From 32476340c5fd3c76b86487a92fd5c5075342ca99 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Mon, 4 Dec 2017 16:09:50 +0100
Subject: Fix the configuration parser wrt. non-matching brackets

This validation step is a bit idiotic, but we'll replace it with a
proper parser anyway.
---
 src/tests/config/broken_conf_quotes.ini | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 src/tests/config/broken_conf_quotes.ini

(limited to 'src/tests/config')

diff --git a/src/tests/config/broken_conf_quotes.ini b/src/tests/config/broken_conf_quotes.ini
new file mode 100644
index 0000000..7c3b0cd
--- /dev/null
+++ b/src/tests/config/broken_conf_quotes.ini
@@ -0,0 +1,3 @@
+sp.disable_function.filename("static_pages/index.php").var("_SERVER[PHP_SELF").value_r("\"").drop().alias("XSS");
+sp.disable_function.filename("include/imageobject_im.class.php").function("exec").var("CONFIG[im_options]).value_r("[^a-z0-9]").drop();
+
-- 
cgit v1.3