp.ini
@@ -0,0 +1,3 @@
+sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.cookie.name_r("^super_co[a-z+$").encrypt();
+sp.auto_cookie_secure.enable();
diff --git a/src/tests/broken_configuration_php8/config/config_unmatching_brackets.ini b/src/tests/broken_configuration_php8/config/config_unmatching_brackets.ini
new file mode 100644
index 0000000..45fa4fe
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/config_unmatching_brackets.ini
@@ -0,0 +1 @@
+sp.disable_function.function("foo").param("arr[b]]]]]").value("aaa").alias("4").drop();
diff --git a/src/tests/broken_configuration_php8/config/disabled_functions_cidr.ini b/src/tests/broken_configuration_php8/config/disabled_functions_cidr.ini
new file mode 100644
index 0000000..f69ce07
--- /dev/null
+++ b/src/tests/broken_configuration_php8/config/disabled_functions_cidr.ini
@@ -0,0 +1,9 @@
+sp.disable_function.function("system").drop().cidr("2001:ab9:a::123/64");
+sp.disable_function.function("system").drop().cidr("192.168.0.1/16");
+sp.disable_function.function("system").drop().cidr("127.0.0.1/8");
+sp.disable_function.function("printf").drop().cidr("10.0.0.1/8");
+sp.disable_function.function("strpos").drop().cidr("127.0.0.2/4");
+sp.disable_function.function("strpos").drop().cidr("::ffff:192.0.2.128/128");
+sp.disable_function.function("strpos").drop().cidr("2001:ab9:a::123/64");
+sp.disable_function.function("strpos").drop().cidr("2001:0db8:f000:f000:f000:ff00:0042:8329/124");
+sp.disable_function.function("printf").drop().cidr("2002:0db8:0000:0000:0000:ff00:0042:8329/24");
-- 
cgit v1.3