From 868f96c759b6650d88ff9f4fbc5c048302134248 Mon Sep 17 00:00:00 2001
From: Sebastien Blot
Date: Wed, 20 Sep 2017 10:11:01 +0200
Subject: Initial import
---
src/tests/disable_xxe_xml_parse.phpt | 104 +++++++++++++++++++++++++++++++++++
1 file changed, 104 insertions(+)
create mode 100644 src/tests/disable_xxe_xml_parse.phpt
(limited to 'src/tests/disable_xxe_xml_parse.phpt')
diff --git a/src/tests/disable_xxe_xml_parse.phpt b/src/tests/disable_xxe_xml_parse.phpt
new file mode 100644
index 0000000..944bc38
--- /dev/null
+++ b/src/tests/disable_xxe_xml_parse.phpt
@@ -0,0 +1,104 @@
+--TEST--
+Disable XXE
+--SKIPIF--
+
+--INI--
+extension=`php-config --extension-dir`/xml.so
+sp.configuration_file={PWD}/config/disable_xxe.ini
+--FILE--
+
+
+]>
+&foo;
+EOD;
+
+file_put_contents('content.xml', $xml);
+
+function create_parser() {
+ $parser = xml_parser_create();
+ xml_set_element_handler(
+ $parser,
+ function($parser, $name, array $attributes) {
+ var_dump($name);
+ echo "\n";
+ var_dump($attributes);
+ },
+ function($parser, $name) {
+ var_dump($name);
+ }
+ );
+
+ xml_set_character_data_handler(
+ $parser,
+ function ($parser, $text){
+ echo 'text' . $text;
+ }
+ );
+
+ return $parser;
+}
+
+libxml_disable_entity_loader(true);
+$parser = create_parser();
+$doc = xml_parse($parser, $xml, true);
+xml_parser_free($parser);
+
+libxml_disable_entity_loader(false);
+$parser = create_parser();
+$doc = xml_parse($parser, $xml, true);
+xml_parser_free($parser);
+
+$xml = "foo";
+file_put_contents('content.xml', $xml);
+$parser = create_parser();
+$doc = xml_parse($parser, $xml, true);
+xml_parser_free($parser);
+
+--EXPECT--
+string(4) "TEST"
+
+array(0) {
+}
+string(7) "TESTING"
+
+array(0) {
+}
+string(7) "TESTING"
+string(4) "TEST"
+string(4) "TEST"
+
+array(0) {
+}
+string(7) "TESTING"
+
+array(0) {
+}
+string(7) "TESTING"
+string(4) "TEST"
+string(4) "TEST"
+
+array(0) {
+}
+string(7) "TESTING"
+
+array(0) {
+}
+textfoostring(7) "TESTING"
+string(4) "TEST"
+--CLEAN--
+
--
cgit v1.3